r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12390
Expires: Tue, 22 Nov 2022 22:04:25 GMT
Date: Tue, 22 Nov 2022 18:37:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5645
Cache-Control: max-age=149245
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:55 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:05:20 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 18:09:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1716
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12192
Expires: Tue, 22 Nov 2022 22:01:07 GMT
Date: Tue, 22 Nov 2022 18:37:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5O0a0z/oZ1T5x5qh2iiWmfOgWHl6RotOf7kQ+kcua3xBbCxDB+hQDKgL2IeLBvOV3yxZYAfiWLI=
x-amz-request-id: Z7SA0CK9780X25GV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 17:42:39 GMT
age: 3316
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 18:37:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 18:11:10 GMT
cache-control: public,max-age=3600
age: 1606
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3207
Cache-Control: max-age=141746
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:56 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:00:22 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CbPMQKjQGgFaA/Hu66YsmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HC49vAZgIMbPXBFoNbeMuuTD30k=
aman.spiderxzone.com/js-zone/jquery.js
172.67.162.83200 OK 451 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/jquery.js
IP 172.67.162.83:0
File type exported SGML document, ASCII text, with very long lines (1757)
Hash 1abe5c025a16893ec52beb616bed7b16
9d69e05eeeecfb6f358bfa69e460168a7617f585
1dfae3417846d2cfbd7957679b81e8021a51949912e10b3101c71ca2f9d5dcb3
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/jquery.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8G40TzpSXmDXuqDCxnHS1xayo91HO8qpG579Gmcobxt6Up54uBQvc%2FM3Qw2BcR0qqDgVkR30HIkdQgWNTAIrsA5mpY%2BTLjVj8ILp8ZZUDpLPh2M17JeGTkd6SzAq8OyxXQvNEqp8Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c782fe440b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/css-zone/animate.css
172.67.162.83200 OK 4.7 kB URL HTTP/1.1 aman.spiderxzone.com/css-zone/animate.css
IP 172.67.162.83:0
Hash 0ddbd5b846bb5859630d16b3bc990ede
4cf068cfd4e70a216df3af2c8320a07ae9d642b5
9d3bd3d01b937e6bd482f1de2a9978f14fa132cf6d36784cc81f83d446ede16d
Analyzer Verdict Alert openphish Tencent
GET /css-zone/animate.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:35:12 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab%2BwTpWg081DAaUgn1EoBRxqeV4MiDMOv0fWRdCfkWRzY43VFNi7XzjhHTxBd%2FHlnF4g5SE%2F3JvemYko5St1JvVoQYI4wSaYyPT%2FE6u6HpcCdrVP5NvtWjB9Ut01hpGHGXPuGFHMrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c782e8ef0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/css-zone/twitter.css
172.67.162.83200 OK 718 B URL HTTP/1.1 aman.spiderxzone.com/css-zone/twitter.css
IP 172.67.162.83:0
Hash 2b641970dfedd25194e6e446c8f547ad
4ce3e69ef29814b3fe95969ea0095f38b18f9bee
18acde641f47d752f4090309ba6c33c35d9153de9668c0655c3f5dd69ad31756
Analyzer Verdict Alert openphish Tencent
GET /css-zone/twitter.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:35:06 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSvfgOX7BxNLJZYPKB4h39%2FD9ydIsAqg8%2BbbeirIUY8O0ZlJCY4m3XGXa0dszGPd6rFzt1qbnUprJKsUD3l7WnmB%2F3GmTAY8JaFewwSsv1421EghxMN%2BQthGcfEnySO%2BlLhoD%2BqrzA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c782c901b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/main-zone.js
172.67.162.83200 OK 345 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/main-zone.js
IP 172.67.162.83:0
File type ASCII text, with very long lines (316)
Hash bbae78527e745cb146a632161f3012f4
c882ece393db1074d14ce6f7a31bbd1a75b063f2
c14640cd35d53dc1c450da2a35643dbcaf9877fc7818bc796580801c80c64922
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/main-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtWzsROhlex7v4wf3N54URkzodFEO40sn04N1TVzGFa%2FgkCBKuQcGyWFI782K5qm%2B%2FOJUrzy%2Bm7FCZle0Mz8NY%2BLeUdgnBTsQdsQOoETp7GozmJk8LN%2B279I2O9N3Z%2BoNP8%2Bzic6%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7830e600b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/css-zone/facebook.css
172.67.162.83200 OK 848 B URL HTTP/1.1 aman.spiderxzone.com/css-zone/facebook.css
IP 172.67.162.83:0
Hash 6ccffc97f012d894133f797feced6435
b9ed09fb87d34d862c99b945207681d26eaee6e3
194e8028d5c92ec122b0ab14a9412f8afad57a2552dfef0f4f374359ee684421
Analyzer Verdict Alert openphish Tencent
GET /css-zone/facebook.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:35:00 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfp6OSjKKcvUB3Ol4WxPoJX9%2BNLQa0uk8hn56a2xcP9R8QgoPM79y07XpVWpITeXk2WYQyd%2F%2FEOxJd8KMsdcSfllfC3Yox9TTUjY1cUO0%2FF8vFHJnJt5wx%2B29g%2BdCAu%2FpqkTdm2hvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c782ccee0b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:37:57 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 519729
expires: Sun, 12 Nov 2023 18:37:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ducq8E5QwTR2Osnt2OawZYlYyFqdSoKfL6bV7CudBK3bKZO5RY0%2FC%2BHaC7YKJcPMcMWKdx3MvgMo3%2BHZP7lj%2B%2FWuYmVh2U1sy3954ReJAidBdoI8QdBdKAp9QWoSEgQJisGGTuEz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e3c7831de00b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 42fedb1a86b94c6b3b99fa650fd664e4
d1b2afb56e53a525a0eaeb99aea6338df256db49
1b5d3eb1928da6304b8a8ee0084390c521ad5c35521054c3961dbe316b914aa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5797
Cache-Control: max-age=136810
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:57 GMT
Etag: "637c73ca-116"
Expires: Thu, 24 Nov 2022 08:38:07 GMT
Last-Modified: Tue, 22 Nov 2022 07:01:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
aman.spiderxzone.com/js-zone/myScript.js
172.67.162.83200 OK 914 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/myScript.js
IP 172.67.162.83:0
File type ASCII text, with CRLF line terminators
Hash c048ffd6a1dd7017cb953dc191cca55c
537e5f100fa288111c4665e8c1e940a34db3edd9
a47d502804db4e687aaeff43f262fb5c56804079cf62937bd8c2599087bdfaca
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/myScript.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 20:22:34 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDDOT0Okpxnr9xiT%2FqCFSfQlAEYmjb1EAmJVU9E8OnBqnr3DAAIXw8kPtWRoJjgWJLQ8ONedUakqqqDe1%2FR1vhuf%2FPCeHMHe6gu6QxTBs5gHFspo5kaN0EwAN3JrqocORgKfGQEKmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c78319490b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aman.spiderxzone.com/
172.67.162.83200 OK 7.4 kB IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a3ba57ccc8885b2f49be9c8439b035f
30a3db53e7dbc486577aa79ce2fb3e873b7e9da3
045591da90e8c2df7e209a778d367bc2466ba092865d674b9851715faed3ef57
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVBKDdaFkcGV7pph7KcM8%2B742uJeW8J2pRnI56bM5bPW%2F4GuxUhXlrcq7BMqnIBdz%2BQaB63fnLxOuZovoCwpAgQyVEY%2BDflULA10kckiUdguiG03f2RFRpShwgPX%2BuZUd9eA0bhdPA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e3c776fb5c0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 42fedb1a86b94c6b3b99fa650fd664e4
d1b2afb56e53a525a0eaeb99aea6338df256db49
1b5d3eb1928da6304b8a8ee0084390c521ad5c35521054c3961dbe316b914aa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5797
Cache-Control: max-age=136810
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:57 GMT
Etag: "637c73ca-116"
Expires: Thu, 24 Nov 2022 08:38:07 GMT
Last-Modified: Tue, 22 Nov 2022 07:01:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
aman.spiderxzone.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.162.83200 OK 655 B URL HTTP/1.1 aman.spiderxzone.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.162.83:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 12:02:18 GMT
ETag: W/"637b68ca-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeA2G2L%2BR3z%2FGizW5ir8CA2lFy31H1mQno7Wgudg2OvAP%2FavGXa%2BEWwVbM83rnxZG%2BAF8bsNG8OxAfxVcG9Zg5nknkpSEVzJymuCw9wSjHGuYfoQdNVFCtW18auaLflmAOkBIL4gKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c783ba820b4d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 24 Nov 2022 18:37:57 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
aman.spiderxzone.com/js-zone/showHide.js
172.67.162.83200 OK 271 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/showHide.js
IP 172.67.162.83:0
File type ASCII text, with CRLF line terminators
Hash c1e6c83f41b89d5d1ca66813689c3789
cbd43e7839e1f890a36a44f8285908474d005592
d103f1797e8caa2616a4e722460c879a8722de36b8490989088c0326850ed044
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/showHide.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 20:55:18 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFb%2FgtRXLJYBp0rMv4KcciFla5HLTgy4mXHl6Bo4hl%2BkPGib61XJ2tjlaszL1Fjzg67XQ10kir%2FJAd3ETSfRcxSB95CaPiEXSd3PxOIU5wIMKxYNItZOLjMp9VbdIUdoEpBNsEtpjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c783bf4b0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/index_files/gift-zone.js
172.67.162.83200 OK 633 B URL HTTP/1.1 aman.spiderxzone.com/index_files/gift-zone.js
IP 172.67.162.83:0
Hash 36c66a5858739e6e4292644a69881502
c88534cd8a09aab21ef15eaee7ca3726584b0eb3
585e9d93d2a5e5eb3c781272abe9f16ded59439a48b5860ec4a321c991ac48d1
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/gift-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 02:07:42 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5zQzlxCZOF20ickE21PahhihO6DsaVb15cjB97qNVNx4hqY3O3%2FJEZcZWxGVnL2xKCwhTzX8o8LsPgzmBYfg7yQQAKzcE%2FgnQd%2FA5gY1p5qEOxnaCbVYXIoLCXyXWRYyVc63Rr4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c783baf4b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/Wg8qQxh/facebook-text.png
51.210.32.106200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 51.210.32.106:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 18:37:57 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11373
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:37:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11373
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:37:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11373
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:37:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11373
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:37:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:46 GMT
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
age: 74112
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 472ceca597feefba355fbd65998977b7
f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a
e201f706ba38f04ef07d74a67eec187ad8b882027b96b0e4e700162f96da422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7751
x-amzn-requestid: 577947ab-4fbe-4b07-944a-2b65cf5ed6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4UE9GJ9IAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63799a1f-1a26961e20c88cd54a613ddb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QB2RJo7NR7FMDRC7fC9eLMW99KR7andopIeu4qi0yp_tihE0vtpkXw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 03:41:51 GMT
age: 53767
etag: "f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eHLf2DFK-3yN5dEG22XItPxRzmODRdThIYJI2oZqDJpgTGQGSQnGzQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:46:07 GMT
age: 75111
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z_LKFsiB_s81UenxBOVg9_qX_7vBHUZix7XF8YguDCytRn5opLkLRA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:01:10 GMT
age: 74208
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: StZ9dxgY8W0WwUUqsxyeISFnbm_WGGcm_AMuo9dzfhF9Yp7wM0TMMg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 08:17:57 GMT
age: 37201
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:26:05 GMT
age: 72713
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.10200 OK 31 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.10:0
File type ASCII text, with very long lines (54448)
Hash fed21e642cd5675a19e588f002253775
460039bb471f1fe1e11187372bc04c39a090f721
35ee17759909913ddbcdb64073be3c9610af387e161b22e289cade6f58dac97e
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 18:37:57 GMT
date: Tue, 22 Nov 2022 18:37:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ibb.co/V9rgBqw/twitter-text.png
51.210.32.106200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 51.210.32.106:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 18:37:57 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
aman.spiderxzone.com/index_files/css
172.67.162.83200 OK 62 kB URL HTTP/1.1 aman.spiderxzone.com/index_files/css
IP 172.67.162.83:0
File type ASCII text, with very long lines (1116)
Hash 755df17a408beddb747e36f27ae4dedc
53daa61ef477c0badec68fa8942cb5ffce0c38b0
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:57 GMT
Content-Length: 62268
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 02:07:42 GMT
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nyoabc0frGlE2954IiIsv%2BGpx4f2pmaVbROfPJrRw%2FE1FvpfsXGphTs8JMvOkANvtTv%2FzeYF%2Bkb%2F2vO43HOGvLhYpWaOdRiZ%2FOS9bL5RHPH3xRZ3yU5wGlOZvD6Pbboy65Pvt8QaoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e3c782cc16b51e-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/2.png
172.67.162.83200 OK 110 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/2.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit/color RGB, non-interlaced\012- data
Size 110 kB (110283 bytes)
Hash fc6e6ec06fb06a618e32e51417ca4d35
458dff8a8a63c1e1969f5e4e400a53128eb0e5f0
4298ea09700ee2e78b5a6e7d2a360594ec73dc40741c1eac050f2f940b4b6f0d
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/2.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 110283
Connection: keep-alive
Last-Modified: Sat, 09 Apr 2022 01:43:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1044
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upeWysd9AcvtSbJ9mlVIEDGlyk%2B9RcfFZufhRkSEzUMtWGGU8JmQL1j8rCJn8i172%2BN4RFKu6mGjgjQMV2NiHhakJB87xlsH%2BUz5O4uwxtQ66jrLBRD8bc4BBKOeTnEDE3z1k1GdSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c787df280b06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow3.jpg
172.67.162.83200 OK 89 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow3.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash d63282859041ae505812a3c4d1cb2b61
052a671b7c74b531fd6adfbe7c3c533d7f62d262
b729b39e16835ee80d5c5434e51e8395deba552f4a1d0270cd34cc8619f84ed1
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow3.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 89117
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:12 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9yzMBBtEP4MmFJ3%2BwXLxk43oRHI%2B7ZgSOGnd7lBYXh7%2FheYn8s88SMYA0bK68h1wjX5tBUO1gmuyiZGOM7XsDE6fcYPgN%2BEuPDaHNO8FJGzJ%2BGKvLyhkyIMxNsUSn6AI%2BVOIYT4dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c787dc13b518-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow2.jpg
172.67.162.83200 OK 136 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow2.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 136 kB (135949 bytes)
Hash 9ca747ee4f0c5e833aa37488043b3984
c7be6939a60572d600112c333da532377a271fde
01337835dae793c7e862e41e6dca79b61df20018f699aa7bc05c6d7624a00fc9
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow2.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 135949
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjyBjRx6PLFwOIV1I1neFs0R%2Fi8Zw4CmaJHzp1JZofK8n7ZHaer5293kpc5AXKV%2FCOZSK0kXIfVCJ2qm1LByfYeGGrL5ImI7mhcIJQpdHlZSB%2BJeWh1C4XW4EI%2FOWMBoSEd1uA%2B20Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c787dd500b55-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/navbar-logo.jpg
172.67.162.83200 OK 54 kB URL HTTP/1.1 aman.spiderxzone.com/img/navbar-logo.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 4511c6cadf17a4d5a00887af7ec3f804
094331f330f8f361d7caef2363f02516c7e3fd0e
e18e70580a9943863f8a143e4d1eea7fa213ed4e82a735b70540390d4fa8202f
Analyzer Verdict Alert openphish Tencent
GET /img/navbar-logo.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 53812
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:42:44 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkOLMrJnmTy4epRpmr4s6egWtINC0n5pC05Ajks5J3n3e52A5OvAQ9dwM3PF83vsmp6DCmvNZg5ljnSyZqTb7BUIIJm%2BspkLVfkjAWXyKk8ctg%2BjUmAVQoYhSDvJ7hLZL6L58VQURw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c787ff4b0b06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/zero-zone.js
172.67.162.83200 OK 360 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/zero-zone.js
IP 172.67.162.83:0
File type exported SGML document, ASCII text, with very long lines (612)
Hash f5f344af95f2ea78322ba0231c998ad2
2cba1787df5a060739fc914ce979b71ec649b038
b3c218d6b3ec189d95b6b97ec73d66f4665101a0cad0709753df919c520ba205
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/zero-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObQVQ0Bp5csaml2kVQTdvk5XiH%2BAjbQzlAswxxNA9goJ0LnnWTvNIHg9mBePnhVk6BX9%2F9tAUYR%2FNjUeR7U3KzIC8JG96uxKZnQEWKeZfSZf5wP2nIq5QqkUgIMFBzIswoodr2E7LA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7880d7b0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/5.png
172.67.162.83200 OK 70 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/5.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 840202786fb8cf8798954fe12984ebc5
9e17b584527d834cc9f7102d0ee937ff20638ea7
99121c3df4ee30cf2c7e47a1df3899a9cc2daef72a03a0e2ec5dc2d6a9bc788c
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/5.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 69915
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 02:07:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvLcB7EzEPJpPT1Lp3lFdnyWoRIFhF5hYz1WojXggxbfQDAE9InA3bJddg8drwX8Lr5G%2F1fhkfVhpD1gIFedHQpgVAcaB7y2El%2B5wclS8WlD2nTkNFulxW9SWXwv%2Bqh20hgdWSx13w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7881f700b06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/alert-zone.js
172.67.162.83200 OK 17 kB URL HTTP/1.1 aman.spiderxzone.com/js-zone/alert-zone.js
IP 172.67.162.83:0
File type ASCII text, with very long lines (64301)
Hash e8b74c6795976bb00b39192913be9a32
dda8e1b9a91bfe6ddca677812c4968291e28786a
00da874465ecd5632f1b7461cf7f65f9aa53bce8408b23775d70f08d6a963322
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/alert-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izi%2BqMq%2FCkvrzSg1woPHV91m3R3IbBO%2Fs5P6DgqupQr2Zr4DoZJIwdsAwpnZxLhr5%2F8UfAlOfV7ccOsTZq2%2BeSpZvWZALWLG09lrDydH1LtgESdWQMLwNNvrB9qpGf4ComTolAptUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c787fc39b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow5.jpg
172.67.162.83200 OK 85 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow5.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 64cb4ad2ef4177c17f4107dc40153b9a
064408d6ba6c58b196cfe38d5176ef2650828e97
9adf0d4afb097f242155bb25bf0312796fb090930933811607fb8317eb552df5
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow5.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 85221
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1044
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gik9T2uCfLyyvO1gcr9GBdKvurenwzawFXu%2F4esxXstthp5MbK3DiIbnAi8lOA17sDvUwJ9J8MRFbuH9jZShIwD8Dce%2FsyLsTfHumbgvI3DxyN20%2BFn%2B4sFJ0r5AXRdszDaBo1uUXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7883fb00b06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/3.png
172.67.162.83200 OK 65 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/3.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 00e6ccc0d669cf2f2afee9269ba9f143
5db515dd4ae9de0fc50a0fe99401555030884a2a
e1810d6a3b92339792f025ae3ccabf3ebc24ad3d4d3457f0c27114810a3145d7
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/3.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 65013
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 02:07:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2krevoSW7rtEAzA6RD72mYmRCpDdAnP4sFnoNXjM1c%2BYf2ggZFw52DY%2FFkmll7859MXO8nF1QJLUTU5M%2BruGGXCdE163i4q%2FYFXei4o%2FxzBKF7Fm3RrW1E4Fu5KsrtWgLqfu9gvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7884a0ab51e-OSL
alt-svc: h2=":443"; ma=60
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 66 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 2c5aaaba512c0239d8a3aa772b78b4b3
a9bb58b95ef3ab0dcd362fe1370d280e3d3ead6f
ba8e469ef9c7d405dfbbc04ecd06b5ba8be4a03e3eea3dea020a3c279586e5cf
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aman.spiderxzone.com
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:37:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 076ca476f432859e337278e8ca93a377
cdn-cache: HIT
cf-cache-status: HIT
age: 48881
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76e3c7833d52b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aman.spiderxzone.com/img/rewards/6.png
172.67.162.83200 OK 32 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/6.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash c50b328e96b8c6046e1ddef43eed8dfa
0ceb516def198e3d017353276cde67428b66c537
636bd3eddf7c2f8c9b91fbb837ff0fb06e132fdcc038aa0acb4ff6807d3139e7
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/6.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 32021
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 18:06:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoqsJoo9m9TZ6DEtxmHBjSkayf5LwV2Y8Vln5zEBcfgkETzG2yidbYDmVQuMukkZAjtD2xtjRVuP3otvuew3AmjELCkYxEvEX2JlAyUgYXbY7XTBzQrpV1B6d6%2BkEbKZNuVdVhUq%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7884cc6b518-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css2?family=Teko&display=swap
142.250.74.10200 OK 37 kB URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP 142.250.74.10:0
Hash defa7bd0e53a4d3a3876339862fc8419
bfa7e4d6b0ecb6d4994541cbf31c4d3ae3308b29
1c667e6e64fe814aeaa631e33bfc33833dd186805d6c2a8d58640f59c7b33f98
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 18:37:57 GMT
date: Tue, 22 Nov 2022 18:37:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97e6fe59873179c3661a942d7c702ba6
ff5f7eae72b367e81314d15e86d6cd40f5c1a22e
cb4c824114873bb4887c24c466804a43a1d35e10840c512dda30697b1299f729
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB4C824114873BB4887C24C466804A43A1D35E10840C512DDA30697B1299F729"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6605
Expires: Tue, 22 Nov 2022 20:28:03 GMT
Date: Tue, 22 Nov 2022 18:37:58 GMT
Connection: keep-alive
aman.spiderxzone.com/css-zone/zero-zone.css
172.67.162.83200 OK 986 B URL HTTP/1.1 aman.spiderxzone.com/css-zone/zero-zone.css
IP 172.67.162.83:0
File type ASCII text, with CRLF line terminators
Hash 16bcdfa8808c51e9911df399900121d2
677e950e66aa8626bf96c823227a6c8b9afb8a63
2f093d5ee4ad270b7d703366075ff2cf681b19969778be05e141f4b79907ca0f
Analyzer Verdict Alert openphish Tencent
GET /css-zone/zero-zone.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 20:19:52 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1044
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqwQ8%2FKxVQ0bZLOBhyBA3634AcMDs0np6UvUjkzIhQYIWp4fJTgrU7Idw%2B3CZP4xqhGgePAlq%2BgAeSLq2CqG5xcXM7LiDQVnrQtT4JUe64lQjlgmHJr%2FSA%2FqdDLIqfm4Jmno5StSXA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c78878030b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/css-zone/style-zone.css
172.67.162.83200 OK 5.0 kB URL HTTP/1.1 aman.spiderxzone.com/css-zone/style-zone.css
IP 172.67.162.83:0
File type ASCII text, with very long lines (411), with CRLF line terminators
Hash cddce1692c9467ef86e2da7b9223cc4b
e67a0102d172959ca97cd8761e565df60e58a01c
79eb4caacc1bcbbb5ffef3b9eb61f5c616cfab31f9bd5fc67269182377c45c7e
Analyzer Verdict Alert openphish Tencent
GET /css-zone/style-zone.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 20:56:38 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1044
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmSY6oUhHH%2BP9o3XTzMQJNK%2Bq4U6josQj%2FnkDOWc%2BBxV5biKkZGRDyWqUmDd7VLAkUrULEUgqum411K4Vx%2FSUpPsh0nILb65ucboc7JeeYvadLs%2Bl5uRirVatDX0l5bsRFAz8xO8Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7887a86b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/batas.png
172.67.162.83200 OK 6.6 kB URL HTTP/1.1 aman.spiderxzone.com/img/batas.png
IP 172.67.162.83:0
File type PNG image data, 1053 x 101, 8-bit colormap, non-interlaced\012- data
Hash 54ef8b386795dece8f3e858711963cdf
3aac834009cd9cd34c0d3e2f099636d1b112e61f
ee74e42dd569302edec83c4353f03e0bf4f4710337047549587dc4c339c4fbc0
Analyzer Verdict Alert openphish Tencent
GET /img/batas.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 6562
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:54 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1045
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9I3xYmerkIu4FLz3Mlk792df710C1TXCsqz0MEjUlYPYDEPxqjzl7eN7UMmpFOaG3gpqKL2zS8BfTHqSkLehl2ciydSKcEPWDpXBbiQRpNEGAdZPuUTGbRe9jX8qEDW0qLW7kMIUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7889e520b55-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow4.jpg
172.67.162.83200 OK 124 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow4.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 124 kB (123831 bytes)
Hash 8517db42ba1d14fb2d3acd371917b9af
7a60887f435c625ef8e6b24e6c7e9a57172e9398
8f2f26a3f13dc141412527941fcfa218ea8cfbb391a56bc6eadff3d2fb5f8f4f
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow4.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 123831
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOrfx%2Fcz7ZpdZJUo57BfNGElGyfoglIeFmPbzBdn9VJysuvtGrTAhliw0lYR6uoWhmKMkOz0Zw2TKEEt%2BqT3sRsX3Gwls5OTeyT8ZnJYd1WgKP3MJiSPtHhhmGIr2LkFvqAt0mwl6A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788ab42b51e-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/footer.png
172.67.162.83200 OK 23 kB URL HTTP/1.1 aman.spiderxzone.com/img/footer.png
IP 172.67.162.83:0
File type PNG image data, 1280 x 189, 8-bit colormap, non-interlaced\012- data
Hash c6b56cf1fbbb63620e8558afde759e96
4d50888d8a17c2dcdbd05e6068ca4b4b587c7f29
34f7601064bb7cc3cce9ba942dd92d7f53889c703daea37bf34e1e71a1de03f8
Analyzer Verdict Alert openphish Tencent
GET /img/footer.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 22718
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1045
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hv%2BtpEu3Wiq%2FjpD9YeQgUhGsRus36fdAkZzAy0cMVknwLT8qmCfZLvldtfIA72O%2F2IEu3otI5kdTY1vaMe61C%2B8SYnkGyrdmIT5OrFBFxj6MjrktFVNI3DPeGmrGmGIbsVgdb7jEAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788be820b55-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/container.jpg
172.67.162.83200 OK 170 kB URL HTTP/1.1 aman.spiderxzone.com/img/container.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1496, components 3\012- data
Size 170 kB (169559 bytes)
Hash 7517fd35c7a881fafaa73dec51a99685
0a47f4beda292278ead0efeff34da297dedb52f3
6acc9309d234b25eeaab4cb8e88d23088698a8d36fa58202789e984234ed5a8d
Analyzer Verdict Alert openphish Tencent
GET /img/container.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/css-zone/style-zone.css
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 169559
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:39:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1044
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egHeeFC9Us61c4TRvwdlt4vh35Pp2AdDqfNgWYdnp8mtCcNA5lLFXPzo73EydfJi1n3UMWuMh4Xzbp1HgGZYtk35JFN13wy9EhjfCfNK%2Bfj3Xfg8zeuvzOhfTyCXSZcN0YycuUcpeA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788cdadb518-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/4.png
172.67.162.83200 OK 38 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/4.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 84ba0d22e66006a69af8121b7ea26759
9c2da0735583d2dd238e713c3cca76ff1260730f
63b6a402554eb2ce8f9e9197b9a69f77649ef9c5a47bb0ce1fca9a4028279ece
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/4.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 38328
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 18:06:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1046
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WccR7PjADs1JNCR48nymo7XOORnf1HJcA4SIot1GfrQYBzB1fidpZeLmB9y0200jTI1zoiumKg2xViZW9zXrAt%2BLcaQ25dcKOz2hln6kxudxGldCg2G%2BMeeDMhP7QMuiTeE53N3Slg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788c8b10b06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/bg.png
172.67.162.83200 OK 13 kB URL HTTP/1.1 aman.spiderxzone.com/img/bg.png
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 805x1280, components 3\012- data
Hash be9fd39d71175e313b08cb027b0819bd
8f86d450d9c83db3f74f819aecdeed4277e9cf6e
d54bfc59ee12f6f83159b3293d9f294a3e5a63e09ab4271554aaf5ba81298f55
Analyzer Verdict Alert openphish Tencent
GET /img/bg.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/css-zone/style-zone.css
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 12884
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:39:46 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1043
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsCjV1GgPCCYVCoOPpWfNnXViAbpH44onNX5p3yylhpteIjJO%2B7KD1DjcPL6EbHTmD46Vo0oOgDLo%2FkN%2BTxveMgjccRNspbi81xN3ZE12zF028TTwOvaXpgj7jNEz%2FZIdrSEpV0AMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788dea50b55-OSL
alt-svc: h2=":443"; ma=60
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 22 Nov 2022 18:37:58 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 23 Nov 2022 18:14:38 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 22 Nov 2022 20:37:58 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
aman.spiderxzone.com/img/selow.jpg
172.67.162.83200 OK 49 kB URL HTTP/1.1 aman.spiderxzone.com/img/selow.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x386, components 3\012- data
Hash 629463fa5382a9c117d3eb59f0d3c3d2
f6afaa590eeded8b30e06cbcdb1d548bb368cf3f
5e264720e7dbbc0e58bd86a2ea91e8da3fa979183dd5fad1cb47d2133ddc19cf
Analyzer Verdict Alert openphish Tencent
GET /img/selow.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 48566
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:42:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1043
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRQ3g%2BRh83SdonpXbzfvgdvFOzIxmXq8d4ezJ0XHS4nKckPI0T%2FbhqVhHi7eRLxQmpYkP8dWUNBp%2Fc2DSxKMWh5ChdZ8wpFby7%2BQ2fLRsQHt%2BJfNtxEvIdESj%2FG%2BqJVQEYyp4XDYWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788dbb0b51e-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/fonts/selow.woff2
172.67.162.83200 OK 22 kB URL HTTP/1.1 aman.spiderxzone.com/fonts/selow.woff2
IP 172.67.162.83:0
File type Web Open Font Format (Version 2), TrueType, length 22220, version 1.0\012- data
Hash 345579e8566a3dd6dc9feb5362fbe7e1
df075dd0c26e72fd7df19948f07904c1eaa72ded
1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /fonts/selow.woff2 HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: font/woff2
Content-Length: 22220
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:45:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1043
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaUGjDFcLq1lI3CFf9Z8kTqdXxEcLc4mdjPubpWxvq%2BWjBLJ7ZFnP8qFU%2BgAsm4AQBnuowiPXxrlPzkT7cz5Y15K6evIyBVqvuOaLjJiVnYft%2FFRtAVYylT2M2fnzZRaD%2B5JSIvepA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788ee2db518-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow1.jpg
172.67.162.83200 OK 18 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow1.jpg
IP 172.67.162.83:0
File type PNG image data, 480 x 150, 8-bit colormap, non-interlaced\012- data
Hash 01f3fab005a89aeb477b463d2da6eb12
fa343e0be37e977e566cb3df54cab025cce1013e
714c538d7eca20ec4bb71456efcaa62b4e738da4a141ba90ef35717085a6be4a
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow1.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/jpeg
Content-Length: 126828
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:04 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1047
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s49%2FGes3o8hi6YZbS46XG4Ok1ttgMGkiJkpljh%2FUrFYBZ5mG1NDh0okjzzeBVu%2FVt5NbkNUDiEU%2BDTml6JSUO8ejdWEAqIY3b9zFvkK7ZmwHZdto05AhweiApKh3K%2FRyUb1Tw2WcPA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c787d87bb51e-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/alerts.png
172.67.162.83200 OK 17 kB URL HTTP/1.1 aman.spiderxzone.com/img/alerts.png
IP 172.67.162.83:0
File type PNG image data, 480 x 103, 8-bit colormap, non-interlaced\012- data
Hash 0bd1484d59e51865670cdf761a36df85
b1705c48b19e4d132a92a46a4e897338c36ce135
eb3dafc4d24a106d27c22489b483af93908114dbc4a8e0e27302adc8d2cb5fba
Analyzer Verdict Alert openphish Tencent
GET /img/alerts.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 17160
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:46:34 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1042
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXQuj6RHsZVii%2B6Ca49CRfVLieB9HQYPPRJYdOskWGeLIAR068S9SPXB7cUucgue1iUe9l6IvbGL7ozCSIIBRY1%2Fw7%2BKaZ06oh0RinxAqzgS6RV8b0w9P6zoBh%2BWejKMnXkeIpaMIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c788f8ee0b06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/selowbro.png
172.67.162.83200 OK 40 kB URL HTTP/1.1 aman.spiderxzone.com/img/selowbro.png
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x346, components 3\012- data
Hash 7ff41be72c5f5aba38b567b66f3e1a5b
dbe85c6c87a9b80588dd7cfca5d4a16b1a38c1f8
8646abbfdab6206acef83f578d9408ca574736e1d33fdfe449b781ddf015d57b
Analyzer Verdict Alert openphish Tencent
GET /img/selowbro.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 40442
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:48:04 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1041
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1DvRkbRWQp7q9bgS7j7UIijsBk4iFBAXp8L7eSXbbPU9Bl5tRY4j7%2FkMjxxYR28Yfh8Z7ltEhLVv5tZgmmXLdIgD1b0wobfJsiE7fiNjd3qL%2BqcYDPtJM%2BK0aqXsB45Ip3HGrbtAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7890e6bb518-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/bg-det.png
172.67.162.83200 OK 2.1 kB URL HTTP/1.1 aman.spiderxzone.com/img/bg-det.png
IP 172.67.162.83:0
File type PNG image data, 480 x 76, 8-bit colormap, non-interlaced\012- data
Hash 0e9a4fd0efb7b72c1c512ea7f343e0a1
0ce7e490cd726e11ec891905b5a6acacf5be2119
1a7b248a69e3ad9dce220979cbe1ec4d5a97a1deacd4d71a188db1dd0eca90ff
Analyzer Verdict Alert openphish Tencent
GET /img/bg-det.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 2082
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:48:10 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1042
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zActRznL6Q9QvqjX3Hzy4GIjz0CEB31ovoXwcSCiApsCZzjtcIcN%2B4%2FA5Rj8oqiqYHiyntWLK1Rqe%2FDSeHMMPiwNSydSrjX88pqYyWEu9J%2FahGcMGK7Bk0%2Fil4MuvfT9X6zhFktr9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7890f080b55-OSL
alt-svc: h2=":443"; ma=60
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.11.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://aman.spiderxzone.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:37:58 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b54e3a81a05502edeb1d19dcb84fb99c
cdn-cache: HIT
cf-cache-status: HIT
age: 48872
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76e3c788f8f6b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aman.spiderxzone.com/img/se3low-login.png
172.67.162.83200 OK 349 kB URL HTTP/1.1 aman.spiderxzone.com/img/se3low-login.png
IP 172.67.162.83:0
File type PNG image data, 1679 x 917, 8-bit colormap, non-interlaced\012- data
Size 349 kB (349278 bytes)
Hash 949602b2db369f62d3d83215eea3b65a
c68f8c05a96bf5b04e7873595a0c910808594fed
0e3da482a685e14badc7a21867b3468d6090035099d43090ec6e12a82456c714
Analyzer Verdict Alert openphish Tencent
GET /img/se3low-login.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 349278
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:40:56 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1041
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nDkfmygp2KuDL63h2q2WnFYH03dd%2FQJEucU4tBf7WwDUEP5%2BjA%2Fk%2BuahHrPJ%2B2MruNBMKQc2VnhsvNn6q6S2mKY1eT2xtKIt0QijjbE9nM4jR5JXOSXXumE%2B%2FmI5NCWKNrve3RM8w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7892c68b51e-OSL
alt-svc: h2=":443"; ma=60
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 22 Nov 2022 18:37:58 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 23 Nov 2022 18:14:38 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 22 Nov 2022 20:37:58 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://aman.spiderxzone.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:50:24 GMT
expires: Thu, 16 Nov 2023 21:50:24 GMT
cache-control: public, max-age=31536000
age: 506854
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.250200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=284
expires: Tue, 22 Nov 2022 18:42:42 GMT
date: Tue, 22 Nov 2022 18:37:58 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_shop.svg
23.36.76.250200 OK 526 B URL HTTP/2 www.pubgmobile.com/en/images/nav_shop.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Hash ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 22 Nov 2022 18:37:58 GMT
content-length: 526
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_download.svg
23.36.76.250200 OK 485 B URL HTTP/2 www.pubgmobile.com/en/images/nav_download.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Hash 105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 22 Nov 2022 18:37:58 GMT
content-length: 485
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_language.svg
23.36.76.250200 OK 675 B URL HTTP/2 www.pubgmobile.com/en/images/nav_language.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Hash 77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 22 Nov 2022 18:37:58 GMT
content-length: 675
X-Firefox-Spdy: h2
aman.spiderxzone.com/js-zone/slider.js
172.67.162.83404 Not Found 238 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/slider.js
IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/slider.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 404 Not Found
Date: Tue, 22 Nov 2022 18:37:59 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0ls8FDYDZv8nEDW%2FkNRiGkVxkaqHkZLDlZhJFR382voxZP85cbeA%2Bnd7ud%2B2YJR9oGGBQtoxHMZmWxxRAdr8y556xQXf0y%2FIDeHqBQ4TiJPD9%2Bz2CJfH72tt1OQwJj%2Bb0roz4QK6w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c783bf530b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/script.js
172.67.162.83404 Not Found 238 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/script.js
IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/script.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 404 Not Found
Date: Tue, 22 Nov 2022 18:37:59 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6gsL1Qe9o%2BnKYlewR%2BS%2Bb14INOSmV3870kxOkCjDBn8jXobNxxPXXOTaIJj9A44I%2Bx8YV3oxlsRo%2Brn6PqEXDb34E91c1Q%2BtugJx6ELqxlHORWk46lWawZP34jbsdbT6bXKWlbVOw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c783ba8a0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/media/spin.mp3
172.67.162.83206 Partial Content 133 kB URL HTTP/1.1 aman.spiderxzone.com/media/spin.mp3
IP 172.67.162.83:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data
Size 133 kB (132739 bytes)
Hash 5e6ad4032df296732508803deb114b90
99d585eab4db1d9d5555b5ea4aae2542c5c635e5
9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /media/spin.mp3 HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 206 Partial Content
Date: Tue, 22 Nov 2022 18:37:59 GMT
Content-Type: audio/mpeg
Content-Length: 132739
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 02:07:42 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1042
Content-Range: bytes 0-132738/132739
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR%2B6kpKl7qpYWnUG9DQAwdAPte%2B7iVZbh4%2BA3LxzDQgRXSva4EiOu0K4tSidBAdNtJPFytiMrK8nNm9eVzfH2luLHHvZQjxZxa29iWCht2OQ0M5yhjassyGV2uD4azeR5M%2Fooo41yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e3c790a9b40b55-OSL
alt-svc: h2=":443"; ma=60
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.250200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=209
expires: Tue, 22 Nov 2022 18:41:28 GMT
date: Tue, 22 Nov 2022 18:37:59 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: j7GPHu9Gq8cF2_j3-uXucAzJPSBWsFelX1EWZa_2sEW-Vo7b4WlaFg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:55:58 GMT
age: 74526
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aman.spiderxzone.com/img/rewards/1.png
172.67.162.83200 OK 0 B URL HTTP/1.1 aman.spiderxzone.com/img/rewards/1.png
IP 172.67.162.83:0
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/1.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:37:58 GMT
Content-Type: image/png
Content-Length: 396543
Connection: keep-alive
Last-Modified: Sat, 06 Aug 2022 20:03:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1044
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nJzZPOhpDsi8iAk7MKliq5Ap0JI%2BXAsMzS38sFZhMR0jt6X5rql%2FJYGEGC%2BBDqzIzHDVbYcV3xycvCqqwj9MZ1R0Xrr4z%2BY2Ulqe8VzgG7gsS3I9BRHqj0i9UL4XEAza2BFaJj35Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c7883db90b55-OSL
alt-svc: h2=":443"; ma=60