urlscan.io logo urlscan.io
SecurityTrails logo

08976uyjtthe.duckdns.org Open in urlscan Pro
185.212.129.195  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Submission: On May 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 12 domains to perform 97 HTTP transactions. The main IP is 185.212.129.195, located in Netherlands and belongs to INTERNET-IT, NL. The main domain is 08976uyjtthe.duckdns.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 23rd 2020. Valid for: 3 months.
This is the only time 08976uyjtthe.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
22 185.212.129.195 200313 (INTERNET-IT)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 13.225.87.27 16509 (AMAZON-02)
8 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 54.230.183.36 16509 (AMAZON-02)
8 104.18.74.113 13335 (CLOUDFLAR...)
3 104.16.54.111 13335 (CLOUDFLAR...)
23 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
3 164.160.128.110 328110 (Garanntor...)
4 103.54.248.224 135905 (VNPT-AS-V...)
7 152.199.23.37 15133 (EDGECAST)
97 13
22    185.212.129.195 (Netherlands)

ASN200313 (INTERNET-IT, NL)
PTR: trtgbevrefbgr.duckdns.org
08976uyjtthe.duckdns.org
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    13.225.87.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-27.fra2.r.cloudfront.net
us04st1.zoom.us
us04st3.zoom.us
us04st2.zoom.us
8    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    54.230.183.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-36.ham50.r.cloudfront.net
static.ada.support
8    104.18.74.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
3    104.16.54.111 (United States)

ASN13335 (CLOUDFLARENET, US)
zoomus.zendesk.com
23    2a02:26f0:10c:383::35c1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
secure.aadcdn.microsoftonline-p.com
3    164.160.128.110 (Nigeria)

ASN328110 (Garanntor-Hosting-AS, NG)
PTR: 128.160.164.in-addr.arpa
donnashashimao.com
4    103.54.248.224 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
betongmiennam.vn
7    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
Domain Requested by
23 secure.aadcdn.microsoftonline-p.com 08976uyjtthe.duckdns.org
code.jquery.com
22 08976uyjtthe.duckdns.org us04st1.zoom.us
08976uyjtthe.duckdns.org
10 us04st1.zoom.us 08976uyjtthe.duckdns.org
us04st1.zoom.us
8 code.jquery.com 08976uyjtthe.duckdns.org
7 aadcdn.msftauth.net code.jquery.com
7 static.zdassets.com 08976uyjtthe.duckdns.org
static.zdassets.com
4 betongmiennam.vn code.jquery.com
3 donnashashimao.com code.jquery.com
3 zoomus.zendesk.com static.zdassets.com
3 us04st3.zoom.us 08976uyjtthe.duckdns.org
2 us04st2.zoom.us 08976uyjtthe.duckdns.org
2 www.google-analytics.com 08976uyjtthe.duckdns.org
1 ekr.zdassets.com static.zdassets.com
1 static.ada.support 08976uyjtthe.duckdns.org
1 www.googletagmanager.com 08976uyjtthe.duckdns.org
97 15

This site contains no links.

Subject Issuer Validity Valid
08976uyjtthe.duckdns.org
Let's Encrypt Authority X3		 2020-04-23 -
2020-07-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.zoom.us
Go Daddy Secure Certificate Authority - G2		 2019-03-25 -
2021-03-25		 2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.ada.support
Amazon		 2020-03-31 -
2021-04-30		 a year crt.sh
*.zdassets.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-25 -
2021-05-31		 2 years crt.sh
zoomus.zendesk.com
CloudFlare Inc ECC CA-2		 2020-04-17 -
2020-10-09		 6 months crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft IT TLS CA 4		 2019-07-17 -
2021-07-17		 2 years crt.sh
donnashashimao.com
Let's Encrypt Authority X3		 2020-04-29 -
2020-07-28		 3 months crt.sh
betongmiennam.vn
cPanel, Inc. Certification Authority		 2020-03-21 -
2020-06-19		 3 months crt.sh
aadcdn.msftauth.net
Microsoft IT TLS CA 5		 2018-11-07 -
2020-11-07		 2 years crt.sh

This page contains 15 frames:

Primary Page: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: C33D7F55A113FE99F7B4EF24EE0190EF
Requests: 26 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: 783997FD58B3FE09E4B34C5DEFC5FF07
Requests: 17 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: A50C123C81AA8C8349FC739BBEA396EA
Requests: 11 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: 3BB244261540B93D8A4207E55C3D3E8B
Requests: 9 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: CB8AB64CC2B3571273C76512326D1BB1
Requests: 9 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: 10B420C35FBF8E91236F5124E4E531EC
Requests: 9 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: 3256365D5188BD467270084D49A654C6
Requests: 9 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Frame ID: F4ACA595B6BEE48DA96A67BD383D0F11
Requests: 9 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: 83C28C7FA72797899F95BCBCEA2EAEF5
Requests: 1 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: B0B7527F193F3FC0D5A9DF5E19079917
Requests: 1 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: 20C42CEF307CF290C8418858062A8488
Requests: 1 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: D902B07E708E09F8E6013DC1E80BE03D
Requests: 1 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: BBBE9594A4A1CEB260B37FDCEBC7A3FB
Requests: 1 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: 6F5A2F46C991C6F1CB0CD8905E057935
Requests: 1 HTTP requests in this frame

Frame: https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: 0687FD2749FE769E4AD4E7F40031DA0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

97
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

15
Subdomains

13
IPs

6
Countries

2557 kB
Transfer

7956 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index-zoom.php
08976uyjtthe.duckdns.org/ 		104 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7ad670a9a614b98557bd7f26eacd60bafa6dc95206fdce1a332d3794c39d674c

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:09 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
25450
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
js
www.google-analytics.com/gtm/ 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5X23DFQ&cid=1585178426.1587219687
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfc264614472342649c0d1bb8ab4079a296630d71242c825b95f7ceb9d0f7abf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31861
x-xss-protection
0
expires
Fri, 08 May 2020 16:38:10 GMT
gtm.js
www.googletagmanager.com/ 		214 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WKFT9
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3042a4dfb2cbe304a8d3b669ea5681fb401d6c5d49f7173a2ac8eb8d4e4ea00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:10 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52068
x-xss-protection
0
last-modified
Fri, 08 May 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 May 2020 16:38:10 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6111
date
Fri, 08 May 2020 14:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 08 May 2020 16:56:19 GMT
all.min.css
us04st1.zoom.us/static/93934/css/ 		193 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us04st1.zoom.us/static/93934/css/all.min.css
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcbeda25edf157f78798414a55cc14a37c4bbfdd072b18de1b24da1805864c84

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 07:08:36 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:20:00 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276897/ctime:1587276898/gid:1003/gname:nginx/md5:94ab9b4a04842fc2c5fe64122df92fab/mode:33204/mtime:1587271723/uid:1014/uname:nginx
age
34175
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
5sHxPURakBdsgG5L5J9AJTtkGisBFapQs8fnjmk-iwbU53OvErRAdw==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
notification.min.css
us04st1.zoom.us/static/93934/js/lib/vue/advanced/notification/ 		1 KB
993 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us04st1.zoom.us/static/93934/js/lib/vue/advanced/notification/notification.min.css
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81747fe54a6811efbcb03b0c3ec76abea95ee01c90368fbde2c3106f15ce36c7

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 07:08:36 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:25:19 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:2f11a99b05660f67d62e20cf2422e18b/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
34175
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
rnoxh8Fi1mcy67yJSBx2xLixKFnM_TbTS4CZo1NoO7n3DBmntSaj_A==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
zoom-components.min.css
us04st1.zoom.us/static/93934/css/vue/ 		117 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us04st1.zoom.us/static/93934/css/vue/zoom-components.min.css
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
414393f846ee49628f23e508d3e090194194aa3c9764a0b1ee58b1592e0964da

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 07:08:36 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:25:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276897/ctime:1587276898/gid:1003/gname:nginx/md5:6f62eeee48c9880fdfd8ba1066723958/mode:33204/mtime:1587271723/uid:1014/uname:nginx
age
34175
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
usRbbm2lROjp5aogzFSHJIB4_6-abKbqd1jp2aQvCx9VTKEDWjlf1g==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
jquery-3.5.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.0.min.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Apr 2020 15:24:08 GMT
Server
nginx
ETag
W/"5e908f98-15d95"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955890.cds142.fr8.shn,1588955890.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30880
ZoomLogo.png
us04st1.zoom.us/static/93934/image/new/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us04st1.zoom.us/static/93934/image/new/ZoomLogo.png
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1289059a37f8c8bd3223113398a599190d29fc235e14316c815a30ca698823ce

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 08 May 2020 09:20:12 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified
Sun, 19 Apr 2020 06:21:52 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:112b8a41cca8c030b70d4e25bbc6fadb/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
26279
etag
"112b8a41cca8c030b70d4e25bbc6fadb"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
2484
x-amz-cf-id
vLzJMHTRLJgVLTaRss91nNJyJTWqtaaccPWmA8-W18mu7VhkrvozCA==
all.min.js
us04st1.zoom.us/static/93934/js/ 		226 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us04st1.zoom.us/static/93934/js/all.min.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7039e768bdbe156a62aef72d5ac934d7c01f16f3a85cdac154de93ecea293f84

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 07:08:36 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:23:13 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:bb6c832e9321246a878512b81ef40580/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
34175
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
c2Qm5-VtZIyrA3JLE25TC93U5VJ2-wVlZ6Rfh9U9krMkLklAqWDNAg==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
vue.min.js
us04st3.zoom.us/static/93934/js/lib/vue/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us04st3.zoom.us/static/93934/js/lib/vue/vue.min.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16d59f448fad85694dcf6b01dd225bc0ac793e0332288560c07093c1addb8977

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 07:07:47 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:24:55 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:be4c25a10b8ae99067f58011f992adba/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
34224
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
fgdF-E4MhOAYnbw7jCK64SB0Z8BalU24uH1LXqKEC8ZLT9ol9g-cwA==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
zoom-components.min.js
us04st2.zoom.us/static/93934/js/lib/vue/ 		264 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us04st2.zoom.us/static/93934/js/lib/vue/zoom-components.min.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19e6cf0f91e11bca1034bd0d643a3b40453c2a9b7da835de5ef519e25c945200

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 07:08:36 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:25:20 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:0aa723e76ed9a3ea4b2fd14c57787659/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
34175
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
X4oR2BM-FLKDSjA4MEleqr6OyYhn5kMrZfkzpYOXRKB-gMe54otuaw==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
jquery.validate.message.min.js
us04st3.zoom.us/static/93934/js/app/ 		2 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://us04st3.zoom.us/static/93934/js/app/jquery.validate.message.min.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c19f7fb839c2c3a1a65e9e7be3ad25addb601da4570b1f48ec2f664380d9257

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 17:33:14 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:24:00 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:fa3a55f2cc09a23812626ae13dd52b8f/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
83097
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
9gYsR12gKSs_TVfW0--eXzHuOAc9AWid6xgt3En8sOlIrRn8sGSC_g==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
join.min.js
us04st2.zoom.us/static/93934/js/app/conference/ 		891 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us04st2.zoom.us/static/93934/js/app/conference/join.min.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2eba0b7c41986f42b1c1e607e277cd7faeb67d4df0e591726abce63510978a04

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 08 May 2020 07:08:36 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified
Sun, 19 Apr 2020 06:23:49 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:01fd8ef42b3841baea2a38b0bd3726f8/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
34175
etag
"01fd8ef42b3841baea2a38b0bd3726f8"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
891
x-amz-cf-id
oWnb5ntX1CboSTmpNIeRqnl0fceBxQEzBMaZ3USSfi0aI1njo36iiw==
embed.js
static.ada.support/ 		105 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-36.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d8fb476109ed3853d2fcf890632aa18d4f2a8d4deb7673e00b5ce865a629ab4

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 19:47:37 GMT
via
1.1 6eabffd9312b994dd9c1277b403ac16f.cloudfront.net (CloudFront)
age
75034
x-cache
Hit from cloudfront
status
200
content-length
107233
last-modified
Thu, 07 May 2020 19:47:08 GMT
server
AmazonS3
etag
"184d10bfa30e8b7babc072bdabb7b961"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
no-cache
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
x-amz-cf-id
zQHhQQdGDdjOx1sfx8YORlQEpWYkdkEepl8d44-HU_XYBsroDvyRJg==
snippet.js
static.zdassets.com/ekr/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=f022518e-a528-43eb-b7d9-6af79e1de3db
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
28
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
A174A52657B50594
x-amz-id-2
dRPi8oJbmR3ol4NeBDmOk1dBjTEpBWAHfQhW61L1eDS5VYO/Tu4FGYBbPw+qhb9sN0wz/2BUMB4=
last-modified
Mon, 02 Mar 2020 02:50:56 GMT
server
cloudflare
etag
W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
9jfU0J9VWlATjidupegYZZ3MvXR2S9Ct
cf-request-id
0296bfdace00008695c8b49200000001
cf-ray
59049c0aec8a8695-ARN
meeting_delete_dialog.min.css
us04st3.zoom.us/static/93934/css/meetings/ 		371 B
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us04st3.zoom.us/static/93934/css/meetings/meeting_delete_dialog.min.css
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae17df15f37f143eb1e331e2e6df3de34d190f6873e6b047a13eba3c95989b80

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 07 May 2020 17:33:14 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified
Sun, 19 Apr 2020 06:20:29 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276897/ctime:1587276898/gid:1003/gname:nginx/md5:96425654fc91041df560f9256c8577a9/mode:33204/mtime:1587271723/uid:1014/uname:nginx
age
83097
etag
"96425654fc91041df560f9256c8577a9"
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
371
x-amz-cf-id
VVP3uYjl63D57i-WJ5IStZq73CO_obWID7KWUojsT8HR_SH27Ojpgw==
notification.min.js
us04st1.zoom.us/static/93934/js/lib/vue/advanced/notification/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us04st1.zoom.us/static/93934/js/lib/vue/advanced/notification/notification.min.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
861fc904b3e056e62b3b86c3e2f7288cc9cc97907e40dab3e848cadf1c006056

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:14:17 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 06:24:52 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:275b655319b390451b7fff8435ba14fc/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
1434
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
qcHYyvgd8hP86xNwfW73hfyN22140dfdH6WPrbwoPfPmRMhCnuMd5A==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1289059a37f8c8bd3223113398a599190d29fc235e14316c815a30ca698823ce

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44357ce24dc7849c652fff42e5efc46b833e39f636f30a70aaf23b2bffe4cf05

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
social_icon.png
us04st1.zoom.us/static/93934/image/new/home/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us04st1.zoom.us/static/93934/image/new/home/social_icon.png
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4a20f13da624492c82af240a759de12ab2a32f423fdbcd5a010a77992132432

Request headers

Referer
https://us04st1.zoom.us/static/93934/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 08 May 2020 07:08:36 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified
Sun, 19 Apr 2020 06:25:13 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:14f715b8529769349e7bd73dd4496f04/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
34175
etag
"14f715b8529769349e7bd73dd4496f04"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
7722
x-amz-cf-id
JHnEzdMOVReAkUNHdiNFCW4V3wp3ZMDJ12TMUlumdersEtxVqbpfFA==
Lato-Regular.woff2
us04st1.zoom.us/static/93934/fonts/lato/ 		178 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us04st1.zoom.us/static/93934/fonts/lato/Lato-Regular.woff2
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://us04st1.zoom.us/static/93934/css/all.min.css
Origin
https://08976uyjtthe.duckdns.org

Response headers

date
Fri, 08 May 2020 07:08:36 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
age
34174
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
182708
last-modified
Sun, 19 Apr 2020 06:20:57 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:bd03a2cc277bbbc338d464e679fe9942/mode:33204/mtime:1587271724/uid:1014/uname:nginx
etag
"bd03a2cc277bbbc338d464e679fe9942"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
wpZ9cc1V0Ta4n86lFiouu_xEdN_xTj9sBfO1lLSCtZ_7R8KCkKNumQ==
Lato-Semibold.woff2
us04st1.zoom.us/static/93934/fonts/lato/ 		180 KB
180 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us04st1.zoom.us/static/93934/fonts/lato/Lato-Semibold.woff2
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30f77a5ff0bcba46d4e760b0c939a5ff112da0d3ddd13a261834134e00cc21c7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://us04st1.zoom.us/static/93934/css/all.min.css
Origin
https://08976uyjtthe.duckdns.org

Response headers

date
Fri, 08 May 2020 07:08:37 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
age
34174
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
184076
last-modified
Sun, 19 Apr 2020 06:20:58 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:8b4f872c5de19974857328d06d3fe48f/mode:33204/mtime:1587271724/uid:1014/uname:nginx
etag
"8b4f872c5de19974857328d06d3fe48f"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
oR_hTw20mWAtk7OlhToxMXqzMHfXO8vcFPkxkzuSm6L3ctkJZ7vSjA==
f022518e-a528-43eb-b7d9-6af79e1de3db
ekr.zdassets.com/compose/ 		715 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/f022518e-a528-43eb-b7d9-6af79e1de3db
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f022518e-a528-43eb-b7d9-6af79e1de3db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc9c97a890f49e929233b91102b6d1290b1d2860f024a6c09efdb2cf9185fdf8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:11 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
status
200, 200 OK
strict-transport-security
max-age=0
cf-request-id
0296bfdb5a0000f2104d20c200000001
x-request-id
56bc0435-e889-4b59-b922-e2c3cd3a8cbe
x-runtime
0.003304
server
cloudflare
etag
W/"bc9c97a890f49e929233b91102b6d129"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
59049c0bcbc3f210-ARN
preload.f74aa2c016e8a52a2135.js
static.zdassets.com/web_widget/latest/ Frame 7839 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/preload.f74aa2c016e8a52a2135.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f022518e-a528-43eb-b7d9-6af79e1de3db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c2ca6399c244ee31a7f61fd37cacd29bdb2be4966890d2024f186aae0291e1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
55356
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
A750A78098ADAFD5
x-amz-id-2
t3MIPW9c0mi8NtzXvXcNpno8rgN+yTvOf5ongwl6BwfJ2FpKTY6cPsXEOvfYRwIot1j/vXMMBT8=
last-modified
Thu, 07 May 2020 00:29:27 GMT
server
cloudflare
etag
W/"905ef030c248e5b8d3f16c51711a23f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
U0SIu17LwLDz1hNVnjsAOAaqV4Bjf06O
cf-request-id
0296bfdea900008695c8b75200000001
cf-ray
59049c110f048695-ARN
expires
Fri, 07 May 2021 00:29:26 GMT
vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
static.zdassets.com/web_widget/latest/ Frame 7839 		1 MB
279 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f022518e-a528-43eb-b7d9-6af79e1de3db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c386b5edb79a4f516cd83149326cfbbd51007b239311c49dcb8291af23821f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
9731
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
FE101BFA960620DC
x-amz-id-2
wy+GEGC8v/M7pZ5EV52xNhroN/YMOkuJQ8pPJKIVE7Le2b+WhkGE71FXMOtIKzLxpEBgQShVihI=
last-modified
Thu, 07 May 2020 00:29:28 GMT
server
cloudflare
etag
W/"8a59314d4ebaed50222892ba3538713b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
aG_htA423oKq9aea3QHoY9Nxvom8Xuix
cf-request-id
0296bfdea900008695c8b76200000001
cf-ray
59049c110f058695-ARN
expires
Fri, 07 May 2021 00:29:27 GMT
web_widget.9ce02d77913c15c2ede2.chunk.js
static.zdassets.com/web_widget/latest/ Frame 7839 		879 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.9ce02d77913c15c2ede2.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f022518e-a528-43eb-b7d9-6af79e1de3db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c70e5e4b2be35a82e7fc0652bc33fba74d31f682afa0b43ebb365846d6ab775
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12424
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
E9C7440AF4454AC0
x-amz-id-2
jrMKwLlwRxWKB8N8LOugkiQTlrBFt/cyn//EW+27h5BCpN+iGnVOadYsLswlml0erDI3m3wMLI4=
last-modified
Thu, 07 May 2020 00:29:29 GMT
server
cloudflare
etag
W/"01120d102ee9da0c75adecca4daf5066"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
BnteRNTfvTlBthu1ZJkMcBKfLccFYzmQ
cf-request-id
0296bfdea900008695c8b77200000001
cf-ray
59049c110f068695-ARN
expires
Fri, 07 May 2021 00:29:28 GMT
chat-sdk.8bec18ba6b375cdd85e2.chunk.js
static.zdassets.com/web_widget/latest/ Frame 7839 		255 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/chat-sdk.8bec18ba6b375cdd85e2.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f022518e-a528-43eb-b7d9-6af79e1de3db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e63ace57040569ef71ddec08c63bde0cdb1fb2d9e98027caaf84fa9258e7048
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1007293
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
389B0AB9A2E683CA
x-amz-id-2
t6lUbrkvCUTUsNSKk5XQENBsuU8JkIgS+4QDrIZNOgyqD0C1aabqqDQUHQraknuwKKUp83tJFB4=
last-modified
Fri, 24 Apr 2020 06:36:01 GMT
server
cloudflare
etag
W/"23243262e0659a5a9e138886779371e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
ZLJ4wrb4N.QqdO_sfLJrfvdZBfGl9OnX
cf-request-id
0296bfdea900008695c8b78200000001
cf-ray
59049c110f078695-ARN
expires
Sat, 24 Apr 2021 06:35:59 GMT
config
zoomus.zendesk.com/embeddable/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoomus.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f022518e-a528-43eb-b7d9-6af79e1de3db
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.54.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d45e60571361d8ec53e1680a3065b7967beb6a58bb571d89a710008e4e18578
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200
vary
Origin, Accept-Encoding
cf-request-id
0296bfdf270000caecd1b26200000001
x-request-id
59049c11da69caec-SEA
x-runtime
0.001737
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server
embeddable-app-server-6884ddfb58-rq756
cf-ray
59049c11da69caec-ARN
en-us.39cd5e9a02de31b5bebb.js
static.zdassets.com/web_widget/latest/locales/ Frame 7839 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us.39cd5e9a02de31b5bebb.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9ccd92da0f2945598b58ab70a3f546117b05134fbda7a6880c8f75f4525e96a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
693198
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
F4149F1794C32827
x-amz-id-2
Bgde4SO6C7NT25zOWLt7IPoWVKMD3gUuNCn1cwsthhphFdaPuwdhizNU28sjI66duqleX+tu+3M=
last-modified
Thu, 30 Apr 2020 00:18:02 GMT
server
cloudflare
etag
W/"39cd5e9a02de31b5bebb818a773ec707"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
vYrIAWP225HKoXfn0NlrDIHEf3baRRwj
cf-request-id
0296bfe03b00008695c8b8b200000001
cf-ray
59049c13984e8695-ARN
expires
Fri, 30 Apr 2021 00:18:01 GMT
ticket_fields
zoomus.zendesk.com/embeddable/ Frame 7839 		2 KB
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoomus.zendesk.com/embeddable/ticket_fields?locale=en-US
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.54.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca09d565bbd49dfda5f172cdd8678ce6bf9acf2d9d9d5a08b9e2a09b46fb09e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
strict-transport-security
max-age=31536000;
vary
Origin, Accept-Encoding
cf-request-id
0296bfe0900000caecd1b46200000001
x-request-id
58fbee100f62daac-SEA
x-runtime
0.015544
server
cloudflare
etag
W/"9ca09d565bbd49dfda5f172cdd8678ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public
x-zendesk-origin-server
embeddable-app-server-6884ddfb58-zfv4n
cf-ray
59049c14190ccaec-ARN
embeddable_blip
zoomus.zendesk.com/ Frame 7839 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoomus.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vMDg5NzZ1eWp0dGhlLmR1Y2tkbnMub3JnL2luZGV4LXpvb20ucGhwP2lqYmd0cmY9YW1GemIyNHVZbmxvWVcxQWJHVnVibUZ5TG1OdmJUbzZNZz09IiwidGltZSI6MTg0LCJsb2FkVGltZSI6NTEuNjE5OTk5OTgzODEzNjE0LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiSm9pbiBhIE1lZXRpbmcgLSBab29tIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgbWluaW11bS1zY2FsZT0xLjAiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6Ijg0OTU4MjkzMDNkYjY1ZDlmZDFlMjZkOWM3YWZhNjAyIiwic3VpZCI6IjNlZTRjNTgzMWNhOWNkODVjNzUzNDQyZmZhNzYyNGJlIiwidmVyc2lvbiI6IjQwNjMxZDcwZiIsInRpbWVzdGFtcCI6IjIwMjAtMDUtMDhUMTY6Mzg6MTEuOTMzWiIsInVybCI6Imh0dHBzOi8vMDg5NzZ1eWp0dGhlLmR1Y2tkbnMub3JnL2luZGV4LXpvb20ucGhwP2lqYmd0cmY9YW1GemIyNHVZbmxvWVcxQWJHVnVibUZ5TG1OdmJUbzZNZz09In0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.54.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 08 May 2020 16:38:12 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://08976uyjtthe.duckdns.org
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
cf-ray
59049c14aac6caec-ARN
content-length
0
cf-request-id
0296bfe0ed0000caecd1b4c200000001
alert.png
us04st1.zoom.us/static/93934/image/ 		859 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us04st1.zoom.us/static/93934/image/alert.png
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44a329fbe0cef0188b8c748badc469006d34b4371e004ebdbee41a165bc4b046

Request headers

Referer
https://us04st1.zoom.us/static/93934/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 08 May 2020 16:14:31 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified
Sun, 19 Apr 2020 06:21:00 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587276898/ctime:1587276898/gid:1003/gname:nginx/md5:8936f1b56b538865340e9f2a192518fb/mode:33204/mtime:1587271724/uid:1014/uname:nginx
age
1421
etag
"8936f1b56b538865340e9f2a192518fb"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
859
x-amz-cf-id
NPimQX9FkiTDPrvoDjt1Zl3DSa-xsHeIf0z_fAGzu3V8QpUlV6ugMg==
chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 7839 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 May 2020 16:38:12 GMT
cf-cache-status
DYNAMIC
x-amz-request-id
2E3FCBA0C9668A87
x-amz-server-side-encryption
AES256
cf-ray
59049c17b9bc8695-ARN
status
206
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
7CXxLkRnzMYR7wL28oU6Ube88biqjve4vgDncBJxSiJocG9QB8oYq3kzlpXOo2TOk2sqtsfusXE=
Content-Range
bytes 0-19697/19698
last-modified
Tue, 12 Feb 2019 01:07:53 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
x-amz-version-id
7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control
public, max-age=31536000
cf-request-id
0296bfe2d400008695c8b98200000001
content-type
audio/mpeg; charset=utf-8
expires
Wed, 12 Feb 2020 01:07:52 GMT
Cookie set offce.php
08976uyjtthe.duckdns.org/ Frame A50C 		197 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7629a4e0ddd9885fa40fe41d9ee754a41e1c48f5aacc2d4bb79e9db3d565f5a3

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__zlcmid=y6j7ReFL92wF3G
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=blva8svnqvf5gut1ov2157pu07; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set offce.php
08976uyjtthe.duckdns.org/ Frame 3BB2 		197 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7c18f711f93597255a7db999c6e7e9694198fac3923fe88d1e92f8f795574681

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__zlcmid=y6j7ReFL92wF3G
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=jkfbtkp2psiupranggqtdsaf86; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set offce.php
08976uyjtthe.duckdns.org/ Frame CB8A 		197 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f7dc5881472ff7efd43b5e55e2305ffc412b4152fe1f2f9cd265503945afab58

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__zlcmid=y6j7ReFL92wF3G
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=kokdo6g7o5ek3csg0h0h71kbt3; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set offce.php
08976uyjtthe.duckdns.org/ Frame 10B4 		197 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d480966ef929a2e3470eee5ebe5a21a219ecdb9566ee62713d0d725088ce59f0

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__zlcmid=y6j7ReFL92wF3G
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=okjrft5mu83uavbba8rkjm52n0; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set offce.php
08976uyjtthe.duckdns.org/ Frame 7839 		197 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
624d1952af26c7497ca81434a900c393dff64dbefc035a5df26817931c00c711

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__zlcmid=y6j7ReFL92wF3G
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=921m70qqkl9cff30vmq0hh55q1; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set offce.php
08976uyjtthe.duckdns.org/ Frame 3256 		197 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4a1723cd245de2a96f082db7481838ca5422b2a475025cc889aa27f3fe839ab7

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__zlcmid=y6j7ReFL92wF3G
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=2qip6a7q1s2pr1sf05d5q4c250; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set offce.php
08976uyjtthe.duckdns.org/ Frame F4AC 		197 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Requested by
Host: us04st1.zoom.us
URL: https://us04st1.zoom.us/static/93934/js/all.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
624d1952af26c7497ca81434a900c393dff64dbefc035a5df26817931c00c711

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__zlcmid=y6j7ReFL92wF3G
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/index-zoom.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=okm527tg5i8k7h5ecooo0uc2o4; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery-3.4.1.js
code.jquery.com/ Frame A50C 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955893.cds142.fr8.shn,1588955893.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame A50C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=589607
Strict-Transport-Security
max-age=31536000
Content-Length
1435
truncated
/ Frame A50C 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame A50C 		915 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:34:22 GMT
Content-MD5
HMwsHhNXdtrfirQDkzcqMA==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=343415
Strict-Transport-Security
max-age=31536000
Content-Length
263
ellipsis_grey.svg
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame A50C 		287 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
287
Content-Type
text/html; charset=iso-8859-1
prefetch(1).html
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 83C2 		287 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=blva8svnqvf5gut1ov2157pu07
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Length
287
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
bookmarks.php
donnashashimao.com/wp-includes/3/ Frame A50C 		553 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donnashashimao.com/wp-includes/3/bookmarks.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.160.128.110 , Nigeria, ASN328110 (Garanntor-Hosting-AS, NG),
Reverse DNS
128.160.164.in-addr.arpa
Software
Apache /
Resource Hash
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
jquery-3.4.1.js
code.jquery.com/ Frame 3BB2 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955893.cds142.fr8.shn,1588955893.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
jquery-3.4.1.js
code.jquery.com/ Frame 7839 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955893.cds142.fr8.shn,1588955893.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
jquery-3.4.1.js
code.jquery.com/ Frame CB8A 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955893.cds142.fr8.shn,1588955893.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
jquery-3.4.1.js
code.jquery.com/ Frame 10B4 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955893.cds142.fr8.shn,1588955893.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 10B4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=589577
Strict-Transport-Security
max-age=31536000
Content-Length
1435
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 3BB2 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=589521
Strict-Transport-Security
max-age=31536000
Content-Length
1435
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 7839 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=589555
Strict-Transport-Security
max-age=31536000
Content-Length
1435
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame CB8A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=589613
Strict-Transport-Security
max-age=31536000
Content-Length
1435
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 7839 		915 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:34:22 GMT
Content-MD5
HMwsHhNXdtrfirQDkzcqMA==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=343415
Strict-Transport-Security
max-age=31536000
Content-Length
263
ellipsis_grey.svg
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 7839 		287 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
287
Content-Type
text/html; charset=iso-8859-1
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 3BB2 		915 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:34:22 GMT
Content-MD5
HMwsHhNXdtrfirQDkzcqMA==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=343415
Strict-Transport-Security
max-age=31536000
Content-Length
263
ellipsis_grey.svg
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 3BB2 		287 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
287
Content-Type
text/html; charset=iso-8859-1
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 10B4 		915 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:34:22 GMT
Content-MD5
HMwsHhNXdtrfirQDkzcqMA==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=343415
Strict-Transport-Security
max-age=31536000
Content-Length
263
ellipsis_grey.svg
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 10B4 		287 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
287
Content-Type
text/html; charset=iso-8859-1
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame CB8A 		915 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:34:22 GMT
Content-MD5
HMwsHhNXdtrfirQDkzcqMA==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=343415
Strict-Transport-Security
max-age=31536000
Content-Length
263
ellipsis_grey.svg
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame CB8A 		287 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
287
Content-Type
text/html; charset=iso-8859-1
truncated
/ Frame 7839 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prefetch(1).html
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame B0B7 		287 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=2qip6a7q1s2pr1sf05d5q4c250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Length
287
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
truncated
/ Frame 3BB2 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prefetch(1).html
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 20C4 		287 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=2qip6a7q1s2pr1sf05d5q4c250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Length
287
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
truncated
/ Frame 10B4 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prefetch(1).html
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame D902 		287 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=2qip6a7q1s2pr1sf05d5q4c250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Length
287
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
truncated
/ Frame CB8A 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prefetch(1).html
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame BBBE 		287 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=2qip6a7q1s2pr1sf05d5q4c250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Length
287
Keep-Alive
timeout=5, max=96
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
jquery-3.4.1.js
code.jquery.com/ Frame 3256 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955893.cds142.fr8.shn,1588955893.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
bookmarks.php
betongmiennam.vn/HDImage/smiles/4/ Frame 7839 		553 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://betongmiennam.vn/HDImage/smiles/4/bookmarks.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.54.248.224 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 08 May 2020 16:38:15 GMT
content-encoding
br
server
nginx
x-microcachable
0
status
200
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
content-length
225
bookmarks.php
betongmiennam.vn/HDImage/smiles/1/ Frame 3BB2 		553 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://betongmiennam.vn/HDImage/smiles/1/bookmarks.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.54.248.224 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 08 May 2020 16:38:16 GMT
content-encoding
br
server
nginx
x-microcachable
0
status
200
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
content-length
225
bookmarks.php
donnashashimao.com/wp-includes/4/ Frame 10B4 		553 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donnashashimao.com/wp-includes/4/bookmarks.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.160.128.110 , Nigeria, ASN328110 (Garanntor-Hosting-AS, NG),
Reverse DNS
128.160.164.in-addr.arpa
Software
Apache /
Resource Hash
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
bookmarks.php
donnashashimao.com/wp-includes/2/ Frame CB8A 		553 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://donnashashimao.com/wp-includes/2/bookmarks.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.160.128.110 , Nigeria, ASN328110 (Garanntor-Hosting-AS, NG),
Reverse DNS
128.160.164.in-addr.arpa
Software
Apache /
Resource Hash
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 3256 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=589577
Strict-Transport-Security
max-age=31536000
Content-Length
1435
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame 3256 		915 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:34:22 GMT
Content-MD5
HMwsHhNXdtrfirQDkzcqMA==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=343415
Strict-Transport-Security
max-age=31536000
Content-Length
263
ellipsis_grey.svg
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 3256 		287 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
287
Content-Type
text/html; charset=iso-8859-1
truncated
/ Frame 3256 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prefetch(1).html
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 6F5A 		287 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=2qip6a7q1s2pr1sf05d5q4c250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Length
287
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
bookmarks.php
betongmiennam.vn/HDImage/smiles/5/ Frame 3256 		553 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://betongmiennam.vn/HDImage/smiles/5/bookmarks.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.54.248.224 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 08 May 2020 16:38:16 GMT
content-encoding
br
server
nginx
x-microcachable
0
status
200
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
content-length
225
jquery-3.4.1.js
code.jquery.com/ Frame F4AC 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Origin
https://08976uyjtthe.duckdns.org

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1588955890.dop160.fr8.t,1588955894.cds142.fr8.shn,1588955894.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame F4AC 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=589577
Strict-Transport-Security
max-age=31536000
Content-Length
1435
truncated
/ Frame F4AC 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame F4AC 		915 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:34:22 GMT
Content-MD5
HMwsHhNXdtrfirQDkzcqMA==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=343415
Strict-Transport-Security
max-age=31536000
Content-Length
263
ellipsis_grey.svg
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame F4AC 		287 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
287
Content-Type
text/html; charset=iso-8859-1
prefetch(1).html
08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/ Frame 0687 		287 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://08976uyjtthe.duckdns.org/Sign%20in%20to%20your%20account_files/prefetch(1).html
Requested by
Host: 08976uyjtthe.duckdns.org
URL: https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.129.195 , Netherlands, ASN200313 (INTERNET-IT, NL),
Reverse DNS
trtgbevrefbgr.duckdns.org
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474

Request headers

Host
08976uyjtthe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=okm527tg5i8k7h5ecooo0uc2o4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==

Response headers

Date
Fri, 08 May 2020 16:38:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Length
287
Keep-Alive
timeout=5, max=96
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
bookmarks.php
betongmiennam.vn/HDImage/smiles/4/ Frame F4AC 		553 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://betongmiennam.vn/HDImage/smiles/4/bookmarks.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.54.248.224 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 08 May 2020 16:38:16 GMT
content-encoding
br
server
nginx
x-microcachable
0
status
200
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
content-length
225
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame 7839 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/bannerlogo?ts=636578656107955967
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:50 GMT
Content-MD5
2ZEPKT8E7f4yIc92Qlko2w==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
3823
arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
aadcdn.msftauth.net/ests/2.1/content/images/ Frame 7839 		240 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A5) /
Resource Hash
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 08 May 2020 16:38:16 GMT
content-md5
fMCW2mqi26P4H8wcgmIVfA==
age
48153
x-cache
HIT
status
200
content-length
240
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:01 GMT
server
ECAcc (ska/F7A5)
etag
0x8D64101447ACB43
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
899f14bc-201e-005c-09e6-24518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame F4AC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/bannerlogo?ts=636578656107955967
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:50 GMT
Content-MD5
2ZEPKT8E7f4yIc92Qlko2w==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
3823
arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
aadcdn.msftauth.net/ests/2.1/content/images/ Frame F4AC 		240 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A5) /
Resource Hash
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 08 May 2020 16:38:16 GMT
content-md5
fMCW2mqi26P4H8wcgmIVfA==
age
48153
x-cache
HIT
status
200
content-length
240
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:01 GMT
server
ECAcc (ska/F7A5)
etag
0x8D64101447ACB43
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
899f14bc-201e-005c-09e6-24518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame 3256 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/bannerlogo?ts=636578656107955967
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:50 GMT
Content-MD5
2ZEPKT8E7f4yIc92Qlko2w==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
3823
arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
aadcdn.msftauth.net/ests/2.1/content/images/ Frame 3256 		240 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A5) /
Resource Hash
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 08 May 2020 16:38:16 GMT
content-md5
fMCW2mqi26P4H8wcgmIVfA==
age
48153
x-cache
HIT
status
200
content-length
240
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:01 GMT
server
ECAcc (ska/F7A5)
etag
0x8D64101447ACB43
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
899f14bc-201e-005c-09e6-24518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame A50C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/bannerlogo?ts=636578656107955967
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:50 GMT
Content-MD5
2ZEPKT8E7f4yIc92Qlko2w==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
3823
arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
aadcdn.msftauth.net/ests/2.1/content/images/ Frame A50C 		240 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A5) /
Resource Hash
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 08 May 2020 16:38:16 GMT
content-md5
fMCW2mqi26P4H8wcgmIVfA==
age
48153
x-cache
HIT
status
200
content-length
240
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:01 GMT
server
ECAcc (ska/F7A5)
etag
0x8D64101447ACB43
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
899f14bc-201e-005c-09e6-24518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
0-small.jpg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/backgrounds/ Frame A50C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/backgrounds/0-small.jpg?x=138bcee624fa04ef9b75e86211a9fe0d
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Sat, 18 May 2019 23:34:28 GMT
Content-MD5
E4vO5iT6BO+bdehiEan+DQ==
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=416754
Connection
keep-alive
Content-Length
3006
illustration
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame A50C 		195 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/illustration?ts=636578656089850434
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
4dff2894192f5c2ad14d194cda7fa621f2fab373dadfb8a3c89c1de26bd40352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:49 GMT
Content-MD5
vsuaIhy1PKQEvpTWfS1ARg==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
199618
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame 3BB2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/bannerlogo?ts=636578656107955967
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:50 GMT
Content-MD5
2ZEPKT8E7f4yIc92Qlko2w==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
3823
arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
aadcdn.msftauth.net/ests/2.1/content/images/ Frame 3BB2 		240 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A5) /
Resource Hash
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 08 May 2020 16:38:16 GMT
content-md5
fMCW2mqi26P4H8wcgmIVfA==
age
48153
x-cache
HIT
status
200
content-length
240
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:01 GMT
server
ECAcc (ska/F7A5)
etag
0x8D64101447ACB43
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
899f14bc-201e-005c-09e6-24518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame CB8A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/bannerlogo?ts=636578656107955967
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:16 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:50 GMT
Content-MD5
2ZEPKT8E7f4yIc92Qlko2w==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
3823
arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
aadcdn.msftauth.net/ests/2.1/content/images/ Frame CB8A 		240 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A5) /
Resource Hash
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 08 May 2020 16:38:16 GMT
content-md5
fMCW2mqi26P4H8wcgmIVfA==
age
48153
x-cache
HIT
status
200
content-length
240
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:01 GMT
server
ECAcc (ska/F7A5)
etag
0x8D64101447ACB43
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
899f14bc-201e-005c-09e6-24518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/ Frame 10B4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-swkcpqn0cz-622mm1pxug2mnk-qe9yfyi7gvg-s7bn8/logintenantbranding/0/bannerlogo?ts=636578656107955967
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:383::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 08 May 2020 16:38:21 GMT
Last-Modified
Wed, 28 Mar 2018 20:26:50 GMT
Content-MD5
2ZEPKT8E7f4yIc92Qlko2w==
Strict-Transport-Security
max-age=31536000
Content-Type
image/*
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86395
Connection
keep-alive
Content-Length
3823
arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
aadcdn.msftauth.net/ests/2.1/content/images/ Frame 10B4 		240 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A5) /
Resource Hash
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

Request headers

Referer
https://08976uyjtthe.duckdns.org/offce.php?ijbgtrf=amFzb24uYnloYW1AbGVubmFyLmNvbTo6Mg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 08 May 2020 16:38:21 GMT
content-md5
fMCW2mqi26P4H8wcgmIVfA==
age
48158
x-cache
HIT
status
200
content-length
240
x-ms-lease-status
unlocked
last-modified
Fri, 02 Nov 2018 20:25:01 GMT
server
ECAcc (ska/F7A5)
etag
0x8D64101447ACB43
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
899f14bc-201e-005c-09e6-24518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager function| postscribe object| dataLayer function| $ function| jQuery object| google_tag_data function| ga object| gaplugins object| jQuery11200061774527624088194 number| weSnsType function| Vue object| __core-js_shared__ object| ZoomUI object| zEWebpackACJsonp function| setImmediate function| clearImmediate function| zE function| zEmbed object| Notification object| core object| adaEmbed boolean| zEACLoaded function| $zopim

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

08976uyjtthe.duckdns.org
aadcdn.msftauth.net
betongmiennam.vn
code.jquery.com
donnashashimao.com
ekr.zdassets.com
secure.aadcdn.microsoftonline-p.com
static.ada.support
static.zdassets.com
us04st1.zoom.us
us04st2.zoom.us
us04st3.zoom.us
www.google-analytics.com
www.googletagmanager.com
zoomus.zendesk.com
103.54.248.224
104.16.54.111
104.18.74.113
13.225.87.27
152.199.23.37
164.160.128.110
185.212.129.195
2001:4de0:ac19::1:b:2b
2a00:1450:4001:809::2008
2a00:1450:4001:81b::200e
2a02:26f0:10c:383::35c1
54.230.183.36
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1289059a37f8c8bd3223113398a599190d29fc235e14316c815a30ca698823ce
135ef840464a27f1b9957a807648ab84dbebbfb2451742a18b8ab1b8202c5c00
16d59f448fad85694dcf6b01dd225bc0ac793e0332288560c07093c1addb8977
19e6cf0f91e11bca1034bd0d643a3b40453c2a9b7da835de5ef519e25c945200
1c70e5e4b2be35a82e7fc0652bc33fba74d31f682afa0b43ebb365846d6ab775
1e63ace57040569ef71ddec08c63bde0cdb1fb2d9e98027caaf84fa9258e7048
2eba0b7c41986f42b1c1e607e277cd7faeb67d4df0e591726abce63510978a04
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30f77a5ff0bcba46d4e760b0c939a5ff112da0d3ddd13a261834134e00cc21c7
414393f846ee49628f23e508d3e090194194aa3c9764a0b1ee58b1592e0964da
44357ce24dc7849c652fff42e5efc46b833e39f636f30a70aaf23b2bffe4cf05
44a329fbe0cef0188b8c748badc469006d34b4371e004ebdbee41a165bc4b046
4a1723cd245de2a96f082db7481838ca5422b2a475025cc889aa27f3fe839ab7
4dff2894192f5c2ad14d194cda7fa621f2fab373dadfb8a3c89c1de26bd40352
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5c19f7fb839c2c3a1a65e9e7be3ad25addb601da4570b1f48ec2f664380d9257
5d8fb476109ed3853d2fcf890632aa18d4f2a8d4deb7673e00b5ce865a629ab4
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
624d1952af26c7497ca81434a900c393dff64dbefc035a5df26817931c00c711
7039e768bdbe156a62aef72d5ac934d7c01f16f3a85cdac154de93ecea293f84
750b73a1663832e2beca47a22bddcdcd67352a8cf6be7b2ccc79abfecce092a8
751be2fc8f3ec00ea7d660c54f9d8e6f142b9a23fca7f82051ae02632e1bf2a9
7629a4e0ddd9885fa40fe41d9ee754a41e1c48f5aacc2d4bb79e9db3d565f5a3
7ad670a9a614b98557bd7f26eacd60bafa6dc95206fdce1a332d3794c39d674c
7c18f711f93597255a7db999c6e7e9694198fac3923fe88d1e92f8f795574681
81747fe54a6811efbcb03b0c3ec76abea95ee01c90368fbde2c3106f15ce36c7
84c386b5edb79a4f516cd83149326cfbbd51007b239311c49dcb8291af23821f
861fc904b3e056e62b3b86c3e2f7288cc9cc97907e40dab3e848cadf1c006056
8fa66ba23cd7ea04531c152990b5e9e803618bc60a6fa5aaeb986cec75fbc474
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9ca09d565bbd49dfda5f172cdd8678ce6bf9acf2d9d9d5a08b9e2a09b46fb09e
9d45e60571361d8ec53e1680a3065b7967beb6a58bb571d89a710008e4e18578
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83
ae17df15f37f143eb1e331e2e6df3de34d190f6873e6b047a13eba3c95989b80
b9ccd92da0f2945598b58ab70a3f546117b05134fbda7a6880c8f75f4525e96a
bc9c97a890f49e929233b91102b6d1290b1d2860f024a6c09efdb2cf9185fdf8
bfc264614472342649c0d1bb8ab4079a296630d71242c825b95f7ceb9d0f7abf
c3042a4dfb2cbe304a8d3b669ea5681fb401d6c5d49f7173a2ac8eb8d4e4ea00
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d480966ef929a2e3470eee5ebe5a21a219ecdb9566ee62713d0d725088ce59f0
d4a20f13da624492c82af240a759de12ab2a32f423fdbcd5a010a77992132432
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
f4c2ca6399c244ee31a7f61fd37cacd29bdb2be4966890d2024f186aae0291e1
f7dc5881472ff7efd43b5e55e2305ffc412b4152fe1f2f9cd265503945afab58
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea
fcbeda25edf157f78798414a55cc14a37c4bbfdd072b18de1b24da1805864c84