Overview

URL m416glaciermytichshopfree.xyz/
IP92.87.6.119
ASNTelekom Romania Communication S.A
Location Romania
Report completed2022-10-03 20:39:16 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
2022-10-03 2 m416glaciermytichshopfree.xyz/ Tencent
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-03 2 m416glaciermytichshopfree.xyz/ Phishing
2022-10-03 2 m416glaciermytichshopfree.xyz/js/script.js Phishing
2022-10-03 2 m416glaciermytichshopfree.xyz/js/showHide.js Phishing
2022-10-03 2 l.top4top.io/m_1725u5z7i1.mp3 Malware
2022-10-03 2 a.top4top.io/m_1725zobal2.mp3 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (21)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.249
mnemonic passive DNS www.pubgmobile.com (4) 21653 2018-04-27 11:06:13 UTC 2022-10-03 15:59:41 UTC 23.36.76.227
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-03 13:17:20 UTC 93.184.220.29
mnemonic passive DNS m416glaciermytichshopfree.xyz (19) 0 2022-01-13 09:49:59 UTC 2022-10-03 15:35:13 UTC 92.87.6.119 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-10-03 14:22:41 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS l.top4top.io (1) 926491 2020-01-14 23:19:40 UTC 2022-10-03 09:46:29 UTC 65.21.235.194
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 44.237.51.86
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-10-03 15:23:35 UTC 104.18.10.207
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 14:54:54 UTC 143.204.55.115
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-03 09:28:27 UTC 104.17.25.14
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-03 09:28:27 UTC 69.16.175.42
mnemonic passive DNS i.postimg.cc (1) 23840 2018-04-11 10:01:12 UTC 2022-10-03 17:05:14 UTC 141.94.200.42
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-03 14:22:39 UTC 142.250.74.10
mnemonic passive DNS a.top4top.io (1) 588496 2019-12-05 18:36:40 UTC 2022-10-03 18:43:36 UTC 51.159.64.45
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS ajax.googleapis.com (2) 12905 2013-08-16 09:51:31 UTC 2022-10-03 14:59:45 UTC 142.250.74.106
mnemonic passive DNS i.ibb.co (2) 13485 2018-11-25 10:13:48 UTC 2022-10-03 13:32:49 UTC 51.210.32.132
mnemonic passive DNS www.battlegroundsmobileindia.com (3) 0 2021-07-19 04:25:22 UTC 2022-09-30 22:18:27 UTC 23.36.77.19 Domain (battlegroundsmobileindia.com) ranked at: 342546
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 92.87.6.119

Date UQ / IDS / BL URL IP
2022-11-07 12:05:01 +0000
0 - 0 - 4 skinsbattlegroundsmobileindia.xyz/ 92.87.6.119
2022-11-07 11:51:04 +0000
0 - 0 - 4 allskinsfree.com/ 92.87.6.119
2022-11-07 08:37:14 +0000
0 - 0 - 4 skinsbattlegroundsmobileindia.xyz/ 92.87.6.119
2022-11-07 08:22:55 +0000
0 - 0 - 4 allskinsfree.com/ 92.87.6.119
2022-11-06 17:12:35 +0000
0 - 0 - 2 allskinsfree.com/ 92.87.6.119

Last 5 reports on ASN: Telekom Romania Communication S.A

Date UQ / IDS / BL URL IP
2022-11-29 20:44:28 +0000
0 - 0 - 1 fresherlights.com/test1/get.php?pid=36ABAB213 (...) 109.98.58.98
2022-11-25 08:51:58 +0000
0 - 0 - 3 92.87.6.205/ 92.87.6.205
2022-11-17 22:54:47 +0000
0 - 0 - 1 fresherlights.com/test1/get.php?pid=94A425B75 (...) 109.98.58.98
2022-11-10 14:23:43 +0000
0 - 0 - 2 uaery.top/dl/buildz.exe 109.102.255.230
2022-11-07 12:05:01 +0000
0 - 0 - 4 skinsbattlegroundsmobileindia.xyz/ 92.87.6.119

Last 1 reports on domain: m416glaciermytichshopfree.xyz

Date UQ / IDS / BL URL IP
2022-10-03 20:39:16 +0000
0 - 0 - 24 m416glaciermytichshopfree.xyz/ 92.87.6.119

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-07 12:05:01 +0000
0 - 0 - 4 skinsbattlegroundsmobileindia.xyz/ 92.87.6.119
2022-11-07 08:37:14 +0000
0 - 0 - 4 skinsbattlegroundsmobileindia.xyz/ 92.87.6.119
2022-10-27 01:23:22 +0000
0 - 0 - 25 m416glaciermytichshop.xyz/ 92.87.6.119
2022-10-26 20:08:26 +0000
0 - 0 - 25 m416glaciermytichshop.xyz/ 92.87.6.119
2022-09-04 23:18:05 +0000
0 - 0 - 7 bgmirewardofficial.com/ 65.108.140.174


JavaScript

Executed Scripts (4)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (66)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 19:46:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RrFqvAKvhanOhaBGknnGIwIqaiuYOlV-gf8kX1e7Fz2zs7bwTDQw8w==
Age: 3128


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KNVIYrL6ttFiQtWUaUzI3kipE2bnC_AXA8YY1ZY9LLkX-3-4NpIsaQ==
age: 54632
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17793
Expires: Tue, 04 Oct 2022 01:35:32 GMT
Date: Mon, 03 Oct 2022 20:38:59 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Thu, 23 Jun 2022 09:40:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3531
date: Mon, 03 Oct 2022 20:38:59 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   3531
Md5:    3bbb425ad7691d1cb139a6aaa312a844
Sha1:   0d3458342909f99394130bcfaa9a2292ceb07746
Sha256: 46f46a898d01a825b4e0ee76b77b08e5f7376945cffab4763efa35ccf6a9c3bb

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 20:38:59 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /css/style.css HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2006
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   2006
Md5:    08c186598262bddb4cfe97b01354a7f1
Sha1:   1e34dd49a7fdc3197a5abc70396500bbf93725a1
Sha256: f2e6f673ebac8fb29d2c5b91d4d6b182848cf6af2ab666a3d44c87b38248d87e

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /css/animate.css HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4490
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4490
Md5:    de0ea326e96e4b738fcbb416655b8245
Sha1:   6fa3c0d115af9c880deeb0d3853798c1326c4a34
Sha256: 46e667b4edac3f4db4ed1dcc5b3ad6f198fde8596b6a7e42f8876e69655918d4

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /css/login/facebook.css HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 656
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   656
Md5:    09fb897b43cbdfb6f7b49249b54ed13e
Sha1:   02ff56f021b824b0eaff9e83426b696e258a5497
Sha256: 96fc7cb5fb3fa80b0ece94dce83052d18b362264693b447d683db374e3f18f89

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /css/login/twitter.css HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 562
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   562
Md5:    eb4e033a7191d6c4e08aa5d43df6cb9b
Sha1:   d9347103f1e34c17fc89e060f16a884bbbc6d61e
Sha256: 2b20e4dc593626a6050f63bbf3ed68a6158ce88e5d079d90cb12e5f2f59f7aab

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 486791
expires: Sat, 23 Sep 2023 20:39:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fmtt3aWy9SZ815lEfqN2eN0n%2Fv2kOKPKxtP%2BhrQgk8BEvqrE1esbQOOP8QyMsJ%2FGJi3uJn09FQh%2BbIvztst7%2BtpsRWtTzjEsWAbCMKuGh3Xta1eE75HEYs0UbY9%2FM96gaK7S3Fy6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75487c118a17b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   5845
Md5:    a7e25a22602a2b2ed35f90fd5210cff1
Sha1:   148c4f275b60e6cf6253d6b4c7bdc486515b2202
Sha256: 312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
                                        
                                            GET /jquery-1.10.2.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 20:39:00 GMT
content-encoding: gzip
content-length: 32788
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664829540.dop222.sk1.t,1664829540.cds215.sk1.hn,1664829540.cds243.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32072)
Size:   32788
Md5:    68cc08e82915da8b82fc6be74ab86365
Sha1:   4089530b0c00f6cbd1452d7f873be85454196fd1
Sha256: 6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 09:02:32 GMT
expires: Fri, 29 Sep 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 387388
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32061)
Size:   29671
Md5:    b90b3d2618cce9d766152cd3092b5c27
Sha1:   496339457cd00caab8118e2e1f30ea18dc05b9f4
Sha256: b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
                                        
                                            GET /V9rgBqw/twitter-text.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.210.32.132
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size:   4298
Md5:    fef946b8bba756359e2a1e87ccd915ea
Sha1:   acc364946077b0e32b2343474ce4066ad3ee524c
Sha256: 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
                                        
                                            GET /js/script.js HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1034
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1034
Md5:    e501828d0c2ab719f52a98e4147f1e2a
Sha1:   7c811e60dad382e12c873107dfe8a3383b78400b
Sha256: 0e6255ae161c9fa5abe5910bc72de71fdf286063fb0cbe9a5199c7e997b5d900

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /js/showHide.js HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 209
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   209
Md5:    f1ac16e42cec17f6a01f573b5e3730dd
Sha1:   cbc0ecd5bb5d1727cd69701bc34b7ef2a2b12555
Sha256: 43c54decb226a12eb8b29617d1461ab8e0029e3231a2813ae409a127b6edc419

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /img/rewards/1.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Mon, 20 Jun 2022 12:18:12 GMT
accept-ranges: bytes
content-length: 31486
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Size:   31486
Md5:    891f8bc01578b5f93370aed30847c9b7
Sha1:   7935164b648438d9c93579522bd59a74fee60d89
Sha256: f163f8c4075bb60043e79dd40ec2157a5f61f20d4ce65f4e394413b6831c1703

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /common/img/common/footerlg.png HTTP/1.1 
Host: www.battlegroundsmobileindia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.77.19
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 7004
last-modified: Fri, 14 May 2021 10:49:25 GMT
etag: "1b5c-5c247ff491740"
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:39:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 276 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size:   7004
Md5:    731bcfc15f2a21cd7b9744a1c8f61714
Sha1:   b8c612461c8eb46b4605b0c41fd2dfd8efb6b7f5
Sha256: 8fce2cab2eb55065e9cca8bbf72667662b27de4d938178c8658808550fe30a43
                                        
                                            GET /common/img/main/app.png HTTP/1.1 
Host: www.battlegroundsmobileindia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.77.19
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 30182
last-modified: Mon, 17 May 2021 08:48:00 GMT
etag: "75e6-5c282a696f000"
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:39:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced\012- data
Size:   30182
Md5:    6ae43b6c707f6c559b4b19ba64ba6f4e
Sha1:   8a67a6bbe6d443180fb3a0d88355cef490ec85b1
Sha256: e85ade5d6786ebf81122a53e42d731a33edf5368d8b18e8dc397c0fbf06b9268
                                        
                                            GET /Wg8qQxh/facebook-text.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.210.32.132
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size:   28789
Md5:    74190b93fc4f5d88f0c8e6411ba20bd8
Sha1:   89ce2ecb660a90b8e6ed1b335443d7767c59f28a
Sha256: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ZRRLhsDK/bgmi-logo.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.200.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 17416
last-modified: Tue, 05 Apr 2022 16:12:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 539x367, components 1\012- data
Size:   17416
Md5:    1bc5e5e8bf28294255550d540b143ba6
Sha1:   9bf2f97a05e2f5b40b0ae321f7bebeca42265e2f
Sha256: 3ee26305ac8419454ba3e5f7d325d6b063b220e31fb2dc7be1dbf4bb06168269
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/rewards/6.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:18:20 GMT
accept-ranges: bytes
content-length: 44403
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size:   44403
Md5:    808bb469d97f888d116ee47fe78a3bdc
Sha1:   a8627c5d6c21de28ef134d6b69ca193a9043f2ee
Sha256: be1314aaab55004e503c9b1754b5e3dacdd98b7a7f480e06c2f9783fb7b9241e

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/rewards/5.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:18:48 GMT
accept-ranges: bytes
content-length: 25059
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Size:   25059
Md5:    13991a4d606bbcfc51e873ea85708e85
Sha1:   d15d0403d17e32a68047657701bf2bad8ea05f67
Sha256: cb7e4f70bed44566c6e5d5f6dd9ed88fc88d9d93ffdc3ac2aff476de92338511

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m416glaciermytichshopfree.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:31:38 GMT
expires: Tue, 03 Oct 2023 18:31:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
age: 7642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size:   13324
Md5:    b4082c888eefa2dca3fe2c9d46a87180
Sha1:   05aeb6c58175f659fe59eaca5a9d3735dd0530e3
Sha256: 352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
                                        
                                            GET /img/rewards/3.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 55424
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1080, components 3\012- data
Size:   55424
Md5:    0e9460ecf05412587f729d5acedcf5eb
Sha1:   7aab80a3217907068581d920dc1d6b9b91a25cb7
Sha256: c5f0e3c4dde2d005c0d736d13ed213f742c6fc1055dd2862f02e5ae5dfa922cb

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/rewards/4.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:19:06 GMT
accept-ranges: bytes
content-length: 64070
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1080, components 3\012- data
Size:   64070
Md5:    eb68d4ef23eeed553505db5c57b45cc1
Sha1:   e18b2c9d11e801d7f2bb9e7c30cadcfa753971c6
Sha256: e9cd147b4a0d76056013af24212f0e02b9b8355eedb7946a37d6759f62f67e06

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/popup-close.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Sat, 23 Jul 2022 11:54:56 GMT
accept-ranges: bytes
content-length: 104891
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1337 x 1399, 8-bit colormap, non-interlaced\012- data
Size:   104891
Md5:    da1cd633e7ac40969776fa16a39a98fd
Sha1:   167686bd4aa462a6fcd82dd61836490a200ac9e6
Sha256: 3d47e0611ec385f6e7edf773b744f5607ee3ab72770f988a8561dd115a034da9

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/rewards/2.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:17:24 GMT
accept-ranges: bytes
content-length: 165380
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1080 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   165380
Md5:    e32514bffc462482dcee8826e7b94c3f
Sha1:   b9f2911aea233120e42988e32bc25a2b0eaab9ec
Sha256: 2943452ca0f14c4b04f8d1f24b3ddf18fec06dd06a5b2e42e4f5ae5971315493

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m416glaciermytichshopfree.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:04:07 GMT
expires: Tue, 03 Oct 2023 20:04:07 GMT
cache-control: public, max-age=31536000
age: 2093
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Size:   13196
Md5:    5b9fce771bd530ab9767e2b5aebd28c1
Sha1:   28ee5935b59df8b2d6876707e1f0f0e6768d2d31
Sha256: a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ADEEC34E395CEC5FC80C3D19CA95F6A63B81CD46E215F67F9AE1C5505E4A5A31"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1668
Expires: Mon, 03 Oct 2022 21:06:48 GMT
Date: Mon, 03 Oct 2022 20:39:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ADEEC34E395CEC5FC80C3D19CA95F6A63B81CD46E215F67F9AE1C5505E4A5A31"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1668
Expires: Mon, 03 Oct 2022 21:06:48 GMT
Date: Mon, 03 Oct 2022 20:39:00 GMT
Connection: keep-alive

                                        
                                            GET /img/background.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 238662
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced\012- data
Size:   238662
Md5:    e1f466aa8e4dcfabfaeec23258c41658
Sha1:   7ceaf3d9cb331ec98390fc145ff0f9e1c56ee4f0
Sha256: 4f868cc18586357a4938a6f03b76a42498d8f82d5b3abf2b453cdca3ba98f001

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 20:39:00 GMT
date: Mon, 03 Oct 2022 20:39:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15552
Md5:    51256ef9df5fb123caf8397b26327132
Sha1:   0a6a0fa146234a4acf1b968515a0bd896b4dcfc3
Sha256: e5f7b5122605f6967ff600d9ff30dea1f8aa225d97f0eeb55681da5ccfe66861
                                        
                                            GET /en/images/nav_shop.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 526
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size:   526
Md5:    ad0548f5478991acc360e6464247e82a
Sha1:   40e3e327eebfc39a8e45b1aa46b725d65390cdcc
Sha256: 6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
                                        
                                            GET /m_1725u5z7i1.mp3 HTTP/1.1 
Host: l.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.21.235.194
HTTP/2 206 Partial Content
content-type: audio/mpeg
                                        
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 04 Oct 2022 20:15:40 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Mon, 03 Oct 2022 22:39:00 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size:   19781
Md5:    ee5b5d12064ae26f839b882edb33da62
Sha1:   6fa93ef00f294eec4ef05276e81813db1e95e346
Sha256: 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /m_1725zobal2.mp3 HTTP/1.1 
Host: a.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.159.64.45
HTTP/2 206 Partial Content
content-type: audio/mpeg
                                        
server: nginx
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 04 Oct 2022 20:15:40 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Mon, 03 Oct 2022 22:39:00 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size:   17691
Md5:    70ded6b0b406f9710307bc35e221629f
Sha1:   7034ec2ff72c936255b04c0890ce8976599380cc
Sha256: 22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/event-title.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Sat, 23 Jul 2022 11:54:56 GMT
accept-ranges: bytes
content-length: 97126
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 344, 8-bit colormap, non-interlaced\012- data
Size:   97126
Md5:    5bd709ec44a16e5040680aa76bbece75
Sha1:   16a9241507973d3007ad77bf2efde6231a61913f
Sha256: 0f95608e1b0ed86f9d523fe5c32ab9753284454ae2ecb7ce3abab3a94765403f

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/btn-off.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 31532
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 600 x 206, 8-bit colormap, non-interlaced\012- data
Size:   31532
Md5:    ccac79dd7533964f17a5c1d1d4c88310
Sha1:   da58aef94f1c411c1a0d943b27758c9091d93ff4
Sha256: 4a00e23657866c817babc9fd36de33254da130237e2dc1605a74549652dc46ad

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/header.jpg HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Sat, 23 Jul 2022 11:54:56 GMT
accept-ranges: bytes
content-length: 100799
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 570 x 178, 8-bit colormap, non-interlaced\012- data
Size:   30824
Md5:    17f78aba52b0d84a9dc6d3880a351192
Sha1:   7ca235b0632fe7b0d1ef1e246bbc979432f93a38
Sha256: 29cbc32a32d0eeaa035c7b90395aa62508bf0c844459a261b47537faa8c99de5

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/btn-on.png HTTP/1.1 
Host: m416glaciermytichshopfree.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.87.6.119
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 20:39:00 GMT
last-modified: Thu, 23 Jun 2022 09:00:22 GMT
accept-ranges: bytes
content-length: 30806
date: Mon, 03 Oct 2022 20:39:00 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 600 x 206, 8-bit colormap, non-interlaced\012- data
Size:   30806
Md5:    ed12a7e8b0bc909db4d02c33417d0e23
Sha1:   e0398501cce7dc5bf1c066f86efd4717325f4659
Sha256: 36e4cc0e83f5775013fc1f090a44812eda853eb07bae52efcc84c8e898325e25

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /en/images/nav_download.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 485
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size:   485
Md5:    105955f14143a23be57cadef8e91950e
Sha1:   98cc1e76113b4b2a2a77805bb1f1d6b364344d88
Sha256: b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
                                        
                                            GET /en/images/nav_menu.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 426
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size:   426
Md5:    76f5753e4fe160785df31ef342ada1c1
Sha1:   a78cc3e318b79b7fe5e7eb8df11683706b518e8f
Sha256: 52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26
                                        
                                            GET /en/images/nav_language.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 03 Oct 2022 20:39:00 GMT
content-length: 675
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size:   675
Md5:    77e7b8dcd13159c59219706782b1a897
Sha1:   a3c73409a8e9841a00b771d96ce6cb0ce76d222e
Sha256: 4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 21:03:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DY2h0xkbhh_nVAz2Gn27JXZzquigawVVFUnvo40YN3K3SoLP1OH0Sg==
Age: 567


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 586
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 20:39:00 GMT
Last-Modified: Mon, 03 Oct 2022 20:29:15 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N/uGQ3h2nQiwrN/inkSq1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.237.51.86
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ilRyUVrMXyups4nSjrBh0g/elps=

                                        
                                            GET /common/img/favicon.ico HTTP/1.1 
Host: www.battlegroundsmobileindia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.77.19
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
                                        
content-length: 1436
last-modified: Fri, 14 May 2021 10:49:26 GMT
etag: "59c-5c247ff585980"
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:39:01 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size:   1436
Md5:    80856a1f0c07b83a6b67d557d0aca397
Sha1:   031cab2f407c8059dcfab8599f8bba9486512f21
Sha256: 5609e69ac9fb00efc23806475c7a228fcb5a87dc7e4380673a44e018af7a8060
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:39:02 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 20:14:12 GMT
age: 1490
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8277
Md5:    6a90e53b55500427aed06efa3a9baa8c
Sha1:   43a66cd291d1413d7147a29b2a7b27277a443f0b
Sha256: 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 57371
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8279
x-amzn-requestid: fed6efac-3419-4ecc-89f8-d4c3e0c22915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWbsHpBIAMFT1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044a-5fc3bf5b7126d4a835d93e3d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7g6tucmoqeX5RFtet3L9XllP1G6fx4RWt5XqTsVvhtxZnPxV0EVpqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:57:37 GMT
age: 81685
etag: "ced4806b7cc4d08e2c3f1c5e591184f462e86ec2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8279
Md5:    bfb6fbd0b91416a5a7cc7f7d0fcbf27c
Sha1:   ced4806b7cc4d08e2c3f1c5e591184f462e86ec2
Sha256: 9a217da43a32c70ebd39b3076b3c14b16d8931ccebfe5d41139fa706b3b3e149
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 82415
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 82415
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8158
Md5:    721a8d8f94c3796abf021978fcdbc831
Sha1:   3fc3aeae907a0ce0db21753c67c1000681e48b8e
Sha256: cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 82459
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 03 Oct 2022 20:39:00 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 10276294
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75487c117a420b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m416glaciermytichshopfree.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 14:39:25 GMT
expires: Fri, 29 Sep 2023 14:39:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 367175
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---