Report - m416glaciermytichshopfree.xyz/

Report Overview

Submitted URL
m416glaciermytichshopfree.xyz/
IP
92.87.6.119
ASN
#9050 Telekom Romania Communication S.A
Submitted
2022-10-03 20:39:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	903 B	104.18.10.207
m416glaciermytichshopfree.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.0 kB	939 kB	92.87.6.119
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
i.ibb.co	13485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	783 B	34 kB	51.210.32.132
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	33 kB	69.16.175.42
www.pubgmobile.com	21653	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.3 kB	23.36.76.227
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.237.51.86
i.postimg.cc	23840	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	18 kB	141.94.200.42
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	958 B	28 kB	216.58.207.195
a.top4top.io	588496	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	433 B	18 kB	51.159.64.45
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	736 B	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	32 kB	142.250.74.106
www.battlegroundsmobileindia.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	39 kB	23.36.77.19
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.76.249
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	6.9 kB	104.17.25.14
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	16 kB	142.250.74.10
l.top4top.io	926491	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	433 B	20 kB	65.21.235.194

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Tencent

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-03	medium	m416glaciermytichshopfree.xyz/	Phishing
2022-10-03	medium	m416glaciermytichshopfree.xyz/js/script.js	Phishing
2022-10-03	medium	m416glaciermytichshopfree.xyz/js/showHide.js	Phishing
2022-10-03	medium	l.top4top.io/m_1725u5z7i1.mp3	Malware
2022-10-03	medium	a.top4top.io/m_1725zobal2.mp3	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-04-23
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-23 09:22:44 Times Seen10087 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	84 kB	2023-03-07	2024-04-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-23 17:30:21 Times Seen13691 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	m416glaciermytichshopfree.xyz/js/script.js	4.9 kB	2023-03-07	2023-06-03
Pretty URL m416glaciermytichshopfree.xyz/js/script.js IP 92.87.6.119 ASN #9050 Telekom Romania Communication S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2023-06-03 02:29:09 Times Seen3 Hash 3f675cdd8b7e2b8993ea2e91ff8190eb 7e5d94a4123b6b8347e710339622a94b850ec634 bdce2456497d8349c812e0c643eebe74a81786ad06c05c6811173010a5e01529 Loading...

	m416glaciermytichshopfree.xyz/js/showHide.js	1.2 kB	2023-03-07	2024-02-23
Pretty URL m416glaciermytichshopfree.xyz/js/showHide.js IP 92.87.6.119 ASN #9050 Telekom Romania Communication S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-02-23 11:11:54 Times Seen39 Hash d8682a45a9ca9866ee7d3de817220bde bc14112b63113c66c91c5fda4ca814121828c88b 81eb0204e92a2852b85b57aa880ca6830bbc05763eef1a6bada6c645c0c8668c Loading...

HTTP Transactions (66)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 19:46:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RrFqvAKvhanOhaBGknnGIwIqaiuYOlV-gf8kX1e7Fz2zs7bwTDQw8w==
Age: 3128

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KNVIYrL6ttFiQtWUaUzI3kipE2bnC_AXA8YY1ZY9LLkX-3-4NpIsaQ==
age: 54632
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17793
Expires: Tue, 04 Oct 2022 01:35:32 GMT
Date: Mon, 03 Oct 2022 20:38:59 GMT
Connection: keep-alive

m416glaciermytichshopfree.xyz/

92.87.6.119

200 OK

3.5 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
3.5 kB (3531 bytes)
Hash
3bbb425ad7691d1cb139a6aaa312a844
0d3458342909f99394130bcfaa9a2292ceb07746
46f46a898d01a825b4e0ee76b77b08e5f7376945cffab4763efa35ccf6a9c3bb

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 23 Jun 2022 09:40:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3531
date: Mon, 03 Oct 2022 20:38:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 20:38:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/css/style.css

92.87.6.119

200 OK

2.0 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/css/style.css
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
assembler source, ASCII text
Size
2.0 kB (2006 bytes)
Hash
08c186598262bddb4cfe97b01354a7f1
1e34dd49a7fdc3197a5abc70396500bbf93725a1
f2e6f673ebac8fb29d2c5b91d4d6b182848cf6af2ab666a3d44c87b38248d87e

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /css/style.css HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: text/css
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2006
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/css/animate.css

92.87.6.119

200 OK

4.5 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/css/animate.css
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
ASCII text
Size
4.5 kB (4490 bytes)
Hash
de0ea326e96e4b738fcbb416655b8245
6fa3c0d115af9c880deeb0d3853798c1326c4a34
46e667b4edac3f4db4ed1dcc5b3ad6f198fde8596b6a7e42f8876e69655918d4

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: text/css
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4490
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/css/login/facebook.css

92.87.6.119

200 OK

656 B

URL HTTP/2
m416glaciermytichshopfree.xyz/css/login/facebook.css
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
ASCII text
Size
656 B (656 bytes)
Hash
09fb897b43cbdfb6f7b49249b54ed13e
02ff56f021b824b0eaff9e83426b696e258a5497
96fc7cb5fb3fa80b0ece94dce83052d18b362264693b447d683db374e3f18f89

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /css/login/facebook.css HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: text/css
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 656
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/css/login/twitter.css

92.87.6.119

200 OK

562 B

URL HTTP/2
m416glaciermytichshopfree.xyz/css/login/twitter.css
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
ASCII text
Size
562 B (562 bytes)
Hash
eb4e033a7191d6c4e08aa5d43df6cb9b
d9347103f1e34c17fc89e060f16a884bbbc6d61e
2b20e4dc593626a6050f63bbf3ed68a6158ce88e5d079d90cb12e5f2f59f7aab

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /css/login/twitter.css HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: text/css
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 562
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:39:00 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 486791
expires: Sat, 23 Sep 2023 20:39:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fmtt3aWy9SZ815lEfqN2eN0n%2Fv2kOKPKxtP%2BhrQgk8BEvqrE1esbQOOP8QyMsJ%2FGJi3uJn09FQh%2BbIvztst7%2BtpsRWtTzjEsWAbCMKuGh3Xta1eE75HEYs0UbY9%2FM96gaK7S3Fy6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75487c118a17b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

69.16.175.42

200 OK

33 kB

URL HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:39:00 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664829540.dop222.sk1.t,1664829540.cds215.sk1.hn,1664829540.cds243.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.106

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 09:02:32 GMT
expires: Fri, 29 Sep 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 387388
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.ibb.co/V9rgBqw/twitter-text.png

51.210.32.132

200 OK

4.3 kB

URL HTTP/2
i.ibb.co/V9rgBqw/twitter-text.png
IP
51.210.32.132:0
ASN
#16276 OVH SAS

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/js/script.js

92.87.6.119

200 OK

1.0 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/js/script.js
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
ASCII text
Size
1.0 kB (1034 bytes)
Hash
e501828d0c2ab719f52a98e4147f1e2a
7c811e60dad382e12c873107dfe8a3383b78400b
0e6255ae161c9fa5abe5910bc72de71fdf286063fb0cbe9a5199c7e997b5d900

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js/script.js HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: application/javascript
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1034
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/js/showHide.js

92.87.6.119

200 OK

209 B

URL HTTP/2
m416glaciermytichshopfree.xyz/js/showHide.js
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
ASCII text, with CRLF line terminators
Size
209 B (209 bytes)
Hash
f1ac16e42cec17f6a01f573b5e3730dd
cbc0ecd5bb5d1727cd69701bc34b7ef2a2b12555
43c54decb226a12eb8b29617d1461ab8e0029e3231a2813ae409a127b6edc419

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js/showHide.js HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: application/javascript
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 209
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/rewards/1.png

92.87.6.119

200 OK

32 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/rewards/1.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Size
32 kB (31486 bytes)
Hash
891f8bc01578b5f93370aed30847c9b7
7935164b648438d9c93579522bd59a74fee60d89
f163f8c4075bb60043e79dd40ec2157a5f61f20d4ce65f4e394413b6831c1703

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/rewards/1.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Mon, 20 Jun 2022 12:18:12 GMT
accept-ranges: bytes
content-length: 31486
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

www.battlegroundsmobileindia.com/common/img/common/footerlg.png

23.36.77.19

200 OK

7.0 kB

URL HTTP/2
www.battlegroundsmobileindia.com/common/img/common/footerlg.png
IP
23.36.77.19:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 276 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7004 bytes)
Hash
731bcfc15f2a21cd7b9744a1c8f61714
b8c612461c8eb46b4605b0c41fd2dfd8efb6b7f5
8fce2cab2eb55065e9cca8bbf72667662b27de4d938178c8658808550fe30a43

HTTP Headers

GET /common/img/common/footerlg.png HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 7004
last-modified: Fri, 14 May 2021 10:49:25 GMT
etag: "1b5c-5c247ff491740"
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:39:00 GMT
X-Firefox-Spdy: h2

www.battlegroundsmobileindia.com/common/img/main/app.png

23.36.77.19

200 OK

30 kB

URL HTTP/2
www.battlegroundsmobileindia.com/common/img/main/app.png
IP
23.36.77.19:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30182 bytes)
Hash
6ae43b6c707f6c559b4b19ba64ba6f4e
8a67a6bbe6d443180fb3a0d88355cef490ec85b1
e85ade5d6786ebf81122a53e42d731a33edf5368d8b18e8dc397c0fbf06b9268

HTTP Headers

GET /common/img/main/app.png HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 30182
last-modified: Mon, 17 May 2021 08:48:00 GMT
etag: "75e6-5c282a696f000"
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:39:00 GMT
X-Firefox-Spdy: h2

i.ibb.co/Wg8qQxh/facebook-text.png

51.210.32.132

200 OK

29 kB

URL HTTP/2
i.ibb.co/Wg8qQxh/facebook-text.png
IP
51.210.32.132:0
ASN
#16276 OVH SAS

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.postimg.cc/ZRRLhsDK/bgmi-logo.jpg

141.94.200.42

200 OK

17 kB

URL HTTP/2
i.postimg.cc/ZRRLhsDK/bgmi-logo.jpg
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 539x367, components 1\012- data
Size
17 kB (17416 bytes)
Hash
1bc5e5e8bf28294255550d540b143ba6
9bf2f97a05e2f5b40b0ae321f7bebeca42265e2f
3ee26305ac8419454ba3e5f7d325d6b063b220e31fb2dc7be1dbf4bb06168269

HTTP Headers

GET /ZRRLhsDK/bgmi-logo.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-type: image/jpeg
content-length: 17416
last-modified: Tue, 05 Apr 2022 16:12:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

m416glaciermytichshopfree.xyz/img/rewards/6.png

92.87.6.119

200 OK

44 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/rewards/6.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size
44 kB (44403 bytes)
Hash
808bb469d97f888d116ee47fe78a3bdc
a8627c5d6c21de28ef134d6b69ca193a9043f2ee
be1314aaab55004e503c9b1754b5e3dacdd98b7a7f480e06c2f9783fb7b9241e

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/rewards/6.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:18:20 GMT
accept-ranges: bytes
content-length: 44403
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/rewards/5.png

92.87.6.119

200 OK

25 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/rewards/5.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Size
25 kB (25059 bytes)
Hash
13991a4d606bbcfc51e873ea85708e85
d15d0403d17e32a68047657701bf2bad8ea05f67
cb7e4f70bed44566c6e5d5f6dd9ed88fc88d9d93ffdc3ac2aff476de92338511

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/rewards/5.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:18:48 GMT
accept-ranges: bytes
content-length: 25059
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size
13 kB (13324 bytes)
Hash
b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6

HTTP Headers

GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m416glaciermytichshopfree.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:31:38 GMT
expires: Tue, 03 Oct 2023 18:31:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
age: 7642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/rewards/3.png

92.87.6.119

200 OK

55 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/rewards/3.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1080, components 3\012- data
Size
55 kB (55424 bytes)
Hash
0e9460ecf05412587f729d5acedcf5eb
7aab80a3217907068581d920dc1d6b9b91a25cb7
c5f0e3c4dde2d005c0d736d13ed213f742c6fc1055dd2862f02e5ae5dfa922cb

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/rewards/3.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 55424
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/rewards/4.png

92.87.6.119

200 OK

64 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/rewards/4.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1080, components 3\012- data
Size
64 kB (64070 bytes)
Hash
eb68d4ef23eeed553505db5c57b45cc1
e18b2c9d11e801d7f2bb9e7c30cadcfa753971c6
e9cd147b4a0d76056013af24212f0e02b9b8355eedb7946a37d6759f62f67e06

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/rewards/4.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:19:06 GMT
accept-ranges: bytes
content-length: 64070
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/popup-close.png

92.87.6.119

200 OK

105 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/popup-close.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
PNG image data, 1337 x 1399, 8-bit colormap, non-interlaced\012- data
Size
105 kB (104891 bytes)
Hash
da1cd633e7ac40969776fa16a39a98fd
167686bd4aa462a6fcd82dd61836490a200ac9e6
3d47e0611ec385f6e7edf773b744f5607ee3ab72770f988a8561dd115a034da9

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/popup-close.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Sat, 23 Jul 2022 11:54:56 GMT
accept-ranges: bytes
content-length: 104891
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/rewards/2.png

92.87.6.119

200 OK

165 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/rewards/2.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
PNG image data, 1080 x 1080, 8-bit colormap, non-interlaced\012- data
Size
165 kB (165380 bytes)
Hash
e32514bffc462482dcee8826e7b94c3f
b9f2911aea233120e42988e32bc25a2b0eaab9ec
2943452ca0f14c4b04f8d1f24b3ddf18fec06dd06a5b2e42e4f5ae5971315493

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/rewards/2.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:17:24 GMT
accept-ranges: bytes
content-length: 165380
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Size
13 kB (13196 bytes)
Hash
5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c

HTTP Headers

GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m416glaciermytichshopfree.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:04:07 GMT
expires: Tue, 03 Oct 2023 20:04:07 GMT
cache-control: public, max-age=31536000
age: 2093
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
66b24e24da030234f2d5761ea40e988b
dfdf241b5ec3cb69e86f91e6e87c125a61892ef7
adeec34e395cec5fc80c3d19ca95f6a63b81cd46e215f67f9ae1c5505e4a5a31

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADEEC34E395CEC5FC80C3D19CA95F6A63B81CD46E215F67F9AE1C5505E4A5A31"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1668
Expires: Mon, 03 Oct 2022 21:06:48 GMT
Date: Mon, 03 Oct 2022 20:39:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
66b24e24da030234f2d5761ea40e988b
dfdf241b5ec3cb69e86f91e6e87c125a61892ef7
adeec34e395cec5fc80c3d19ca95f6a63b81cd46e215f67f9ae1c5505e4a5a31

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADEEC34E395CEC5FC80C3D19CA95F6A63B81CD46E215F67F9AE1C5505E4A5A31"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1668
Expires: Mon, 03 Oct 2022 21:06:48 GMT
Date: Mon, 03 Oct 2022 20:39:00 GMT
Connection: keep-alive

m416glaciermytichshopfree.xyz/img/background.png

92.87.6.119

200 OK

239 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/background.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced\012- data
Size
239 kB (238662 bytes)
Hash
e1f466aa8e4dcfabfaeec23258c41658
7ceaf3d9cb331ec98390fc145ff0f9e1c56ee4f0
4f868cc18586357a4938a6f03b76a42498d8f82d5b3abf2b453cdca3ba98f001

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/background.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 238662
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.10

200 OK

16 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
16 kB (15552 bytes)
Hash
51256ef9df5fb123caf8397b26327132
0a6a0fa146234a4acf1b968515a0bd896b4dcfc3
e5f7b5122605f6967ff600d9ff30dea1f8aa225d97f0eeb55681da5ccfe66861

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 20:39:00 GMT
date: Mon, 03 Oct 2022 20:39:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_shop.svg

23.36.76.227

200 OK

526 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_shop.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size
526 B (526 bytes)
Hash
ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3

HTTP Headers

GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 526
X-Firefox-Spdy: h2

l.top4top.io/m_1725u5z7i1.mp3

65.21.235.194

206 Partial Content

20 kB

URL HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
65.21.235.194:0
ASN
#24940 Hetzner Online GmbH

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 04 Oct 2022 20:15:40 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Mon, 03 Oct 2022 22:39:00 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

a.top4top.io/m_1725zobal2.mp3

51.159.64.45

206 Partial Content

18 kB

URL HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
51.159.64.45:0
ASN
#12876 Online S.a.s.

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 04 Oct 2022 20:15:40 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Mon, 03 Oct 2022 22:39:00 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/event-title.png

92.87.6.119

200 OK

97 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/event-title.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
PNG image data, 1280 x 344, 8-bit colormap, non-interlaced\012- data
Size
97 kB (97126 bytes)
Hash
5bd709ec44a16e5040680aa76bbece75
16a9241507973d3007ad77bf2efde6231a61913f
0f95608e1b0ed86f9d523fe5c32ab9753284454ae2ecb7ce3abab3a94765403f

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/event-title.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Sat, 23 Jul 2022 11:54:56 GMT
accept-ranges: bytes
content-length: 97126
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/btn-off.png

92.87.6.119

200 OK

32 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/btn-off.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
PNG image data, 600 x 206, 8-bit colormap, non-interlaced\012- data
Size
32 kB (31532 bytes)
Hash
ccac79dd7533964f17a5c1d1d4c88310
da58aef94f1c411c1a0d943b27758c9091d93ff4
4a00e23657866c817babc9fd36de33254da130237e2dc1605a74549652dc46ad

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/btn-off.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 31532
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/header.jpg

92.87.6.119

200 OK

31 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/header.jpg
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
PNG image data, 570 x 178, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30824 bytes)
Hash
17f78aba52b0d84a9dc6d3880a351192
7ca235b0632fe7b0d1ef1e246bbc979432f93a38
29cbc32a32d0eeaa035c7b90395aa62508bf0c844459a261b47537faa8c99de5

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/header.jpg HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/jpeg
last-modified: Sat, 23 Jul 2022 11:54:56 GMT
accept-ranges: bytes
content-length: 100799
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

m416glaciermytichshopfree.xyz/img/btn-on.png

92.87.6.119

200 OK

31 kB

URL HTTP/2
m416glaciermytichshopfree.xyz/img/btn-on.png
IP
92.87.6.119:0
ASN
#9050 Telekom Romania Communication S.A

File type
PNG image data, 600 x 206, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30806 bytes)
Hash
ed12a7e8b0bc909db4d02c33417d0e23
e0398501cce7dc5bf1c066f86efd4717325f4659
36e4cc0e83f5775013fc1f090a44812eda853eb07bae52efcc84c8e898325e25

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/btn-on.png HTTP/1.1
Host: m416glaciermytichshopfree.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
content-type: image/png
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 30806
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_download.svg

23.36.76.227

200 OK

485 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_download.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size
485 B (485 bytes)
Hash
105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2

HTTP Headers

GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 485
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.227

200 OK

426 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 426
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.227

200 OK

675 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 675
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 21:03:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DY2h0xkbhh_nVAz2Gn27JXZzquigawVVFUnvo40YN3K3SoLP1OH0Sg==
Age: 567

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 586
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:39:00 GMT
Last-Modified: Mon, 03 Oct 2022 20:29:15 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.237.51.86

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.51.86:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N/uGQ3h2nQiwrN/inkSq1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ilRyUVrMXyups4nSjrBh0g/elps=

www.battlegroundsmobileindia.com/common/img/favicon.ico

23.36.77.19

200 OK

1.4 kB

URL HTTP/2
www.battlegroundsmobileindia.com/common/img/favicon.ico
IP
23.36.77.19:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
1.4 kB (1436 bytes)
Hash
80856a1f0c07b83a6b67d557d0aca397
031cab2f407c8059dcfab8599f8bba9486512f21
5609e69ac9fb00efc23806475c7a228fcb5a87dc7e4380673a44e018af7a8060

HTTP Headers

GET /common/img/favicon.ico HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 1436
last-modified: Fri, 14 May 2021 10:49:26 GMT
etag: "59c-5c247ff585980"
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:39:01 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 20:14:12 GMT
age: 1490
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 57371
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8279 bytes)
Hash
bfb6fbd0b91416a5a7cc7f7d0fcbf27c
ced4806b7cc4d08e2c3f1c5e591184f462e86ec2
9a217da43a32c70ebd39b3076b3c14b16d8931ccebfe5d41139fa706b3b3e149

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8279
x-amzn-requestid: fed6efac-3419-4ecc-89f8-d4c3e0c22915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWbsHpBIAMFT1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044a-5fc3bf5b7126d4a835d93e3d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7g6tucmoqeX5RFtet3L9XllP1G6fx4RWt5XqTsVvhtxZnPxV0EVpqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:57:37 GMT
age: 81685
etag: "ced4806b7cc4d08e2c3f1c5e591184f462e86ec2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9083 bytes)
Hash
523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 82415
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8158 bytes)
Hash
721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 82415
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10839 bytes)
Hash
36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 82459
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:39:00 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 10276294
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75487c117a420b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.106

200 OK

0 B

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 14:39:25 GMT
expires: Fri, 29 Sep 2023 14:39:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 367175
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (66)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size