mwrppzksdm.duckdns.org/
81.17.22.78200 OK 5.1 kB IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 46623fe8a50aef16c5c02bb64efbb404
72dd4a3f4685ed3596648c0c71cff630c1fb046f
161d7fc9ca40a5e544c48fec7c542bf1e5d8e0a0f65f12653ed414b09b171347
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET / HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/html
Last-Modified: Sun, 14 Aug 2022 09:50:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f8c575-4521"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 10:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YBBqSaDxthcFegnJpSh7qKdjExJWPmg_0Y5NMbCpwyGlLra_wCrAUA==
Age: 2558
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15445
Expires: Fri, 23 Sep 2022 15:14:10 GMT
Date: Fri, 23 Sep 2022 10:56:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5567
Expires: Fri, 23 Sep 2022 12:29:32 GMT
Date: Fri, 23 Sep 2022 10:56:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8VOFcMIkXQm7KBiKM/UIhRk/mxlNHZOBcT23WxJcd/HAeRdXPG14cORs7PPx1lHo8c2XXbeTLMc=
x-amz-request-id: 79A0HP525DJMGFX6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 10:46:57 GMT
age: 588
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:56:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mwrppzksdm.duckdns.org/static/js/script.js
81.17.22.78200 OK 811 B URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/script.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash ba3b83549689e44da226639480c0017b
0ef34e12591f37e4beaaa38d15c1b02261bb3d69
a7f1c847cab7e7373cd60145c23ff3754c1fd8964f0869fee05086a1eeb8433e
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/script.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Content-Length: 811
Last-Modified: Mon, 17 Jan 2022 04:34:08 GMT
Connection: keep-alive
ETag: "61e4f1c0-32b"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/js/include.js
81.17.22.78200 OK 986 B URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/include.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (986), with no line terminators
Hash a0fa9a30837c148de901efe647581548
4fd19808ae90de8ebb754f6393ac31f9f5dc7136
a10a77d117e4116aca9e1a8714c513d88c0cacf6ca0a38f0eccfd537cb12e852
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/include.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Content-Length: 986
Last-Modified: Wed, 15 Jun 2022 00:44:42 GMT
Connection: keep-alive
ETag: "62a92b7a-3da"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/css/index.css
81.17.22.78200 OK 8.1 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/index.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (52202), with CRLF line terminators
Hash 48b01f6c590c1a85043d2504f390e885
636c68ff8301ccee0f82fe1409dcf2b19b07c3a2
268707d2c12e0a32b6759e01ac44a86f80b348c896fb7ec95ab0778eac0272a8
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/index.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Jun 2022 08:57:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ac4214-cc8c"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/index_3.css
81.17.22.78200 OK 733 B URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/index_3.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1724)
Hash 964e69610acc365a518e0bd6b43b26fc
b08cf12421bd189a8d8d554824e1e39f92941926
31fd8e1b939868bb01340034851f019b43b1ff2a051cf9c0f38efb36a68410da
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/index_3.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-6e0"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/category-style.b3s.css
81.17.22.78200 OK 575 B URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/category-style.b3s.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (1740)
Hash 1cc3e67431044e93fa8c1003c4913c65
f25dbe2335fdde4b68a765d01f389e39250cf20b
c3b77d80675a0f5ee063cb63d844d5e795ba008451ba4954d06c1f99dc79b894
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/category-style.b3s.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-6cd"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/js/l3.js
81.17.22.78200 OK 24 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/l3.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type HTML document, Unicode text, UTF-8 text, with very long lines (65350), with no line terminators
Hash b1d371c24a5e4147ed3bf3e4a52694f2
ed9e86064fd83d43f1c225515100b06b0eb12154
3dee7c47e4ae45f6a846cce11056d056620edc0184c57a1c679223a1f5977059
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/l3.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 15 Jun 2022 00:44:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b76-15502"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/category-style.u96.css
81.17.22.78200 OK 1.3 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/category-style.u96.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (7490), with no line terminators
Hash 69ab534ee455fd99e7bad3cdb6f39af6
35ade55cfa2d1735f0a5ffcb9d7738b128b20bee
41fb481e206ceaa7fd95598fc15c17d75d3788cf8e033499c0ccd5d07e89efb0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/category-style.u96.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-1d42"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/js/category-script.b3s.js
81.17.22.78200 OK 25 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/category-script.b3s.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (56251)
Hash fac597c7b9c5343327637dd246dae053
897606fbf0b7d657fc0e9481059e2de7bafbb322
b3c3c82ae507916dea08ae3b7856911315352d97a5dd29703ed9458679eabd89
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/category-script.b3s.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 15 Jun 2022 00:44:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b78-102e0"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/l3.css
81.17.22.78200 OK 58 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/l3.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 30ba2bd45c9c1f382f477bb670a2938c
8433af88f080303a8fe4a52ddb25cfe515aa23e1
3c57efc25b49e7511e4f922301f598bb3982e030d6d599387b9dc75954380f35
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/l3.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-9bab0"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/js/index.js
81.17.22.78200 OK 48 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/index.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (29928)
Hash 576c8f9c4c5d93940f941f44fc82b63c
8bd776191d34f5b7643c34e083c779e32149fd8c
cb1288069833c78e069e51e4e47857e59ce2a49ee0b27a2a0079efa129d24c5f
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/index.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 15 Jun 2022 00:44:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b74-20f42"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/js/category-script.u96.js
81.17.22.78200 OK 24 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/category-script.u96.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (44631)
Hash d98a4e82912228677b7e93c5f4bb6067
85da372e907607953868993f9a7bbb433eac1ef3
c8e8dfa5d289fb15f311eae99fef552044eafe308e04f75629256dbea143cb4b
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/category-script.u96.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 15 Jun 2022 00:44:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b78-f699"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/style.css
81.17.22.78200 OK 9.1 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/style.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
Hash 90c03682247570827e8cabd5e3260339
bff6cf3155b5fec688dae91c4fdb11269cfe6a72
db48a61a3b76dbeea8cd67306ca0ef1317f11a9adf6f751e600bacad988ddb4d
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/style.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Jun 2022 07:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ac308a-f211"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/rf2-style.css
81.17.22.78200 OK 8.3 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/rf2-style.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (37237)
Hash 7d756a6c2884ef06889eb91355f6548a
2e4c1667f6243e63e5bcca8e81416d0e8bfb6506
a7961973c41d4bb9c92e7213db5708b2a176c74097abffe6512aeda20322e25c
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/rf2-style.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 14:44:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a9f04a-91d6"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/tk-modules.css
81.17.22.78200 OK 27 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/tk-modules.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 32d97cb4d2380a76ca1f0b8e580e9370
7745f4657290dbbedf372a69c36f0409496bebaf
7fe74313cc21cc3fcf7c9d13f0bbf63d673ba61caf7d8b1a42bc5ba2744d1fbe
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/tk-modules.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 14:45:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a9f094-22c6c"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/index4.css
81.17.22.78200 OK 727 B URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/index4.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (1724)
Hash 7d032edb5155e6125303f7c4e22cc0e2
a38b2dae1103da05a949db7038b5674f7d7135d0
6468666ba5a2e11c94d312528f1e0d22065102bb0b69a575efbd28535c684414
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/index4.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 14:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a9f0be-6dd"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/common.css
81.17.22.78200 OK 708 B URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/common.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with CRLF line terminators
Hash 359976b7ab3aa7d17f2ead1fed43b310
1319798935873884bbfa33f452e22151972f9ca6
cd10bb2782532af4506497456794ee52d633f928597ea2751c080634c1474575
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/common.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Content-Length: 708
Last-Modified: Fri, 17 Jun 2022 09:36:04 GMT
Connection: keep-alive
ETag: "62ac4b04-2c4"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/js/jquery-3.4.1.min.js
81.17.22.78200 OK 34 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/jquery-3.4.1.min.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (65451)
Hash 45088a63622db0550345f7aa58c3e3bb
4bf834aedeaac7a1919bdb5b6ee17419b9181171
c7ca6923bc404e521d3690b3a2e7464c3c6e3e6bc618ca7cd7d6910fb188938f
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/jquery-3.4.1.min.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Jun 2021 10:56:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c3415c-15851"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/index_1.css
81.17.22.78200 OK 2.3 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/index_1.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (11146)
Hash c6178b67fe5ef2de6c28fba36a9d1895
b27f3e1181891fb7efd416d96305b80e833436fb
a90d28adb89868370c5d569d6aec42089408a05d2101eacd1f6a8e77710bc7c9
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/index_1.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-2bd3"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/css/l3-base.css
81.17.22.78200 OK 6.4 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/l3-base.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (41105), with CRLF line terminators
Hash 97abe39b078280fdeac27588893a4184
15d5b284fd065a14aa3dd6c1ef3e1240ff84bbb3
d7d0922c62255f3cb0142c19e6724e3bdae800c9e6d3d5050d5720a610d20ce7
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/l3-base.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Jun 2022 00:44:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b72-a093"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mwrppzksdm.duckdns.org/static/js/l3-vendor.js
81.17.22.78200 OK 78 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/js/l3-vendor.js
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with very long lines (43955), with CRLF line terminators
Hash 99c2edccb60619c3626ba16ca00efa7f
544ef46da1bc83ef9482c5a56c441760ad075b43
51f8a3d68ba4d15dbc0fc3983e4800d5a3ce16f5556d2f5b3a9cd73ca00aea6a
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /static/js/l3-vendor.js HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 15 Jun 2022 00:44:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a92b7e-345e5"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 10:03:22 GMT
Expires: Fri, 23 Sep 2022 10:23:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: r1yv_ZhnWAHGQCgytUoWAOlRYkPdozd0pi7uRW1GZr3eMjxrT6hfAg==
Age: 3203
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 10:56:46 GMT
Last-Modified: Fri, 23 Sep 2022 09:30:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 140438606dfec59ac72072c83068d09e
d7afd544cb4ff2e8b5b1b1b604175446bbb1e1c7
96a81922c699f53d206d4275614c29c96512b64adda5052f7f13dc67f78b9875
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:56:58 GMT
ETag: "d7afd544cb4ff2e8b5b1b1b604175446bbb1e1c7"
Last-Modified: Fri, 23 Sep 2022 09:56:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3397
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f2c170ca3fb51d-OSL
mwrppzksdm.duckdns.org/static/css/clientlib-base.min.d9d23f388ff7b590ff7ec23366ca0e99.css
81.17.22.78200 OK 0 B URL HTTP/1.1 mwrppzksdm.duckdns.org/static/css/clientlib-base.min.d9d23f388ff7b590ff7ec23366ca0e99.css
IP 81.17.22.78:0
ASN #51852 Private Layer INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/css/clientlib-base.min.d9d23f388ff7b590ff7ec23366ca0e99.css HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:45 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Jun 2022 07:41:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62ac3034-de4e8"
Expires: Fri, 23 Sep 2022 22:56:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
js.users.51.la/21298303.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21298303.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash c2851ca4626bd9f22446e3a725902a01
a27bc1a124c6bef5c52c948662f8876cd8383a5a
24eeefe4f2ed041b88b290d071a1dc0664e0decd35e3115df71d34b46f81ef6d
GET /21298303.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=bb1a628f7b6b02d2228; path=/
HWWAFSESTIME=1663930604610; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
mwrppzksdm.duckdns.org/footer_logo.png
81.17.22.78200 OK 5.4 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/footer_logo.png
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type PNG image data, 190 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 71d75563c7da9c7332a53ed62db57f42
db101f14373ce7536c6ff07157dbc45b67220470
a9b31193d372a54cb3e13551db2e5a3c74cf1f160ec38f2f41b572f2d75b8a9b
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /footer_logo.png HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/png
Content-Length: 5389
Last-Modified: Fri, 12 Aug 2022 06:07:15 GMT
Connection: keep-alive
ETag: "62f5ee13-150d"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/5.jpg
81.17.22.78200 OK 106 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/5.jpg
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1074x2016, components 3\012- data
Size 106 kB (106241 bytes)
Hash a702baf82f650338405df43b201cca4d
ac17024aac570dd06ab7ac8726eed4a407ef09fd
93d93cbbc7fbaa344ccd1e007f2390d109f3ad596e12dbfbf5461431d36618cc
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/5.jpg HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/jpeg
Content-Length: 106241
Last-Modified: Fri, 17 Jun 2022 08:04:06 GMT
Connection: keep-alive
ETag: "62ac3576-19f01"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/1.jpg
81.17.22.78200 OK 130 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/1.jpg
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1076x2101, components 3\012- data
Size 130 kB (130435 bytes)
Hash 3338db644ecd6d7f9adc5bb05ea54cc2
b0ccd3cae0624c173206a86c65c8681ed784f782
8a5d383c168ea3e3f44932be1783063fb0b1c6d4d27327c903e37dc6a8b781b7
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/1.jpg HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/jpeg
Content-Length: 130435
Last-Modified: Fri, 17 Jun 2022 07:55:56 GMT
Connection: keep-alive
ETag: "62ac338c-1fd83"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/3.jpg
81.17.22.78200 OK 132 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/3.jpg
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1067x2117, components 3\012- data
Size 132 kB (132354 bytes)
Hash be533c7215b1fe2175d8229ffabbdda6
968a399a5dce81171d223c3edc376d1bbf6b182b
393b182834db81fc96e6b3b5f479d05a54f0a12bfa868095792c02d7afd4ff5f
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/3.jpg HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/jpeg
Content-Length: 132354
Last-Modified: Fri, 17 Jun 2022 08:02:38 GMT
Connection: keep-alive
ETag: "62ac351e-20502"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/4.jpg
81.17.22.78200 OK 307 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/4.jpg
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1070x2000, components 3\012- data
Size 307 kB (307446 bytes)
Hash a36e3e821d3792efb46519f881eac573
dde3f66093e2e9f0bef370f6864ca7e4af28f6cf
1fad6d201411a28c3eda189ac2f3fd6c56cef91f663851f8ff67d7d64954a161
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/4.jpg HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/jpeg
Content-Length: 307446
Last-Modified: Fri, 17 Jun 2022 08:35:12 GMT
Connection: keep-alive
ETag: "62ac3cc0-4b0f6"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/2.jpg
81.17.22.78200 OK 96 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/2.jpg
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2126, components 3\012- data
Hash 284e900fb19728dae4ff561fe3981520
a4710ee383a8af59b24b228f730180bce480e01c
9cf504034fd52ea3027ddbf957f44f36bace7e7c8cc55aa5103f5b77fbfe50c6
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/2.jpg HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/jpeg
Content-Length: 95827
Last-Modified: Fri, 17 Jun 2022 08:02:02 GMT
Connection: keep-alive
ETag: "62ac34fa-17653"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/6.jpg
81.17.22.78200 OK 107 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/6.jpg
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2000, components 3\012- data
Size 107 kB (106964 bytes)
Hash ae82d1262851dd370d951d7d51430ec3
bf8dc357595cfabe7670f8035cc230092fd08cb2
2262f81f05f3f69fb097bd417c4051e9f60fca6a1f152a230a867d3790f770f1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/6.jpg HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/jpeg
Content-Length: 106964
Last-Modified: Fri, 17 Jun 2022 08:05:12 GMT
Connection: keep-alive
ETag: "62ac35b8-1a1d4"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/7.jpg
81.17.22.78200 OK 331 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/7.jpg
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2000, components 3\012- data
Size 331 kB (331231 bytes)
Hash 5995075c9f295f3270b99c70bdc7f1cc
4fd07ecbb464fd981467e9067cb25fdcb55a2afe
b3ef4f695d22630c32868dc0d5004fa58faf7e62f68dd242b81e726c00d7c998
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/7.jpg HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/jpeg
Content-Length: 331231
Last-Modified: Fri, 17 Jun 2022 08:36:22 GMT
Connection: keep-alive
ETag: "62ac3d06-50ddf"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/static/picture/img-m-security-pack.png
81.17.22.78200 OK 152 kB URL HTTP/1.1 mwrppzksdm.duckdns.org/static/picture/img-m-security-pack.png
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type JPEG image data, progressive, precision 8, 750x600, components 3\012- data
Size 152 kB (151993 bytes)
Hash 03aa2728b8ff10f343b5eb9cd320f78d
f9a61fe0520376639080d5031184191ca3ac37d8
f62cb9b0bc34eae2ff9f7114337e32455268d3d657ceb11e94a1fddf5c26b205
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /static/picture/img-m-security-pack.png HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
Cookie: __tins__21298303=%7B%22sid%22%3A%201663930605916%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201663932405916%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 10:56:46 GMT
Content-Type: image/png
Content-Length: 151993
Last-Modified: Wed, 15 Jun 2022 01:16:16 GMT
Connection: keep-alive
ETag: "62a932e0-251b9"
Expires: Sun, 23 Oct 2022 10:56:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mwrppzksdm.duckdns.org/site/set/common/s/img/android-icon144x144.png
81.17.22.78404 Not Found 146 B URL HTTP/1.1 mwrppzksdm.duckdns.org/site/set/common/s/img/android-icon144x144.png
IP 81.17.22.78:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /site/set/common/s/img/android-icon144x144.png HTTP/1.1
Host: mwrppzksdm.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mwrppzksdm.duckdns.org/
Cookie: __tins__21298303=%7B%22sid%22%3A%201663930605916%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201663932405916%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 23 Sep 2022 10:56:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12526
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:56:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12526
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:56:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12526
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:56:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 948abf9bedd1bd67010284080ba06d01
dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 308978c4-679f-4bb6-bfd7-a81dc00ec3db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoKcMG-kIAMFZKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63265781-03f94c0a385ed28408de81c8;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 23:25:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9fh_DJXLHRaerYmgTGoVX3LRsMIgzf46bn48yzXp8Xdp8WippJExcg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 11:05:21 GMT
age: 85886
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 46159
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae63806537bc1795029ac9e522b4abb1
47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 47011
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 47305
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 45921
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 23031
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2