a.ljym1k.icu/assets/Guide-b915acd8.css
35.220.255.95200 OK 167 B URL GET HTTP/2 a.ljym1k.icu/assets/Guide-b915acd8.css
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
Hash 6e646cd14d0b5001d927f98b0152df35
102fb3acf536ab5c016e54512db152864821bd06
b915acd878290d75d9aaa86e9ac55b3d341b8924de20e774f2c2e62ef25f2fc9
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Guide-b915acd8.css HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: text/css
content-length: 167
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-a7"
expires: Tue, 16 Apr 2024 12:45:25 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/_plugin-vue_export-helper-c27b6911.js
35.220.255.95200 OK 91 B URL GET HTTP/2 a.ljym1k.icu/assets/_plugin-vue_export-helper-c27b6911.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
Hash 25e3a5dcaf00fb2b1ba0c8ecea6d2560
7850b3fd4aeb69387bdb5a60025d15c41351d5eb
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/_plugin-vue_export-helper-c27b6911.js HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.ljym1k.icu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: application/javascript
content-length: 91
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-5b"
expires: Tue, 16 Apr 2024 12:45:25 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/Guide-bc44a4d0.js
35.220.255.95200 OK 7.5 kB URL GET HTTP/2 a.ljym1k.icu/assets/Guide-bc44a4d0.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type gzip compressed data, from Unix
Hash c8100614a58ea1c60b15fc1aa173e448
7f31834f5e67b240fae942a9eb7368739a43c3db
7312a70ec9b8aff60448f7b967e64b2f8d95156e34c97f87f7ced7685a783a47
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Guide-bc44a4d0.js HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.ljym1k.icu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-2d9a"
expires: Tue, 16 Apr 2024 08:26:18 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a.ljym1k.icu/apple-touch-icon.png
35.220.255.95200 OK 4.8 kB URL GET HTTP/2 a.ljym1k.icu/apple-touch-icon.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type PNG image data, 194 x 194, 8-bit colormap, non-interlaced
Hash e872691e449e137aac21b048c42b9539
bc1d23d193fdee85fad4e0c392a512645d07dd30
8286d412dd31e8fab1f6d67092d86685fbc4f9702863f8262ce8fef566c96592
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /apple-touch-icon.png HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: image/png
content-length: 4803
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-12c3"
expires: Wed, 15 May 2024 08:26:26 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/img/favicon.png
35.220.255.95200 OK 787 B URL GET HTTP/2 a.ljym1k.icu/img/favicon.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash c5088e888c97ad440a61d247596f88e5
865a0d1bb7e1245e046c5e1bae988cce53330280
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /img/favicon.png HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: image/png
content-length: 787
last-modified: Tue, 19 Mar 2024 09:07:08 GMT
etag: "65f955bc-313"
expires: Sun, 21 Apr 2024 10:44:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/Index-5aec9a91.js
35.220.255.95200 OK 32 kB URL GET HTTP/2 a.ljym1k.icu/assets/Index-5aec9a91.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type gzip compressed data, from Unix
Hash 23aeed47f010260e491666060c2158c2
8bc67dbb5d27ee8fd1af4d7570f1016a47312187
3bb8f22f13658d35c8dbcc8b32f86a2a4c8b9bb01e35717f091af6e2955f4209
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Index-5aec9a91.js HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/assets/index-6965e7b9.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-e88e"
expires: Tue, 16 Apr 2024 08:26:18 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?56999c069800319574299541bbc6f466
103.235.46.191200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?56999c069800319574299541bbc6f466
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (629)
Hash 75c230dc03e4830bb9396848d873ef23
eecbce0ba94bc20eaee06fbfa00b8bab3acc71ff
3ffa8705a72c8a7cd2ab335aa34339d5edbcd4ae6d3e19950d22652da0e95722
GET /hm.js?56999c069800319574299541bbc6f466 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Tue, 16 Apr 2024 03:36:28 GMT
Etag: b924e5f6616f158fb1881f62caf2095a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=89516A2CDFEBEB62; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
a.ljym1k.icu/assets/en-1fe2d0b7.png
35.220.255.95200 OK 300 kB URL GET HTTP/2 a.ljym1k.icu/assets/en-1fe2d0b7.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type PNG image data, 750 x 1621, 8-bit colormap, non-interlaced
Size 300 kB (300024 bytes)
Hash 31ccf89bf040de48419e9cb90f700471
f7e2df3a00b162c2336cf0c929e70894c684898b
1fe2d0b753d23b34cfb679553079b1a943e7cbf2277c5f86193f0346877c42af
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/en-1fe2d0b7.png HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: image/png
content-length: 300024
last-modified: Tue, 19 Mar 2024 09:07:04 GMT
etag: "65f955b8-493f8"
expires: Sun, 21 Apr 2024 10:42:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=122289641&si=56999c069800319574299541bbc6f466&v=1.3.0&lv=1&sn=22619&r=0&ww=1280&u=https%3A%2F%2Fa.ljym1k.icu%2F%23%2F&tt=WhatsApp%20Web
103.235.46.191200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=122289641&si=56999c069800319574299541bbc6f466&v=1.3.0&lv=1&sn=22619&r=0&ww=1280&u=https%3A%2F%2Fa.ljym1k.icu%2F%23%2F&tt=WhatsApp%20Web
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=122289641&si=56999c069800319574299541bbc6f466&v=1.3.0&lv=1&sn=22619&r=0&ww=1280&u=https%3A%2F%2Fa.ljym1k.icu%2F%23%2F&tt=WhatsApp%20Web HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 16 Apr 2024 03:36:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E7E9E7EBB5092D19; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
katsellsrolla.com/api/registerChat
47.76.89.181204 No Content 0 B URL OPTIONS HTTP/2 katsellsrolla.com/api/registerChat
IP 47.76.89.181:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/registerChat HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://a.ljym1k.icu/
Origin: https://a.ljym1k.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:29 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/duihao-2f6339d6.png
35.220.255.95200 OK 18 kB URL GET HTTP/2 a.ljym1k.icu/assets/duihao-2f6339d6.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type PNG image data, 461 x 464, 8-bit/color RGBA, non-interlaced
Hash fa20d34143683442dbb6dff3ddba3102
b2a5fac1718e47e661ebdcc8cdfba0b7b23ceef2
2f6339d62088f4c277cccfb6dc83c72f1db263c20f353e5201210d1a031402c7
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/duihao-2f6339d6.png HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/png
content-length: 17553
last-modified: Tue, 19 Mar 2024 09:06:59 GMT
etag: "65f955b3-4491"
expires: Sun, 21 Apr 2024 10:42:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/laba-441f0c04.svg
35.220.255.95200 OK 2.5 kB URL GET HTTP/2 a.ljym1k.icu/assets/laba-441f0c04.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Hash a69c63844658e8b046e0ef34f794ab19
a5649a909d6e8c72d2f89c3e03a1bf31750d6162
441f0c04419ad2b737867bcf6bbb501b2095daf400918391608b46f0d721330a
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/laba-441f0c04.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/svg+xml
content-length: 2499
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-9c3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
katsellsrolla.com/api/webhook?event=msg.reload
47.76.89.181200 OK 0 B URL POST HTTP/2 katsellsrolla.com/api/webhook?event=msg.reload
IP 47.76.89.181:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/webhook?event=msg.reload HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://a.ljym1k.icu/
Origin: https://a.ljym1k.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:30 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
katsellsrolla.com/api/getSocketAddress
47.76.89.181200 OK 0 B URL POST HTTP/2 katsellsrolla.com/api/getSocketAddress
IP 47.76.89.181:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/getSocketAddress HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://a.ljym1k.icu/
Origin: https://a.ljym1k.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:30 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/photo-265cdaea.svg
35.220.255.95200 OK 140 kB URL GET HTTP/2 a.ljym1k.icu/assets/photo-265cdaea.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Size 140 kB (140125 bytes)
Hash 1cfbb750f23757aa09c2fd25fd8f5b90
0934bdb1906a8c5f6804d376fb58db621aee70af
265cdaeafd9290b671b7c8ac839c19f1f4dc2a306941303f03a415b0490aa52e
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/photo-265cdaea.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/svg+xml
content-length: 140125
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-2235d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/msgloadding-2dcd60de.svg
35.220.255.95200 OK 1.8 kB URL GET HTTP/2 a.ljym1k.icu/assets/msgloadding-2dcd60de.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Hash e5ad9f252400104557820922a28930c9
0798be5aa825f239554eec573ad9012a39048f77
2dcd60dec742f9917a82b6c39a2694b244327af1419a3862ca836122698d722f
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/msgloadding-2dcd60de.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/svg+xml
content-length: 1828
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-724"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/xiaolian-33f1b2b8.svg
35.220.255.95200 OK 2.4 kB URL GET HTTP/2 a.ljym1k.icu/assets/xiaolian-33f1b2b8.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Hash f710611094f42cbe754f0a692c81bad6
3a63c6fffd5986ccb9a341928d666f4bae2079c8
33f1b2b8beb484536f9f46e015b540ea3cb40362c310c6f07fdfe6274494bd7b
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/xiaolian-33f1b2b8.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/svg+xml
content-length: 2377
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-949"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
katsellsrolla.com/api/registerChat
47.76.89.181204 No Content 7.1 kB URL OPTIONS HTTP/2 katsellsrolla.com/api/registerChat
IP 47.76.89.181:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
File type Unicode text, UTF-8 text, with very long lines (5268)
Hash 4530d973b9fbda1e108fb651674dc4dd
3b12a6996c3f0e8eb9fdaa1d09887a086ac51b92
7a96219c53aca39832d05e956f1bf3435f25f06c73d8664171be382dafc5b4ce
POST /api/registerChat HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 20
Origin: https://a.ljym1k.icu
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:30 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/huixingzheng-98a8f77f.svg
35.220.255.95200 OK 3.6 kB URL GET HTTP/2 a.ljym1k.icu/assets/huixingzheng-98a8f77f.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Hash f251b50a44dfcbd47d64184512376fc6
276cfa8c809597977f4dec3466128d4ceac37930
98a8f77f2aca32a2a1b67788f514827c1373f589d5309f227a9c04d9bbf3e46d
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/huixingzheng-98a8f77f.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/svg+xml
content-length: 3561
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-de9"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/zhifeiji-60cee541.svg
35.220.255.95200 OK 1.5 kB URL GET HTTP/2 a.ljym1k.icu/assets/zhifeiji-60cee541.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Hash b4a8388ea60fa33dbafeb3cc1aeadc1a
6882dfa2e3fd20a882c6301d184da16f0e79842d
60cee5418382baf68ced87eb5309a12e542b29e968a12425402e5a60a0555166
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/zhifeiji-60cee541.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/svg+xml
content-length: 1527
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-5f7"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/bg-b0fa5029.png
35.220.255.95200 OK 88 kB URL GET HTTP/2 a.ljym1k.icu/assets/bg-b0fa5029.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type PNG image data, 540 x 981, 4-bit colormap, non-interlaced
Hash a4be512e7195b6b733d9110b408f075d
216772b72be47c45b2b975cc6d2ca591798cd09a
b0fa502976056ad9b9613c59d1f264b70da06afe9f3a03321602dfeb1575b158
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/bg-b0fa5029.png HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/assets/Index-f2e3fec1.css
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/png
content-length: 88534
last-modified: Tue, 19 Mar 2024 09:07:07 GMT
etag: "65f955bb-159d6"
expires: Sun, 21 Apr 2024 10:42:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/bg.png
35.220.255.95404 Not Found 146 B URL GET HTTP/2 a.ljym1k.icu/assets/bg.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/bg.png HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
katsellsrolla.com/wsapi/channel/messagesync
47.76.89.181200 OK 0 B URL POST HTTP/2 katsellsrolla.com/wsapi/channel/messagesync
IP 47.76.89.181:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /wsapi/channel/messagesync HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://a.ljym1k.icu/
Origin: https://a.ljym1k.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 16 Apr 2024 03:36:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, token, accept, origin, Cache-Control, X-Requested-With, appid, noncestr, sign, timestamp
access-control-allow-methods: POST, OPTIONS, GET, PUT,DELETE,PATCH
access-control-allow-origin: *
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
katsellsrolla.com/wsapi/channel/messagesync
47.76.89.181200 OK 66 B URL POST HTTP/2 katsellsrolla.com/wsapi/channel/messagesync
IP 47.76.89.181:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
Hash 2b23a9b90345473b8052b5e2c1841fc4
cd98328d7d120665cc77c4bf46bf2a3186b2453e
bb4f9144a8cbfa2e83d65e879979bc37e93824f9941fd90bd91be954ce2309fc
POST /wsapi/channel/messagesync HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 126
Origin: https://a.ljym1k.icu
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:31 GMT
content-type: application/json; charset=utf-8
content-length: 66
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, token, accept, origin, Cache-Control, X-Requested-With, appid, noncestr, sign, timestamp
access-control-allow-methods: POST, OPTIONS, GET, PUT,DELETE,PATCH
access-control-allow-origin: *
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
katsellsrolla.com/ws/
47.76.89.181 0 B IP 47.76.89.181:0
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/ HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://a.ljym1k.icu
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QKTWCHc8ZwlvDMoE/iRYfQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 16 Apr 2024 03:36:32 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XKauFh+3kcsRCmvROXdTHbIUmUs=
a.ljym1k.icu/assets/duihua-1ccb10f9.svg
35.220.255.95200 OK 88 kB URL GET HTTP/2 a.ljym1k.icu/assets/duihua-1ccb10f9.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Hash 2b9f4599159760a9ae92a6590c5b07af
d4ed568e8ea865a2073eeb8627bfddf4fac4a36b
1ccb10f9123fed78b3f869177d478d6ab5906600d51f41677dff0b4a40d635ab
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/duihua-1ccb10f9.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/assets/Index-f2e3fec1.css
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:33 GMT
content-type: image/svg+xml
content-length: 88240
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-158b0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/index-6965e7b9.js
35.220.255.95200 OK 1.5 MB URL GET HTTP/2 a.ljym1k.icu/assets/index-6965e7b9.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
Size 1.5 MB (1462300 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/index-6965e7b9.js HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:26 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-16501c"
expires: Tue, 16 Apr 2024 08:26:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/index-931903a7.css
35.220.255.95200 OK 524 kB URL GET HTTP/2 a.ljym1k.icu/assets/index-931903a7.css
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
Size 524 kB (523956 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/index-931903a7.css HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:26 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-7feb4"
expires: Tue, 16 Apr 2024 08:26:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/tupian-75b5624a.svg
35.220.255.95200 OK 1.9 kB URL GET HTTP/2 a.ljym1k.icu/assets/tupian-75b5624a.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type SVG Scalable Vector Graphics image
Hash 816f316361b3aac717a65167ebf85498
d09aa0438b52b65daa520f920c55751ec621942d
863949fab44d66f9f38e8a67788de3367a48f4b2ee3bf0f30da7ccfaddb5a203
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/tupian-75b5624a.svg HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238589; Hm_lpvt_56999c069800319574299541bbc6f466=1713238589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:30 GMT
content-type: image/svg+xml
content-length: 1888
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
etag: "661686a1-760"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ljym1k.icu/stylex.css
35.220.255.95200 OK 224 kB IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type ASCII text, with CRLF line terminators
Size 224 kB (224420 bytes)
Hash ec29913ddea7b670486fc5f1340a342b
abbbeacf67be5f19dabd146989f18e35f3b19fb3
a00f31e77b5364355e2f80e2ef9f65f879c30823bdda515bc31dc2145e5802ba
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /stylex.css HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:26 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-36ca4"
expires: Tue, 16 Apr 2024 08:26:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
katsellsrolla.com/ws/
47.76.89.181101 Switching Protocols 0 B IP 47.76.89.181:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectkatsellsrolla.com
Fingerprint6C:74:4F:75:4E:02:AC:86:9A:D6:21:84:D8:D8:04:A9:42:CD:1D:8B
ValidityWed, 28 Feb 2024 09:07:42 GMT - Tue, 28 May 2024 09:07:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/ HTTP/1.1
Host: katsellsrolla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://a.ljym1k.icu
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QKTWCHc8ZwlvDMoE/iRYfQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 16 Apr 2024 03:36:32 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XKauFh+3kcsRCmvROXdTHbIUmUs=
a.ljym1k.icu/index.css
35.220.255.95200 OK 327 kB IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
Size 327 kB (326636 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /index.css HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:26 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-4fbec"
expires: Tue, 16 Apr 2024 08:26:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
35.220.255.95200 OK 6.6 kB URL User Request GET HTTP/2 IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type HTML document, ASCII text, with very long lines (6978), with no line terminators
Hash 6cb3149f0c94309a7c0f65be32fc2ec7
48aa74c6832efcc164686070cd4de98b5990db4e
4b9a4c7344423eba7dcdc579c32c4d605f146ca775b6903db551a579fb571579
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET / HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:25 GMT
content-type: text/html
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-19f7"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/en-4020694c.js
35.220.255.95200 OK 2.5 kB URL GET HTTP/2 a.ljym1k.icu/assets/en-4020694c.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type Unicode text, UTF-8 text, with very long lines (2535), with no line terminators
Hash ae3d4eb4f17a3f6d16e01753f483f39d
09363789ce856e8fe77d6b885c7b19062b996969
bcb520d74acbdc9cb36e3102ebca9d4b06cc1377f88440aedbfbffea00712891
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/en-4020694c.js HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/assets/index-6965e7b9.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-9a4"
expires: Tue, 16 Apr 2024 08:26:18 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a.ljym1k.icu/app.css
35.220.255.95200 OK 240 kB IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
Size 240 kB (239722 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /app.css HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:26 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-3a86a"
expires: Tue, 16 Apr 2024 08:26:16 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a.ljym1k.icu/assets/Index-f2e3fec1.css
35.220.255.95200 OK 6.4 kB URL GET HTTP/2 a.ljym1k.icu/assets/Index-f2e3fec1.css
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjecta.ljym1k.icu
Fingerprint09:8C:EC:38:CB:B8:79:A2:89:41:44:16:7F:83:AA:BA:5A:82:3B:0F
ValidityMon, 15 Apr 2024 07:11:11 GMT - Sun, 14 Jul 2024 07:11:10 GMT
File type ASCII text, with very long lines (6388), with no line terminators
Hash 8e41baf983ab19b54e51426efad15fa8
73a2ab821d8fe8cf758f4cb0af99143b4339df29
645ba6df8f6eb85f2a7e17f2701eed5fe0668c25161f2c54a450742cdc7fcd4f
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Index-f2e3fec1.css HTTP/1.1
Host: a.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:28 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 12:31:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"661686a1-18f3"
expires: Tue, 16 Apr 2024 08:26:18 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2