r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13435
Expires: Tue, 22 Nov 2022 22:04:25 GMT
Date: Tue, 22 Nov 2022 18:20:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13237
Expires: Tue, 22 Nov 2022 22:01:07 GMT
Date: Tue, 22 Nov 2022 18:20:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4599
Cache-Control: max-age=149244
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:30 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 11:47:54 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5O0a0z/oZ1T5x5qh2iiWmfOgWHl6RotOf7kQ+kcua3xBbCxDB+hQDKgL2IeLBvOV3yxZYAfiWLI=
x-amz-request-id: Z7SA0CK9780X25GV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 17:42:39 GMT
age: 2271
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 18:09:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 671
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 18:20:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aman.spiderxzone.com/css-zone/animate.css
172.67.162.83200 OK 4.7 kB URL HTTP/1.1 aman.spiderxzone.com/css-zone/animate.css
IP 172.67.162.83:0
Hash 0ddbd5b846bb5859630d16b3bc990ede
4cf068cfd4e70a216df3af2c8320a07ae9d642b5
9d3bd3d01b937e6bd482f1de2a9978f14fa132cf6d36784cc81f83d446ede16d
Analyzer Verdict Alert openphish Tencent
GET /css-zone/animate.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:35:12 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 667
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcRRRPbWLpBRuwkyArHaFPQuAS9Du%2BDA1svOl4nUf6NwxAjnuUHi5aklQKbceAnbGWUWgtweud%2F6pwbV3EwEX6KprnBve9a3o5BOboSUPaB%2BZkXbc%2F3jjVk4yypSB1gumsPzdYp8iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf2c8e1b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/
172.67.162.83200 OK 7.4 kB IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 845336bba18126e4461cf15bd736dac6
e728a09134f5defe661b7dab499b75b9dd50b62e
a0bd16f532e944f5346444d8ac9756699da50490142c2ad24a8fa240c0d83fb7
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TKOP827eVg9%2B0qPnPuiqV0U%2BYYtWplICrA42tT5Tu8OSjyz7i216UsaQiJuHOYiasbGgzROssgC36kMDF6OVCYYS5wZn5NvfvF094WksI3%2FJoL9P8YXGFGlBlKVkvnWTwoeqbjuMg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e3adef1b41b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:20:30 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 518682
expires: Sun, 12 Nov 2023 18:20:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBOP535Wo391kRWfCbkJ40qvVU0v7LzaqmMbghXbrREyLz8WTQ050iRk3f5cW8e66M3Bit6VL4q3J9nXyD5OkN5u18%2BqcxWMkQamX7lhcPzvXHgIt5zyOrQhRtbPPMCc8bVIx54y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e3adf30abeb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 42fedb1a86b94c6b3b99fa650fd664e4
d1b2afb56e53a525a0eaeb99aea6338df256db49
1b5d3eb1928da6304b8a8ee0084390c521ad5c35521054c3961dbe316b914aa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4267
Cache-Control: max-age=136326
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:30 GMT
Etag: "637c73ca-116"
Expires: Thu, 24 Nov 2022 08:12:36 GMT
Last-Modified: Tue, 22 Nov 2022 07:01:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 42fedb1a86b94c6b3b99fa650fd664e4
d1b2afb56e53a525a0eaeb99aea6338df256db49
1b5d3eb1928da6304b8a8ee0084390c521ad5c35521054c3961dbe316b914aa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4267
Cache-Control: max-age=136326
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:30 GMT
Etag: "637c73ca-116"
Expires: Thu, 24 Nov 2022 08:12:36 GMT
Last-Modified: Tue, 22 Nov 2022 07:01:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2159
Cache-Control: max-age=141744
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:30 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 09:42:54 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/V9rgBqw/twitter-text.png
51.210.32.106200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 51.210.32.106:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 18:20:30 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 18:08:53 GMT
cache-control: public,max-age=3600
age: 697
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
i.ibb.co/Wg8qQxh/facebook-text.png
51.210.32.106200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 51.210.32.106:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 18:20:30 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
aman.spiderxzone.com/css-zone/facebook.css
172.67.162.83200 OK 848 B URL HTTP/1.1 aman.spiderxzone.com/css-zone/facebook.css
IP 172.67.162.83:0
Hash 6ccffc97f012d894133f797feced6435
b9ed09fb87d34d862c99b945207681d26eaee6e3
194e8028d5c92ec122b0ab14a9412f8afad57a2552dfef0f4f374359ee684421
Analyzer Verdict Alert openphish Tencent
GET /css-zone/facebook.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:35:00 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlLLh4cxy5ljrvCut34JWR%2BvCqRKbvS1KC18BuFJdkslZMolkPl63haT%2FdGcS%2BVbOc18mVKvRHb9tchup0w4BibatFUEJR7DqHJsNXqv0JhOBgNTj7Sgu7iNLHH6%2BRFK5vpfkBK7ig%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf2cba4b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.162.83200 OK 655 B URL HTTP/1.1 aman.spiderxzone.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.162.83:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 12:02:18 GMT
ETag: W/"637b68ca-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBAx%2BR7KBToE2IJtNnEBstUX%2Fp0IcjniYjelBebRs8%2Fec0G%2Fv8jjcP1dbVItoiZ8Y4fNv0gSUW9c%2BBO%2FfxNEhun0Q97p2zNoi164T%2BogZ3bAPqx%2Fn7m%2F2gKN2o67vBzzc%2Fc55TxkDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf568e9b506-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 24 Nov 2022 18:20:30 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
aman.spiderxzone.com/js-zone/main-zone.js
172.67.162.83200 OK 345 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/main-zone.js
IP 172.67.162.83:0
File type ASCII text, with very long lines (316)
Hash bbae78527e745cb146a632161f3012f4
c882ece393db1074d14ce6f7a31bbd1a75b063f2
c14640cd35d53dc1c450da2a35643dbcaf9877fc7818bc796580801c80c64922
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/main-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhqAk6psdekxb7g7p3pDdoDsPe5t8nuwA51CxGDRyUmVNmXaAm9WLRYyDG%2BKX0h2ZWI1kn6VKy0f0Vc4%2FewH3aZIeB1dnQe43JlguYJ9r5LtBbVuYx9%2FwQRoDoAITc5yKnMeCDFVeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf2e910b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/css-zone/twitter.css
172.67.162.83200 OK 718 B URL HTTP/1.1 aman.spiderxzone.com/css-zone/twitter.css
IP 172.67.162.83:0
Hash 2b641970dfedd25194e6e446c8f547ad
4ce3e69ef29814b3fe95969ea0095f38b18f9bee
18acde641f47d752f4090309ba6c33c35d9153de9668c0655c3f5dd69ad31756
Analyzer Verdict Alert openphish Tencent
GET /css-zone/twitter.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:35:06 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa5Dudg3DN7RgSUAm2CEfERe8kh1limHVYsM5A%2Fk269AbfiXzi8X8cJ9YellJUoPfVUWpEl86xU9pXvj2QZTzEJKYbdcN3VSqAnXi3WLtYgJM8xVaYjiQttk5YibarEAV17XVTEEJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf2b8891c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/myScript.js
172.67.162.83200 OK 914 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/myScript.js
IP 172.67.162.83:0
File type ASCII text, with CRLF line terminators
Hash c048ffd6a1dd7017cb953dc191cca55c
537e5f100fa288111c4665e8c1e940a34db3edd9
a47d502804db4e687aaeff43f262fb5c56804079cf62937bd8c2599087bdfaca
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/myScript.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 20:22:34 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjThtnvFMWwfwMph2FeDBTxwCBev77CQEZb5I8Fr2xiWl7W%2FJvwmJHidSG%2FkBP9bfopC7Cqqzugks%2B07N2IulcdYyl3Gu86cwOWh2C2aedUUUoEhs8S65ioWm7kUjsAY6YXlKwwKrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf30be7b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/jquery.js
172.67.162.83200 OK 451 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/jquery.js
IP 172.67.162.83:0
File type exported SGML document, ASCII text, with very long lines (1757)
Hash 1abe5c025a16893ec52beb616bed7b16
9d69e05eeeecfb6f358bfa69e460168a7617f585
1dfae3417846d2cfbd7957679b81e8021a51949912e10b3101c71ca2f9d5dcb3
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/jquery.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FErvpDbCYtis1YZUbZkJxbFtPhi2xwCA5EoIsdAEi4zC1VHvuuH1nwLdU20TtOOj4d3lmOJjQY1iWG9qcIvaZtMiyfZU5AO4O7Vn2OLXzYuenw49AJJ9LXmOkhEPIrN8%2FBEHeR538A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf2e9040b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.214.64.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.64.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OyTXJI5diXTyw1/ByBKqDw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7qB7XvZvSMe8jf6aCxbovK+3uyk=
aman.spiderxzone.com/index_files/css
172.67.162.83200 OK 62 kB URL HTTP/1.1 aman.spiderxzone.com/index_files/css
IP 172.67.162.83:0
File type ASCII text, with very long lines (1116)
Hash 755df17a408beddb747e36f27ae4dedc
53daa61ef477c0badec68fa8942cb5ffce0c38b0
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:30 GMT
Content-Length: 62268
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 02:07:42 GMT
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nq1u%2B7bBrhfFYIA8rI9AO7ySpAQMVaTc3flfY4%2F2GO6kpHLdZRzCcwitUb3ru9sMe8uo91Ax8lqJ%2FDBR7KdL0SnedxlgZRnIaT%2Fsg5y1GLylXtlQLQw4UnbNpyX6N8tdTR9wesw5A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e3adf2bbe9b50b-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/index_files/gift-zone.js
172.67.162.83200 OK 633 B URL HTTP/1.1 aman.spiderxzone.com/index_files/gift-zone.js
IP 172.67.162.83:0
Hash 36c66a5858739e6e4292644a69881502
c88534cd8a09aab21ef15eaee7ca3726584b0eb3
585e9d93d2a5e5eb3c781272abe9f16ded59439a48b5860ec4a321c991ac48d1
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/gift-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 02:07:42 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R92theEav6fupxc1Bh4F%2BkY%2FHPGD0aWmzX5LSvz3Rpc%2BdUbaz7lA5weFtYGXqeRLjX559xkqkHhAMITMGWu3bTopNRYtgkTNLhtxhMrvp%2F67fTF%2FKEKsofep4zwhD5gOgrLDw2CsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf59ee1b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/slider.js
172.67.162.83404 Not Found 238 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/slider.js
IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/slider.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 404 Not Found
Date: Tue, 22 Nov 2022 18:20:31 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kET%2BEjyl9kH6OMEt%2FGyU0J3Z5vV6WIaNq31%2Fv9HZ4%2F9OKrcDR%2Fowt7jiDLQ4kbr0KFry3zl1i7BfsOguIw3IuWhmP1JHuBd01JRo5z%2BYqC3sSFECRxuSlWOhT4zbMBuDCd4KvQQ3Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf5b8c7b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/showHide.js
172.67.162.83200 OK 271 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/showHide.js
IP 172.67.162.83:0
File type ASCII text, with CRLF line terminators
Hash c1e6c83f41b89d5d1ca66813689c3789
cbd43e7839e1f890a36a44f8285908474d005592
d103f1797e8caa2616a4e722460c879a8722de36b8490989088c0326850ed044
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/showHide.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 20:55:18 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgFp9WtexgvjPLImaEUFQea2%2BAKeOdp11DSdcTSudR%2B0TbCln7VyhShZfE52rKjtxCGktuNdMlFQSp4191NvsbkeUp%2FSaUlzhyzJffQ1yPgUtn5ajN%2F9YtAazHv4AdlDYYpRmM35XA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf5ad8b1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/script.js
172.67.162.83404 Not Found 238 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/script.js
IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/script.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 404 Not Found
Date: Tue, 22 Nov 2022 18:20:31 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo1grdVzrmvy3r1RvWZfl27v%2BMRcnUki1Szl%2B47dEQR9RscX1R50wKx%2BNLHBU%2FzRHUf36aRCe20sin3oRRchgx%2B9ydu0Tuwe%2B3HWObg4SuYsD%2B1fUOPS9sAAmszjf7tDwposJGN6Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf5bd590b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 338b8e43c99cd8fc1e5e8da66b11e409
5ce0d90836c8beb0f043392483e204628fb7630e
41119b5d80dda4124aa8ec218359fbe99e5ded314f4f3385ce811e8692d70296
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41119B5D80DDA4124AA8EC218359FBE99E5DED314F4F3385CE811E8692D70296"
Last-Modified: Mon, 21 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=514
Expires: Tue, 22 Nov 2022 18:29:05 GMT
Date: Tue, 22 Nov 2022 18:20:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97e6fe59873179c3661a942d7c702ba6
ff5f7eae72b367e81314d15e86d6cd40f5c1a22e
cb4c824114873bb4887c24c466804a43a1d35e10840c512dda30697b1299f729
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB4C824114873BB4887C24C466804A43A1D35E10840C512DDA30697B1299F729"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Tue, 22 Nov 2022 20:28:03 GMT
Date: Tue, 22 Nov 2022 18:20:31 GMT
Connection: keep-alive
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 22 Nov 2022 18:20:31 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 23 Nov 2022 17:57:11 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 22 Nov 2022 20:20:31 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 22 Nov 2022 18:20:31 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 23 Nov 2022 17:57:11 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 22 Nov 2022 20:20:31 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_language.svg
23.36.76.250200 OK 675 B URL HTTP/2 www.pubgmobile.com/en/images/nav_language.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Hash 77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 22 Nov 2022 18:20:31 GMT
content-length: 675
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_shop.svg
23.36.76.250200 OK 526 B URL HTTP/2 www.pubgmobile.com/en/images/nav_shop.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Hash ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 22 Nov 2022 18:20:31 GMT
content-length: 526
X-Firefox-Spdy: h2
aman.spiderxzone.com/index_files/jquery.min.js.download
172.67.162.83200 OK 30 kB URL HTTP/1.1 aman.spiderxzone.com/index_files/jquery.min.js.download
IP 172.67.162.83:0
File type ASCII text, with very long lines (65451)
Hash 92beedbec2a351e5d00fd319209c3568
1a057104dd7acf2e147bae08d26af8f9f3588aae
2c07b10a6e4041180bf9f5cacd4ca76419224d733408cd17437692fae1aa921c
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/jquery.min.js.download HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 02:07:42 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uljB6ZTwkswB%2B2K2%2FZh03QXV6frbEcVxDSoDzHfaG1uqTxehCAz8MlkQYaxZihlKi%2BBghchCddtWKYdL3vjYzBZWWFORLfwUSUwoLOjs%2FdeyTPcUi4RL6FE1eaeo4DIJuWTjTQgJcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e3adf56901b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/navbar-logo.jpg
172.67.162.83200 OK 54 kB URL HTTP/1.1 aman.spiderxzone.com/img/navbar-logo.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 4511c6cadf17a4d5a00887af7ec3f804
094331f330f8f361d7caef2363f02516c7e3fd0e
e18e70580a9943863f8a143e4d1eea7fa213ed4e82a735b70540390d4fa8202f
Analyzer Verdict Alert openphish Tencent
GET /img/navbar-logo.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:32 GMT
Content-Type: image/jpeg
Content-Length: 53812
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:42:44 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzr6p0YWvT1w5w2HkcX8lfCTajfxriyrhsINwSxb7OjkltrN6WNiqkpc2Oqidg%2FA79ra4vbVajgeLWmvqsVMAeIYSTUUgXr7rNBuzFwAYlr8CW5fSTjtcIe5ks4jqTE8Q2AdTAAeuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf7cecfb50b-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow1.jpg
172.67.162.83200 OK 127 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow1.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 127 kB (126828 bytes)
Hash 877994d0e0684610b95e2a7ebdb287c5
dd177b71a2bfe4816a11fd4a1049eb0fae265327
1c5ac72d6405c436ccce5c2475bb552bfa453cc8c43b65798309567b164a964f
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow1.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:31 GMT
Content-Type: image/jpeg
Content-Length: 126828
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:04 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQtZLsexx4QS6699PCf3%2BNaUxYlqF1BzbB2VAOnvLkOf4QttUaPlDA4Ha5xwgr3m1zllHPELxbJL%2FXJT2IAKdc9rNZTFe85zLputVzG3pqJ04hIZsOUQXDb515T1YaxvBcQoRmMeCg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf82c0bb4f7-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow3.jpg
172.67.162.83200 OK 89 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow3.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash d63282859041ae505812a3c4d1cb2b61
052a671b7c74b531fd6adfbe7c3c533d7f62d262
b729b39e16835ee80d5c5434e51e8395deba552f4a1d0270cd34cc8619f84ed1
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow3.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:32 GMT
Content-Type: image/jpeg
Content-Length: 89117
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:12 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4cD6lBmul8I27cUgEhm%2F1owJBFaEHZMYI3Eiai95uiD63b7H%2BUHuJmPmrWLdBF5vZoNpR5meB9wp%2FT93gCz85mSRXxJ6Qrgki4UM2r14TGDfd9x16XTapRvCHHxb%2BI0UDqmvsQZ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf839eb1c06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow2.jpg
172.67.162.83200 OK 136 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow2.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 136 kB (135949 bytes)
Hash 9ca747ee4f0c5e833aa37488043b3984
c7be6939a60572d600112c333da532377a271fde
01337835dae793c7e862e41e6dca79b61df20018f699aa7bc05c6d7624a00fc9
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow2.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:32 GMT
Content-Type: image/jpeg
Content-Length: 135949
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3meky5COrkhp8f%2FSbcJIa8qyO0i8sq%2FeSaHhA4mJgaQPDKE2legrOqN1EWrrEF4c6nmZINQgLKltAEmxdSolosbtXnC4wf9QNljsoe5NOR%2BTCMh1hky0L75pPeqyAe0nJbe76Ee6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf83f70b4fa-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/header/selow4.jpg
172.67.162.83200 OK 124 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow4.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 124 kB (123831 bytes)
Hash 8517db42ba1d14fb2d3acd371917b9af
7a60887f435c625ef8e6b24e6c7e9a57172e9398
8f2f26a3f13dc141412527941fcfa218ea8cfbb391a56bc6eadff3d2fb5f8f4f
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow4.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:32 GMT
Content-Type: image/jpeg
Content-Length: 123831
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcydCcojLBKv1mNpZuLHLufYY6PHTOn%2FqqJ85oKqHerKEP0zP9fHIVrTLH%2Byql85sd5dn97fBnfSf7yWilgb5nFIzsj8MsHUZHMHfU3RgZO%2BM4JF6bUnFqnYYn1FKuOinYnRbDI%2B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adf849180b3d-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/zero-zone.js
172.67.162.83200 OK 360 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/zero-zone.js
IP 172.67.162.83:0
File type exported SGML document, ASCII text, with very long lines (612)
Hash f5f344af95f2ea78322ba0231c998ad2
2cba1787df5a060739fc914ce979b71ec649b038
b3c218d6b3ec189d95b6b97ec73d66f4665101a0cad0709753df919c520ba205
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/zero-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz4LAZq9ujukxb4UcirL%2BkJlKZ9h0TWloKxfn4QeLZDjaxwJl9oQXLMmPCdZ5FO%2Fwx8t3nhMwKswln6hRCoSjSnVgoYXJ%2Br%2B9o8fUa8lkxzXYX%2F%2FPPDzssV1N5iZG1m6Ph5VOKR9Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adfd099ab50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.250200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=300
expires: Tue, 22 Nov 2022 18:25:32 GMT
date: Tue, 22 Nov 2022 18:20:32 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_download.svg
23.36.76.250200 OK 485 B URL HTTP/2 www.pubgmobile.com/en/images/nav_download.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Hash 105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 22 Nov 2022 18:20:32 GMT
content-length: 485
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12419
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:20:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12419
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:20:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12419
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:20:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12419
Expires: Tue, 22 Nov 2022 21:47:31 GMT
Date: Tue, 22 Nov 2022 18:20:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: StZ9dxgY8W0WwUUqsxyeISFnbm_WGGcm_AMuo9dzfhF9Yp7wM0TMMg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 08:17:57 GMT
age: 36155
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eHLf2DFK-3yN5dEG22XItPxRzmODRdThIYJI2oZqDJpgTGQGSQnGzQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:46:07 GMT
age: 74065
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z_LKFsiB_s81UenxBOVg9_qX_7vBHUZix7XF8YguDCytRn5opLkLRA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:01:10 GMT
age: 73162
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:46 GMT
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
age: 73066
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 472ceca597feefba355fbd65998977b7
f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a
e201f706ba38f04ef07d74a67eec187ad8b882027b96b0e4e700162f96da422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7751
x-amzn-requestid: 577947ab-4fbe-4b07-944a-2b65cf5ed6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4UE9GJ9IAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63799a1f-1a26961e20c88cd54a613ddb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QB2RJo7NR7FMDRC7fC9eLMW99KR7andopIeu4qi0yp_tihE0vtpkXw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 03:41:51 GMT
age: 52721
etag: "f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aman.spiderxzone.com/img/rewards/6.png
172.67.162.83200 OK 32 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/6.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash c50b328e96b8c6046e1ddef43eed8dfa
0ceb516def198e3d017353276cde67428b66c537
636bd3eddf7c2f8c9b91fbb837ff0fb06e132fdcc038aa0acb4ff6807d3139e7
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/6.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:32 GMT
Content-Type: image/png
Content-Length: 32021
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 18:06:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jVDxuG3FJ5H2VNFb3uwB2l%2Bysqb4G5Gk%2Fa2MD7%2FVjf4xeBnkVdwIjXEtQrLNYgORTPrpCg6PKE5zsYijtYqhYDpABi6WgSh%2Fxjo%2FsgQ6cNZDQrYn72mwIQ%2F1g3kmD7S81JjR4RVmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adff9ecbb50b-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/alert-zone.js
172.67.162.83200 OK 17 kB URL HTTP/1.1 aman.spiderxzone.com/js-zone/alert-zone.js
IP 172.67.162.83:0
File type ASCII text, with very long lines (64301)
Hash e8b74c6795976bb00b39192913be9a32
dda8e1b9a91bfe6ddca677812c4968291e28786a
00da874465ecd5632f1b7461cf7f65f9aa53bce8408b23775d70f08d6a963322
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/alert-zone.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sf2dGU0qt65R8oQZrRT6AyX%2FKZDPm2pGr7fHLTkDzBC2L8iEeBDgCRF2dO2s%2FtKhhSIz65jeqry%2FGWTmZrKf30Uf4uPYW1F2P93ob%2FQXK1MxyLwn%2BJl0TXFKQaxQELwM%2BPNpvXNiPg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adfbcd89b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:26:05 GMT
age: 71668
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aman.spiderxzone.com/img/rewards/4.png
172.67.162.83200 OK 38 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/4.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 84ba0d22e66006a69af8121b7ea26759
9c2da0735583d2dd238e713c3cca76ff1260730f
63b6a402554eb2ce8f9e9197b9a69f77649ef9c5a47bb0ce1fca9a4028279ece
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/4.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:33 GMT
Content-Type: image/png
Content-Length: 38328
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 18:06:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BNmqAvBs7hNgiXpvZZBqBzm9KxHi4uwR9F2vLBx7qgI5RmOvs%2F2ofcd1an52KUBx7PnWoiz6IqMGbbpGJ3Ue6EQz%2FVKERV0D2uTCILdlR6a9eD%2B6sXIhafbPcW7055odkgKwb%2Fttg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adff9e291c06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/7.png
172.67.162.83200 OK 59 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/7.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash b1315bc4b7de34baf74ceb6d0f3d6c8a
793a676a1db56cebff755c7aa84faf6aa4e36feb
55f74171abd5756fca9fc223a42296f23b769843f7c73a56f1382df5f91c02a5
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/7.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:33 GMT
Content-Type: image/png
Content-Length: 59005
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 18:06:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvAzPnqvVrK3S24BxggJha2DzKuiw66HgrVuhV1Y4ce%2BQMlIOQvSiiFJu%2FvpF4qpm5t7t5ypoy2uiXzSK77U9%2BircZSA52Ql7SZu1B%2BiNNpAgwZKFvo9NqJg7U9Z6x7A%2BrW24NWJGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adff9dbeb4fa-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/3.png
172.67.162.83200 OK 65 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/3.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 00e6ccc0d669cf2f2afee9269ba9f143
5db515dd4ae9de0fc50a0fe99401555030884a2a
e1810d6a3b92339792f025ae3ccabf3ebc24ad3d4d3457f0c27114810a3145d7
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/3.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:33 GMT
Content-Type: image/png
Content-Length: 65013
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 02:07:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfnQwtn09aYloEzfKFDixoLD7Qr9EK9%2BTVbf0lrcqHJREf3XbsuqvnDw45tJ5PYUkVVfL1rYDl%2FSE7z5zgF61TL2AYCKUu3qnqNjQqFtxVlVUEBqiZJ2PXpS0S9mQd276O5m%2FvKrpw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adff9ae5b4f7-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/5.png
172.67.162.83200 OK 70 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/5.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 840202786fb8cf8798954fe12984ebc5
9e17b584527d834cc9f7102d0ee937ff20638ea7
99121c3df4ee30cf2c7e47a1df3899a9cc2daef72a03a0e2ec5dc2d6a9bc788c
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/5.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:33 GMT
Content-Type: image/png
Content-Length: 69915
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 02:07:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRXSu61v5aC09GdwlCnkf6rYs%2BLTp%2BTDyMZjhh4eU5lREP7BtmZagPJTbCfNA43IHmm8HlWxpgY7nBlwn61piDP%2Br%2FqRnkz%2BD4w2cJKq6TxRV3MT%2F5AA7bmnSRWTVn2phtMngb%2FVWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3adff9c1c0b3d-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/batas.png
172.67.162.83200 OK 6.6 kB URL HTTP/1.1 aman.spiderxzone.com/img/batas.png
IP 172.67.162.83:0
File type PNG image data, 1053 x 101, 8-bit colormap, non-interlaced\012- data
Hash 54ef8b386795dece8f3e858711963cdf
3aac834009cd9cd34c0d3e2f099636d1b112e61f
ee74e42dd569302edec83c4353f03e0bf4f4710337047549587dc4c339c4fbc0
Analyzer Verdict Alert openphish Tencent
GET /img/batas.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:33 GMT
Content-Type: image/png
Content-Length: 6562
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:54 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PDMMf6W5xMTT554V3iuggOD%2FGoyyfz5ae1JwB8hHvEROD6aWMCTh1cTKsILvdjIhi%2BpcPrMjWhSsMdGwyzkWomYdb0ReFJJp07f89r6iHzcj1e2M1xq0ap7kCoySPVYr4aRIHL74w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae02db82b506-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/footer.png
172.67.162.83200 OK 23 kB URL HTTP/1.1 aman.spiderxzone.com/img/footer.png
IP 172.67.162.83:0
File type PNG image data, 1280 x 189, 8-bit colormap, non-interlaced\012- data
Hash c6b56cf1fbbb63620e8558afde759e96
4d50888d8a17c2dcdbd05e6068ca4b4b587c7f29
34f7601064bb7cc3cce9ba942dd92d7f53889c703daea37bf34e1e71a1de03f8
Analyzer Verdict Alert openphish Tencent
GET /img/footer.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:33 GMT
Content-Type: image/png
Content-Length: 22718
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCFpQ%2B8llYL%2FuMUqYwsnHtq40w%2BTU%2FNr7OsAajJdFtNDRzii1Dil2B%2BtsVlGgjGjfLGk55SRYdjN4nKGYFW1XU94BaDmXxYTQ%2BnE9kPv8oxWpEBkUOW1XqtxAt%2FbcwpiCq7I8v%2FMUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae02dddcb50b-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/8.png
172.67.162.83200 OK 36 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/8.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash dd5611edc6debdacd380595340d31745
04707834a1bd8b5676dc9e12a1191f41ae8f9a5c
8c11105da7ea664230b646b836bea924fcbd2ea77e1bbb0aabef3f83208ad55c
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/8.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:33 GMT
Content-Type: image/png
Content-Length: 36234
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 18:06:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHZQ3Qnx3spqIhEkpoXRhlzQ5mPGhKWM1yyT6zr2S%2Fr0RK%2BEyubfRzmgL4lUTgIVuh3rkfsSUT6fjNFTzqAlpYvrAAlCdY3pkvVyilWP9Z2ZAug3Y%2B4RAoeCJ9GmREXQ6jol%2Bt6Emg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae036d6d1c06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/css-zone/style-zone.css
172.67.162.83200 OK 5.0 kB URL HTTP/1.1 aman.spiderxzone.com/css-zone/style-zone.css
IP 172.67.162.83:0
File type ASCII text, with very long lines (411), with CRLF line terminators
Hash cddce1692c9467ef86e2da7b9223cc4b
e67a0102d172959ca97cd8761e565df60e58a01c
79eb4caacc1bcbbb5ffef3b9eb61f5c616cfab31f9bd5fc67269182377c45c7e
Analyzer Verdict Alert openphish Tencent
GET /css-zone/style-zone.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 20:56:38 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJZz526dIOcFsaMHsG0u2QwEyx9GAAz08%2B94rL9TtfDIBHQ8NwjEtP1%2BmoFwDTN1AwvCTPXP%2FTrzdnpeQsu67QJ1OxI4824ufnErUAL4LqyMClwBDI%2FFe4wNM7p1EsnMHxJfn8hV4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae049f3eb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/css-zone/zero-zone.css
172.67.162.83200 OK 986 B URL HTTP/1.1 aman.spiderxzone.com/css-zone/zero-zone.css
IP 172.67.162.83:0
File type ASCII text, with CRLF line terminators
Hash 16bcdfa8808c51e9911df399900121d2
677e950e66aa8626bf96c823227a6c8b9afb8a63
2f093d5ee4ad270b7d703366075ff2cf681b19969778be05e141f4b79907ca0f
Analyzer Verdict Alert openphish Tencent
GET /css-zone/zero-zone.css HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 20:19:52 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1JsS%2BiQWg3xvMBvscuQvNUIqzBs3OUIPUoQR0IsD90YY4F%2F63ekCEakibdIqrII8eVFJTid25ZEJuxJqylbNjo2%2F11US3mhU2y8HlZRfdoRfuTUvndEu7pES0FseqlvFqhuQFHuNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae04ad4eb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.10.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://aman.spiderxzone.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:20:34 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b54e3a81a05502edeb1d19dcb84fb99c
cdn-cache: HIT
cf-cache-status: HIT
age: 47828
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76e3ae0c0fd8b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://aman.spiderxzone.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:50:24 GMT
expires: Thu, 16 Nov 2023 21:50:24 GMT
cache-control: public, max-age=31536000
age: 505810
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:20:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aman.spiderxzone.com/img/header/selow5.jpg
172.67.162.83200 OK 85 kB URL HTTP/1.1 aman.spiderxzone.com/img/header/selow5.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 64cb4ad2ef4177c17f4107dc40153b9a
064408d6ba6c58b196cfe38d5176ef2650828e97
9adf0d4afb097f242155bb25bf0312796fb090930933811607fb8317eb552df5
Analyzer Verdict Alert openphish Tencent
GET /img/header/selow5.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:35 GMT
Content-Type: image/jpeg
Content-Length: 85221
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:43:20 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPEiEYkgHbiDrAwLrnGKXEXRRiAeqRLhusuCc2qxT8VRgHYW6WsuxDcC%2Bi50qio1etnOY1Tx8bl6lpYFb10ALvpFgYTUM7b%2FvtaMdrU7u%2FRrK%2FgI0ASsAgliJGKfbE3JJqKUJqJipQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae0aff551c06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/slider.js
172.67.162.83404 Not Found 238 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/slider.js
IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/slider.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 404 Not Found
Date: Tue, 22 Nov 2022 18:20:35 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE9zaVNShubFXBxAMNYAJelJGIG%2B3zxx%2FiFEVCVuL%2FuZE5Rc4xD65QFp6jv1gKtoOWBHyItWJKpn6A85EA9iO6j%2BiFKSoXnbk8CmEHObBNqYB5L%2Fvb%2FyNJ2b%2F8oyjOrFh%2B84VFPOrw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae1009301c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/bg.png
172.67.162.83200 OK 13 kB URL HTTP/1.1 aman.spiderxzone.com/img/bg.png
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 805x1280, components 3\012- data
Hash be9fd39d71175e313b08cb027b0819bd
8f86d450d9c83db3f74f819aecdeed4277e9cf6e
d54bfc59ee12f6f83159b3293d9f294a3e5a63e09ab4271554aaf5ba81298f55
Analyzer Verdict Alert openphish Tencent
GET /img/bg.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/css-zone/style-zone.css
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:35 GMT
Content-Type: image/png
Content-Length: 12884
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:39:46 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCodQPzl1mvm%2BDkgmKRDtbbsjWalKcUs8D4rWapZ6rX5vjZJUgu9mseCmrHk1d60n2%2FJfu9kUlEIoz0iwNqtA90F4Z8xCgbNDzs4MH2QaitGy3ZOzZK2zCQuJTxqHQHzAXndgae0hg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae0b9e49b4fa-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/2.png
172.67.162.83200 OK 110 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/2.png
IP 172.67.162.83:0
File type PNG image data, 600 x 600, 8-bit/color RGB, non-interlaced\012- data
Size 110 kB (110283 bytes)
Hash fc6e6ec06fb06a618e32e51417ca4d35
458dff8a8a63c1e1969f5e4e400a53128eb0e5f0
4298ea09700ee2e78b5a6e7d2a360594ec73dc40741c1eac050f2f940b4b6f0d
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/2.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:35 GMT
Content-Type: image/png
Content-Length: 110283
Connection: keep-alive
Last-Modified: Sat, 09 Apr 2022 01:43:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNTMKKy7rLiWiWufXTGhcVo7AdLeLy7aIm7Qs3B54nKVc2xW%2B70C7HWoQxwL%2FHpWYdRYwCohLeqOgrxbgUIeqAMCRj%2BtuEG3wUwY9itmxdZGQJUqHioXpI%2BlpaYaPKuLDpoB86AFgg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae0afe85b50b-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/fonts/selow.woff2
172.67.162.83200 OK 22 kB URL HTTP/1.1 aman.spiderxzone.com/fonts/selow.woff2
IP 172.67.162.83:0
File type Web Open Font Format (Version 2), TrueType, length 22220, version 1.0\012- data
Hash 345579e8566a3dd6dc9feb5362fbe7e1
df075dd0c26e72fd7df19948f07904c1eaa72ded
1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /fonts/selow.woff2 HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:35 GMT
Content-Type: font/woff2
Content-Length: 22220
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:45:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgFW93hXzqUWWNepNm0yV6%2Fo%2B6w1IaYfXSbAvUwyK3l%2FcyKVnXie6YuB3b7CB7GuBb8mvXXD%2B%2F5S1XjHlYH232vM2xCYejimOU4EMHW7F27idJZ8eKu6XO9SwwqGQQ6BD%2BGl1Qv2tg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae1019501c06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/selow.jpg
172.67.162.83200 OK 49 kB URL HTTP/1.1 aman.spiderxzone.com/img/selow.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x386, components 3\012- data
Hash 629463fa5382a9c117d3eb59f0d3c3d2
f6afaa590eeded8b30e06cbcdb1d548bb368cf3f
5e264720e7dbbc0e58bd86a2ea91e8da3fa979183dd5fad1cb47d2133ddc19cf
Analyzer Verdict Alert openphish Tencent
GET /img/selow.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:35 GMT
Content-Type: image/jpeg
Content-Length: 48566
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:42:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFwbX2TBjl71bOeRZhgUM7xuCwsYs5r6jOTWXMfYD%2FZN1azpaNWVFdQFBDyPxMgLgJN9aMtOoN9UcrM%2FDiyQaBe8oudZ%2F9AAq2Gix9EaTCL%2FNZXMfb7q%2B%2BBZTPxjJV%2FD5jwFBapVxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae0b8bd7b506-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/container.jpg
172.67.162.83200 OK 170 kB URL HTTP/1.1 aman.spiderxzone.com/img/container.jpg
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1496, components 3\012- data
Size 170 kB (169559 bytes)
Hash 7517fd35c7a881fafaa73dec51a99685
0a47f4beda292278ead0efeff34da297dedb52f3
6acc9309d234b25eeaab4cb8e88d23088698a8d36fa58202789e984234ed5a8d
Analyzer Verdict Alert openphish Tencent
GET /img/container.jpg HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/css-zone/style-zone.css
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:35 GMT
Content-Type: image/jpeg
Content-Length: 169559
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:39:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncILv9RR0vGZOowVmV%2BNlvX4Nbli2DB69xFCq6XxjNjGiSYsRo0hiqY8Wld%2BnaMypfCHgzoGz56bhEPLfRu1Y9%2BSzhmtj7dS%2BTuZwsioTL6EI7%2BShzX0uHdxpgESlx1IkcAXkQFjMw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae0b5b1fb4f7-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/rewards/1.png
172.67.162.83200 OK 396 kB URL HTTP/1.1 aman.spiderxzone.com/img/rewards/1.png
IP 172.67.162.83:0
File type PNG image data, 800 x 800, 8-bit/color RGB, non-interlaced\012- data
Size 396 kB (396543 bytes)
Hash 343f473ccf6004dd11e6bcb0477fc596
8cf7cae89e82e0dc6b3900fe1ff6563e49d4b05e
5a39b4ad1913d394ecd017b6976690bf3fe86715753dd892d08216b57bd90432
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/1.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:34 GMT
Content-Type: image/png
Content-Length: 396543
Connection: keep-alive
Last-Modified: Sat, 06 Aug 2022 20:03:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHf2ReRbnl%2B8SP5VEcPQEm0K3D29scFiBEnDp7KrW6SXTsw42NRUn8EVysI74CwUwoiZN9OVDuhdov2yi7TQOmPFs63MN1tuIMY%2Fn6eiu9bFaFWzCKQ%2BlU9fp%2Fq%2B%2B56P%2BGNKFGi1Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae0afeb30b3d-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/js-zone/script.js
172.67.162.83404 Not Found 238 B URL HTTP/1.1 aman.spiderxzone.com/js-zone/script.js
IP 172.67.162.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/script.js HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 404 Not Found
Date: Tue, 22 Nov 2022 18:20:36 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGrzI0tMhlAQ7mOnhGLpH0xiJn1MYUc8CQmxLprYRinhoEQCU1UOPmPQhWFK0nlYQRzC8OZ7D4Da%2FKwRZzFzAbPsj7IQ5uhoY3R1HqEp3t2Fv3jvZZFf1o27pEtLFPIbEvQvlpBBag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae19cb69b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/bg-det.png
172.67.162.83200 OK 2.1 kB URL HTTP/1.1 aman.spiderxzone.com/img/bg-det.png
IP 172.67.162.83:0
File type PNG image data, 480 x 76, 8-bit colormap, non-interlaced\012- data
Hash 0e9a4fd0efb7b72c1c512ea7f343e0a1
0ce7e490cd726e11ec891905b5a6acacf5be2119
1a7b248a69e3ad9dce220979cbe1ec4d5a97a1deacd4d71a188db1dd0eca90ff
Analyzer Verdict Alert openphish Tencent
GET /img/bg-det.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:36 GMT
Content-Type: image/png
Content-Length: 2082
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:48:10 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2MbmsbwT8QoCddb6GKJmlEWQUVojYTdAqoMCF5wM7RIkdVhY4iRQlKh2Yab5OyEZoFJygFGsksRFNjQ%2Bm1VVntY0yC7Xsozo6395FMWT04%2FPQMAO3%2F4Lx1x3LFe5fRenm2Qmf3iDg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae19c9e9b506-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/alerts.png
172.67.162.83200 OK 17 kB URL HTTP/1.1 aman.spiderxzone.com/img/alerts.png
IP 172.67.162.83:0
File type PNG image data, 480 x 103, 8-bit colormap, non-interlaced\012- data
Hash 0bd1484d59e51865670cdf761a36df85
b1705c48b19e4d132a92a46a4e897338c36ce135
eb3dafc4d24a106d27c22489b483af93908114dbc4a8e0e27302adc8d2cb5fba
Analyzer Verdict Alert openphish Tencent
GET /img/alerts.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:37 GMT
Content-Type: image/png
Content-Length: 17160
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:46:34 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tN%2BWHRx0gqR1dnkaexRyZqw4qxjPFX20JpqYRiofB1%2FN9%2Bs2MuMMOYZuRZtUjyNaI216WfD9hoz7D1AbBWxdAXUHozSKLczlGXwHj%2BpKXb609mUXCKLsCJPUQlxCFRwFaTSWDsCJiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae19ce3cb50b-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/se3lowcolok.png
172.67.162.83200 OK 18 kB URL HTTP/1.1 aman.spiderxzone.com/img/se3lowcolok.png
IP 172.67.162.83:0
File type PNG image data, 480 x 150, 8-bit colormap, non-interlaced\012- data
Hash 01f3fab005a89aeb477b463d2da6eb12
fa343e0be37e977e566cb3df54cab025cce1013e
714c538d7eca20ec4bb71456efcaa62b4e738da4a141ba90ef35717085a6be4a
Analyzer Verdict Alert openphish Tencent
GET /img/se3lowcolok.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:37 GMT
Content-Type: image/png
Content-Length: 18103
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:41:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9bTcaBxDexf1I21d9WJmnYG6rF1RnEVG4Emlx1KuXqWZ0j4pCtybc3bcViAErJaPBS%2Bk3%2FtnYxBlJGcFh6FpkEM4yCZG%2BTWDw5Uk2%2B938wVhe%2BO%2FsDHL5o2illzqrV2xFFHMGIsrw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae19cfe8b4f7-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/img/selowbro.png
172.67.162.83200 OK 40 kB URL HTTP/1.1 aman.spiderxzone.com/img/selowbro.png
IP 172.67.162.83:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x346, components 3\012- data
Hash 7ff41be72c5f5aba38b567b66f3e1a5b
dbe85c6c87a9b80588dd7cfca5d4a16b1a38c1f8
8646abbfdab6206acef83f578d9408ca574736e1d33fdfe449b781ddf015d57b
Analyzer Verdict Alert openphish Tencent
GET /img/selowbro.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:37 GMT
Content-Type: image/png
Content-Length: 40442
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:48:04 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AozAJot0YoXG0XpXGGDshBPTrD4kiPLPLhCz5eoDZr1qF91nn1UBfTKNoitzJjVaDi5H2lYHbeTvhLYv8A5k2GLPLbO2FbtuxoDEmhhVy32HPGfKYmek7odSfg0MBlyI9PUCJUVqFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae19c99e1c06-OSL
alt-svc: h2=":443"; ma=60
aman.spiderxzone.com/media/spin.mp3
172.67.162.83206 Partial Content 133 kB URL HTTP/1.1 aman.spiderxzone.com/media/spin.mp3
IP 172.67.162.83:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data
Size 133 kB (132739 bytes)
Hash 5e6ad4032df296732508803deb114b90
99d585eab4db1d9d5555b5ea4aae2542c5c635e5
9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /media/spin.mp3 HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 206 Partial Content
Date: Tue, 22 Nov 2022 18:20:37 GMT
Content-Type: audio/mpeg
Content-Length: 132739
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 02:07:42 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Content-Range: bytes 0-132738/132739
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BFLLCGBUg17YmBhGVcZ3%2Bd%2F2kCdjdVhG2V2bnJnNJGXh69yyGuQ%2Fyfuu5yORBtRAv4JSeJO%2BgE1b7gB92%2BFHmua0nyuw8iBkRSiTXOK2nUEWEEhV8Km%2FScTG2xaOd%2BgZdAZ8w%2B%2FwA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e3ae1aacf5b4fa-OSL
alt-svc: h2=":443"; ma=60
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.250200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=119
expires: Tue, 22 Nov 2022 18:22:36 GMT
date: Tue, 22 Nov 2022 18:20:37 GMT
X-Firefox-Spdy: h2
aman.spiderxzone.com/img/se3low-login.png
172.67.162.83200 OK 349 kB URL HTTP/1.1 aman.spiderxzone.com/img/se3low-login.png
IP 172.67.162.83:0
File type PNG image data, 1679 x 917, 8-bit colormap, non-interlaced\012- data
Size 349 kB (349278 bytes)
Hash 949602b2db369f62d3d83215eea3b65a
c68f8c05a96bf5b04e7873595a0c910808594fed
0e3da482a685e14badc7a21867b3468d6090035099d43090ec6e12a82456c714
Analyzer Verdict Alert openphish Tencent
GET /img/se3low-login.png HTTP/1.1
Host: aman.spiderxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 18:20:37 GMT
Content-Type: image/png
Content-Length: 349278
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 17:40:56 GMT
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUSpm2DvUO5H44WM8bMAkV2NIXD6h2orPm%2F0SMR0TAh%2Ft47%2BTYIwg2MN56M0pgBhc7hGsfCsiBFLPzBvzjlmJmoOzFlsVUuScV0jXoN3KLxphE%2FRCXdI7sZ3fc2TYrYeYnebOqTZFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3ae19cf8b0b3d-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: j7GPHu9Gq8cF2_j3-uXucAzJPSBWsFelX1EWZa_2sEW-Vo7b4WlaFg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:55:58 GMT
age: 73481
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aman.spiderxzone.com
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:20:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 076ca476f432859e337278e8ca93a377
cdn-cache: HIT
cf-cache-status: HIT
age: 47834
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76e3adf37ba6b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Teko&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP 142.250.74.10:0
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 18:20:30 GMT
date: Tue, 22 Nov 2022 18:20:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aman.spiderxzone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 18:20:30 GMT
date: Tue, 22 Nov 2022 18:20:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
download.microsoft.com/download/b/3/7/b375974d-d9a8-454e-b929-4ed9b8020121/6001.18000.080118-1840_x86fre_wave1_ServicePackInstaller-FRMCSP1_CD1.iso
23.38.202.23200 OK 0 B URL HTTP/1.1 download.microsoft.com/download/b/3/7/b375974d-d9a8-454e-b929-4ed9b8020121/6001.18000.080118-1840_x86fre_wave1_ServicePackInstaller-FRMCSP1_CD1.iso
IP 23.38.202.23:0
GET /download/b/3/7/b375974d-d9a8-454e-b929-4ed9b8020121/6001.18000.080118-1840_x86fre_wave1_ServicePackInstaller-FRMCSP1_CD1.iso HTTP/1.1
Host: download.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: MC1=GUID=c9b37f725aa54aca920642aafbd273a6&HASH=c9b3&LV=202205&V=4&LU=1652916118807; display-culture=en-US; MUID=5cc6c626cac748aeaf2c0657a97a57b2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-content-md5: zONlmEyHVOI0o4AQw2BY6w==
Last-Modified: Tue, 16 Oct 2018 09:33:35 GMT
ETag: "0x8D6334A720A57A1"
Content-Length: 570796032
Date: Tue, 22 Nov 2022 18:20:31 GMT
Connection: keep-alive