Overview

URLmwrppzksdm.duckdns.org/
IP 81.17.22.78 (Switzerland)
ASN#51852 Private Layer INC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-23 10:56:56 UTC
StatusLoading report..
IDS alerts0
Blocklist alert9
urlquery alerts
33
DynDNS domain detected
Tags None

Domain Summary (9)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-23 08:34:06 UTC 93.184.220.29
ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-23 04:45:50 UTC 104.18.21.226
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
mwrppzksdm.duckdns.org (32) 0 No data No data 81.17.22.78 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.115
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:49:01 UTC 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
js.users.51.la (1) 53024 2012-05-30 15:10:11 UTC 2022-09-23 04:03:03 UTC 103.143.19.103

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 mwrppzksdm.duckdns.org/ Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/script.js Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/include.js Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/l3.js Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/category-script.b3s.js Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/index.js Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/category-script.u96.js Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/jquery-3.4.1.min.js Phishing
2022-09-23 2 mwrppzksdm.duckdns.org/static/js/l3-vendor.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 81.17.22.78
Date UQ / IDS / BL URL IP
2023-01-28 03:01:18 +0000 11 - 14 - 5 noihuoutwb.duckdns.org/ 81.17.22.78
2022-10-08 17:24:45 +0000 34 - 0 - 9 gkykxnqjmm.duckdns.org/ 81.17.22.78
2022-10-08 17:24:12 +0000 34 - 0 - 9 frlwqvclir.duckdns.org/ 81.17.22.78
2022-10-08 17:24:00 +0000 33 - 0 - 9 qafyyxiaje.duckdns.org/ 81.17.22.78
2022-09-26 23:32:44 +0000 32 - 0 - 9 kkzqxbfmwb.duckdns.org/ 81.17.22.78


Last 5 reports on ASN: Private Layer INC
Date UQ / IDS / BL URL IP
2023-02-05 09:25:13 +0000 27 - 31 - 0 qhfhrvxgtj.duckdns.org/ 179.43.149.17
2023-02-05 08:42:06 +0000 0 - 4 - 1 soka.root.sx/bins/bot.m68k 179.43.155.157
2023-02-05 06:55:54 +0000 0 - 5 - 2 179.43.155.247/cc.exe 179.43.155.247
2023-02-05 00:01:38 +0000 0 - 0 - 8 ieuchanesz.co.uk/boy/panelnew/admin.php 81.17.18.195
2023-02-05 00:01:38 +0000 0 - 0 - 7 ieuchanesz.co.uk/archie/panelnew/admin.php 81.17.18.195


Last 1 reports on domain: mwrppzksdm.duckdns.org
Date UQ / IDS / BL URL IP
2022-09-23 10:56:56 +0000 33 - 0 - 9 mwrppzksdm.duckdns.org/ 81.17.22.78


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-18 06:51:40 +0000 33 - 0 - 0 bldysacjyf.duckdns.org/ 179.43.149.18
2022-10-18 06:42:47 +0000 34 - 0 - 0 pgjfvdkahy.duckdns.org/ 179.43.149.18
2022-10-08 18:38:08 +0000 33 - 0 - 9 dxjibulfyy.duckdns.org/ 179.43.149.17
2022-10-08 17:31:21 +0000 33 - 0 - 9 ckckvrfern.duckdns.org/ 179.43.149.16
2022-10-08 17:31:09 +0000 33 - 0 - 9 qlnbiceqzz.duckdns.org/ 179.43.149.17

JavaScript

Executed Scripts (12)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (50)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Sun, 14 Aug 2022 09:50:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f8c575-4521"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   5123
Md5:    46623fe8a50aef16c5c02bb64efbb404
Sha1:   72dd4a3f4685ed3596648c0c71cff630c1fb046f
Sha256: 161d7fc9ca40a5e544c48fec7c542bf1e5d8e0a0f65f12653ed414b09b171347

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 10:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YBBqSaDxthcFegnJpSh7qKdjExJWPmg_0Y5NMbCpwyGlLra_wCrAUA==
Age: 2558


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15445
Expires: Fri, 23 Sep 2022 15:14:10 GMT
Date: Fri, 23 Sep 2022 10:56:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5567
Expires: Fri, 23 Sep 2022 12:29:32 GMT
Date: Fri, 23 Sep 2022 10:56:45 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 8VOFcMIkXQm7KBiKM/UIhRk/mxlNHZOBcT23WxJcd/HAeRdXPG14cORs7PPx1lHo8c2XXbeTLMc=
x-amz-request-id: 79A0HP525DJMGFX6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 10:46:57 GMT
age: 588
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 10:56:45 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /static/js/script.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Length: 811
Last-Modified: Mon, 17 Jan 2022 04:34:08 GMT
Connection: keep-alive
ETag: "61e4f1c0-32b"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   811
Md5:    ba3b83549689e44da226639480c0017b
Sha1:   0ef34e12591f37e4beaaa38d15c1b02261bb3d69
Sha256: a7f1c847cab7e7373cd60145c23ff3754c1fd8964f0869fee05086a1eeb8433e

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/js/include.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Length: 986
Last-Modified: Wed, 15 Jun 2022 00:44:42 GMT
Connection: keep-alive
ETag: "62a92b7a-3da"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (986), with no line terminators
Size:   986
Md5:    a0fa9a30837c148de901efe647581548
Sha1:   4fd19808ae90de8ebb754f6393ac31f9f5dc7136
Sha256: a10a77d117e4116aca9e1a8714c513d88c0cacf6ca0a38f0eccfd537cb12e852

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/css/index.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Fri, 17 Jun 2022 08:57:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ac4214-cc8c"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (52202), with CRLF line terminators
Size:   8087
Md5:    48b01f6c590c1a85043d2504f390e885
Sha1:   636c68ff8301ccee0f82fe1409dcf2b19b07c3a2
Sha256: 268707d2c12e0a32b6759e01ac44a86f80b348c896fb7ec95ab0778eac0272a8

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/css/index_3.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-6e0"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (1724)
Size:   733
Md5:    964e69610acc365a518e0bd6b43b26fc
Sha1:   b08cf12421bd189a8d8d554824e1e39f92941926
Sha256: 31fd8e1b939868bb01340034851f019b43b1ff2a051cf9c0f38efb36a68410da

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/css/category-style.b3s.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-6cd"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1740)
Size:   575
Md5:    1cc3e67431044e93fa8c1003c4913c65
Sha1:   f25dbe2335fdde4b68a765d01f389e39250cf20b
Sha256: c3b77d80675a0f5ee063cb63d844d5e795ba008451ba4954d06c1f99dc79b894

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/js/l3.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b76-15502"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (65350), with no line terminators
Size:   24415
Md5:    b1d371c24a5e4147ed3bf3e4a52694f2
Sha1:   ed9e86064fd83d43f1c225515100b06b0eb12154
Sha256: 3dee7c47e4ae45f6a846cce11056d056620edc0184c57a1c679223a1f5977059

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/css/category-style.u96.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-1d42"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (7490), with no line terminators
Size:   1261
Md5:    69ab534ee455fd99e7bad3cdb6f39af6
Sha1:   35ade55cfa2d1735f0a5ffcb9d7738b128b20bee
Sha256: 41fb481e206ceaa7fd95598fc15c17d75d3788cf8e033499c0ccd5d07e89efb0

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/js/category-script.b3s.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b78-102e0"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (56251)
Size:   24928
Md5:    fac597c7b9c5343327637dd246dae053
Sha1:   897606fbf0b7d657fc0e9481059e2de7bafbb322
Sha256: b3c3c82ae507916dea08ae3b7856911315352d97a5dd29703ed9458679eabd89

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/css/l3.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-9bab0"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   57845
Md5:    30ba2bd45c9c1f382f477bb670a2938c
Sha1:   8433af88f080303a8fe4a52ddb25cfe515aa23e1
Sha256: 3c57efc25b49e7511e4f922301f598bb3982e030d6d599387b9dc75954380f35

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/js/index.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b74-20f42"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (29928)
Size:   47638
Md5:    576c8f9c4c5d93940f941f44fc82b63c
Sha1:   8bd776191d34f5b7643c34e083c779e32149fd8c
Sha256: cb1288069833c78e069e51e4e47857e59ce2a49ee0b27a2a0079efa129d24c5f

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/js/category-script.u96.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b78-f699"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (44631)
Size:   24218
Md5:    d98a4e82912228677b7e93c5f4bb6067
Sha1:   85da372e907607953868993f9a7bbb433eac1ef3
Sha256: c8e8dfa5d289fb15f311eae99fef552044eafe308e04f75629256dbea143cb4b

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/css/style.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Fri, 17 Jun 2022 07:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ac308a-f211"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   9060
Md5:    90c03682247570827e8cabd5e3260339
Sha1:   bff6cf3155b5fec688dae91c4fdb11269cfe6a72
Sha256: db48a61a3b76dbeea8cd67306ca0ef1317f11a9adf6f751e600bacad988ddb4d

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/css/rf2-style.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 14:44:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a9f04a-91d6"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37237)
Size:   8285
Md5:    7d756a6c2884ef06889eb91355f6548a
Sha1:   2e4c1667f6243e63e5bcca8e81416d0e8bfb6506
Sha256: a7961973c41d4bb9c92e7213db5708b2a176c74097abffe6512aeda20322e25c

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/css/tk-modules.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 14:45:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a9f094-22c6c"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   27288
Md5:    32d97cb4d2380a76ca1f0b8e580e9370
Sha1:   7745f4657290dbbedf372a69c36f0409496bebaf
Sha256: 7fe74313cc21cc3fcf7c9d13f0bbf63d673ba61caf7d8b1a42bc5ba2744d1fbe

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/css/index4.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 14:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a9f0be-6dd"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1724)
Size:   727
Md5:    7d032edb5155e6125303f7c4e22cc0e2
Sha1:   a38b2dae1103da05a949db7038b5674f7d7135d0
Sha256: 6468666ba5a2e11c94d312528f1e0d22065102bb0b69a575efbd28535c684414

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/css/common.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Length: 708
Last-Modified: Fri, 17 Jun 2022 09:36:04 GMT
Connection: keep-alive
ETag: "62ac4b04-2c4"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   708
Md5:    359976b7ab3aa7d17f2ead1fed43b310
Sha1:   1319798935873884bbfa33f452e22151972f9ca6
Sha256: cd10bb2782532af4506497456794ee52d633f928597ea2751c080634c1474575

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/js/jquery-3.4.1.min.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Fri, 11 Jun 2021 10:56:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c3415c-15851"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   34489
Md5:    45088a63622db0550345f7aa58c3e3bb
Sha1:   4bf834aedeaac7a1919bdb5b6ee17419b9181171
Sha256: c7ca6923bc404e521d3690b3a2e7464c3c6e3e6bc618ca7cd7d6910fb188938f

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/css/index_1.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-2bd3"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (11146)
Size:   2342
Md5:    c6178b67fe5ef2de6c28fba36a9d1895
Sha1:   b27f3e1181891fb7efd416d96305b80e833436fb
Sha256: a90d28adb89868370c5d569d6aec42089408a05d2101eacd1f6a8e77710bc7c9

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/css/l3-base.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-a093"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (41105), with CRLF line terminators
Size:   6432
Md5:    97abe39b078280fdeac27588893a4184
Sha1:   15d5b284fd065a14aa3dd6c1ef3e1240ff84bbb3
Sha256: d7d0922c62255f3cb0142c19e6724e3bdae800c9e6d3d5050d5720a610d20ce7

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/js/l3-vendor.js HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Wed, 15 Jun 2022 00:44:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b7e-345e5"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (43955), with CRLF line terminators
Size:   77535
Md5:    99c2edccb60619c3626ba16ca00efa7f
Sha1:   544ef46da1bc83ef9482c5a56c441760ad075b43
Sha256: 51f8a3d68ba4d15dbc0fc3983e4800d5a3ce16f5556d2f5b3a9cd73ca00aea6a

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 10:03:22 GMT
Expires: Fri, 23 Sep 2022 10:23:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: r1yv_ZhnWAHGQCgytUoWAOlRYkPdozd0pi7uRW1GZr3eMjxrT6hfAg==
Age: 3203


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5198
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 10:56:46 GMT
Last-Modified: Fri, 23 Sep 2022 09:30:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:56:58 GMT
ETag: "d7afd544cb4ff2e8b5b1b1b604175446bbb1e1c7"
Last-Modified: Fri, 23 Sep 2022 09:56:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3397
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f2c170ca3fb51d-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    140438606dfec59ac72072c83068d09e
Sha1:   d7afd544cb4ff2e8b5b1b1b604175446bbb1e1c7
Sha256: 96a81922c699f53d206d4275614c29c96512b64adda5052f7f13dc67f78b9875
                                        
                                            GET /static/css/clientlib-base.min.d9d23f388ff7b590ff7ec23366ca0e99.css HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Last-Modified: Fri, 17 Jun 2022 07:41:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ac3034-de4e8"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /21298303.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Fri, 23 Sep 2022 10:56:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=bb1a628f7b6b02d2228; path=/ HWWAFSESTIME=1663930604610; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2311
Md5:    c2851ca4626bd9f22446e3a725902a01
Sha1:   a27bc1a124c6bef5c52c948662f8876cd8383a5a
Sha256: 24eeefe4f2ed041b88b290d071a1dc0664e0decd35e3115df71d34b46f81ef6d
                                        
                                            GET /footer_logo.png HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 5389
Last-Modified: Fri, 12 Aug 2022 06:07:15 GMT
Connection: keep-alive
ETag: "62f5ee13-150d"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 190 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size:   5389
Md5:    71d75563c7da9c7332a53ed62db57f42
Sha1:   db101f14373ce7536c6ff07157dbc45b67220470
Sha256: a9b31193d372a54cb3e13551db2e5a3c74cf1f160ec38f2f41b572f2d75b8a9b

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/5.jpg HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 106241
Last-Modified: Fri, 17 Jun 2022 08:04:06 GMT
Connection: keep-alive
ETag: "62ac3576-19f01"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1074x2016, components 3\012- data
Size:   106241
Md5:    a702baf82f650338405df43b201cca4d
Sha1:   ac17024aac570dd06ab7ac8726eed4a407ef09fd
Sha256: 93d93cbbc7fbaa344ccd1e007f2390d109f3ad596e12dbfbf5461431d36618cc

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/1.jpg HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 130435
Last-Modified: Fri, 17 Jun 2022 07:55:56 GMT
Connection: keep-alive
ETag: "62ac338c-1fd83"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1076x2101, components 3\012- data
Size:   130435
Md5:    3338db644ecd6d7f9adc5bb05ea54cc2
Sha1:   b0ccd3cae0624c173206a86c65c8681ed784f782
Sha256: 8a5d383c168ea3e3f44932be1783063fb0b1c6d4d27327c903e37dc6a8b781b7

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/3.jpg HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 132354
Last-Modified: Fri, 17 Jun 2022 08:02:38 GMT
Connection: keep-alive
ETag: "62ac351e-20502"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1067x2117, components 3\012- data
Size:   132354
Md5:    be533c7215b1fe2175d8229ffabbdda6
Sha1:   968a399a5dce81171d223c3edc376d1bbf6b182b
Sha256: 393b182834db81fc96e6b3b5f479d05a54f0a12bfa868095792c02d7afd4ff5f

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/4.jpg HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 307446
Last-Modified: Fri, 17 Jun 2022 08:35:12 GMT
Connection: keep-alive
ETag: "62ac3cc0-4b0f6"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1070x2000, components 3\012- data
Size:   307446
Md5:    a36e3e821d3792efb46519f881eac573
Sha1:   dde3f66093e2e9f0bef370f6864ca7e4af28f6cf
Sha256: 1fad6d201411a28c3eda189ac2f3fd6c56cef91f663851f8ff67d7d64954a161

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/2.jpg HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 95827
Last-Modified: Fri, 17 Jun 2022 08:02:02 GMT
Connection: keep-alive
ETag: "62ac34fa-17653"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2126, components 3\012- data
Size:   95827
Md5:    284e900fb19728dae4ff561fe3981520
Sha1:   a4710ee383a8af59b24b228f730180bce480e01c
Sha256: 9cf504034fd52ea3027ddbf957f44f36bace7e7c8cc55aa5103f5b77fbfe50c6

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/6.jpg HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 106964
Last-Modified: Fri, 17 Jun 2022 08:05:12 GMT
Connection: keep-alive
ETag: "62ac35b8-1a1d4"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2000, components 3\012- data
Size:   106964
Md5:    ae82d1262851dd370d951d7d51430ec3
Sha1:   bf8dc357595cfabe7670f8035cc230092fd08cb2
Sha256: 2262f81f05f3f69fb097bd417c4051e9f60fca6a1f152a230a867d3790f770f1

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/7.jpg HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 331231
Last-Modified: Fri, 17 Jun 2022 08:36:22 GMT
Connection: keep-alive
ETag: "62ac3d06-50ddf"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2000, components 3\012- data
Size:   331231
Md5:    5995075c9f295f3270b99c70bdc7f1cc
Sha1:   4fd07ecbb464fd981467e9067cb25fdcb55a2afe
Sha256: b3ef4f695d22630c32868dc0d5004fa58faf7e62f68dd242b81e726c00d7c998

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /static/picture/img-m-security-pack.png HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
Cookie: __tins__21298303=%7B%22sid%22%3A%201663930605916%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201663932405916%7D; __51cke__=; __51laig__=1; count_download=2

search
                                         81.17.22.78
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Length: 151993
Last-Modified: Wed, 15 Jun 2022 01:16:16 GMT
Connection: keep-alive
ETag: "62a932e0-251b9"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 750x600, components 3\012- data
Size:   151993
Md5:    03aa2728b8ff10f343b5eb9cd320f78d
Sha1:   f9a61fe0520376639080d5031184191ca3ac37d8
Sha256: f62cb9b0bc34eae2ff9f7114337e32455268d3d657ceb11e94a1fddf5c26b205

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /site/set/common/s/img/android-icon144x144.png HTTP/1.1 
Host: mwrppzksdm.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
Cookie: __tins__21298303=%7B%22sid%22%3A%201663930605916%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201663932405916%7D; __51cke__=; __51laig__=1; count_download=2

search
                                         81.17.22.78
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 23 Sep 2022 10:56:47 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12526
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:56:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12526
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:56:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12526
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:56:47 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10822
x-amzn-requestid: 308978c4-679f-4bb6-bfd7-a81dc00ec3db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoKcMG-kIAMFZKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63265781-03f94c0a385ed28408de81c8;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 23:25:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9fh_DJXLHRaerYmgTGoVX3LRsMIgzf46bn48yzXp8Xdp8WippJExcg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 11:05:21 GMT
age: 85886
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10822
Md5:    948abf9bedd1bd67010284080ba06d01
Sha1:   dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
Sha256: 236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 46159
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 47011
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9484
Md5:    ae63806537bc1795029ac9e522b4abb1
Sha1:   47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
Sha256: 369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 47305
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 45921
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 23031
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d