| firefox.settings.services.mozilla.com/v1/ | 143.204.55.27 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash804f8bbb7f556d51a5f52d5ebd5b6eef 922cd7e06df278615a04abb81d811d14596c8180 ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 07:52:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5VtTkIIaxAvuI9Zm3SmdgP0Gh1t-nItS3-wXrLTHGXNVW5yr8NUKyg==
Age: 1465
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha26d0784548ecab22f417f3d689daf23 8893b79366bbadeb5c8d587b8f023e310694df1c 35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7801
Expires: Thu, 22 Sep 2022 10:27:10 GMT
Date: Thu, 22 Sep 2022 08:17:09 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YpRIG6tBPuEjN0F2gUNtLskdzknSA-Af7KMjdK3YwbmZrC69IA0wdw==
age: 13315
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 08:17:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| new-pubg-tournament-pro.duckdns.org/ | 20.5.64.12 | 200 OK | 9.0 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/ IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text Hash49293b1f6429986a8dfda20575f63b46 bb6973702fa6b0d32e07e9d51a2c736dc9f39b49 2b203fcb8afda11173d64ec36ed42da972c7637d18034c0e95bcdf186171eb33
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | | fortinet | Phishing | |
GET / HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:09 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| code.jquery.com/jquery-1.10.2.min.js | 69.16.175.42 | 200 OK | 33 kB |
URL HTTP/1.1code.jquery.com/jquery-1.10.2.min.js IP69.16.175.42:0
File typeASCII text, with very long lines (32072) Hash68cc08e82915da8b82fc6be74ab86365 4089530b0c00f6cbd1452d7f873be85454196fd1 6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:09 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 32788
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-16bb3"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1663834629.dop208.sk1.t,1663834629.cds243.sk1.c
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashde424c85b225196c5a35219b9e3ebd8e 85607bc7f8cd550eceab6a6c236b403ca91662f5 29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1554
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:09 GMT
Last-Modified: Thu, 22 Sep 2022 07:51:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css | 104.17.25.14 | 200 OK | 6.3 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css IP104.17.25.14:0
Hash99918fca57628309f8f9d98576272cec ab194d60583b16df155932a9f2d638298b356ed2 5d70e984ef355ffb6e1a01510a79aad3f24536bb3809498b815ea834701b473e
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 08:17:09 GMT
content-type: text/css; charset=utf-8
content-length: 6252
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-14d38"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1176240
expires: Tue, 12 Sep 2023 08:17:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnO7jEdP%2FTeNWSXct744BcVinpvEoCHZEGV57WgQlyXHS14DxccCBgRCMo4%2By6R4mDSPA%2BLZxlWMp8PcUFht7BnrxF1HWLM1svcsLWtveqIbYutGKhqc5t%2BqpVeUKL8JKj7kEt2w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e99a44c8f0b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc8ac2005f83e8a3a9da1a9837b6c2ff3 7c05f49683e49232c1e11b91253e684d2f96ab83 b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc8ac2005f83e8a3a9da1a9837b6c2ff3 7c05f49683e49232c1e11b91253e684d2f96ab83 b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc8ac2005f83e8a3a9da1a9837b6c2ff3 7c05f49683e49232c1e11b91253e684d2f96ab83 b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashde424c85b225196c5a35219b9e3ebd8e 85607bc7f8cd550eceab6a6c236b403ca91662f5 29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1554
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:09 GMT
Last-Modified: Thu, 22 Sep 2022 07:51:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 142.250.74.106 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP142.250.74.106:0
File typeASCII text, with very long lines (32061) Hashb90b3d2618cce9d766152cd3092b5c27 496339457cd00caab8118e2e1f30ea18dc05b9f4 b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 09:02:32 GMT
expires: Fri, 15 Sep 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 602077
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 142.250.74.106 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP142.250.74.106:0
File typeASCII text, with very long lines (32180) Hashf16500423cc2867eff8b773df637c48f 1cd32d75b59a89c3a70274e383151a61ce0594f4 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 14:39:25 GMT
expires: Fri, 15 Sep 2023 14:39:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 581864
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap | 216.58.211.10 | 200 OK | 1.0 kB |
URL HTTP/2fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap IP216.58.211.10:0
Hash0e50a431aa6107df76e37029e5fcb6f2 fc2f5ea6700d312660fe5d03d62edc7359fb3cf8 cef09d2028b107bfb527b83afaf0834cef888f4efb7039ad523edb5cafe823e9
GET /css2?family=Roboto+Condensed&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 08:17:09 GMT
date: Thu, 22 Sep 2022 08:17:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc8ac2005f83e8a3a9da1a9837b6c2ff3 7c05f49683e49232c1e11b91253e684d2f96ab83 b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.27 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 08:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 08:05:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GmC0e78c_c5hWlkdI1xmZ8Rl3qVuv-EQZVFVK171z_MHJ1WBzal0yw==
Age: 828
|
|
| new-pubg-tournament-pro.duckdns.org/css/twitter.css | 20.5.64.12 | 200 OK | 1.8 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/css/twitter.css IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash1156f34a3a464b3e4bf8c723fea57a65 dea488bdf766d877ce34dabec8ce45f38433467d 096419a5c82a883441ece55e606bf1f9c4c8c7d8679549d70610a46691cd1cb9
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /css/twitter.css HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:09 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 1835
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| new-pubg-tournament-pro.duckdns.org/css/facebook.css | 20.5.64.12 | 200 OK | 3.1 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/css/facebook.css IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash7963984a8f422cb6cdabcb6597f3f252 8932b3a35c501044ccf88aab675703b972868182 a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /css/facebook.css HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:09 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 3136
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| new-pubg-tournament-pro.duckdns.org/css/style.css | 20.5.64.12 | 200 OK | 4.2 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/css/style.css IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with CRLF line terminators Hashd0e62779e0aef168b6110ba5cf8f74d0 cac5f3ce6bf009be65b790e633960715dbca3315 db92b120255461f254281e328849412a8e18b9c4892276d4a272e80345cdcce5
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /css/style.css HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:09 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 4168
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashff6d50919e56aed75c47feb45ee2f2ec 98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5746
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:10 GMT
Last-Modified: Thu, 22 Sep 2022 06:41:24 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
|
| new-pubg-tournament-pro.duckdns.org/js/popup.js | 20.5.64.12 | 200 OK | 496 B |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/js/popup.js IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with CRLF line terminators Hash3721ad55a6ff921e7a02517c5e7848dd f7549490bd1bee82a024ae607d5abb0b647f9fec 2a76d43b0748ccba65ed3b8980967f3f30f94ee6a27a2e6857c9ad165eed9bca
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | | fortinet | Phishing | |
GET /js/popup.js HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:10 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 496
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 7.0 kB |
URL HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.11.207:0
File typeASCII text, with very long lines (30837) Hash7703aa0e0fbc590eb852d837a024d54b df2ebf32216fa91d5055803b60e90618be9499e5 8af8bc3ecb14814ee0160adb3560780961fd0f9e41d0d65378eb50d24059d7df
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 08:17:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c0e15957304970eb89af04c9c379f8c6
cdn-cache: HIT
cf-cache-status: HIT
age: 50863
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74e99a451a351c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6369
Expires: Thu, 22 Sep 2022 10:03:20 GMT
Date: Thu, 22 Sep 2022 08:17:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6369
Expires: Thu, 22 Sep 2022 10:03:20 GMT
Date: Thu, 22 Sep 2022 08:17:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6369
Expires: Thu, 22 Sep 2022 10:03:20 GMT
Date: Thu, 22 Sep 2022 08:17:11 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashaf5773255351157d72c28a670a355c60 c803e5866edbe6c9baec14e93677f610bdf09bff 3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 38582
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash91c56f0b9810bfdd84e10a626b89e389 15d83e44d568938b6c9c87201e898cedb3edec0a 942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 38582
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4d98acc059a69d51165fb5e0c7430ea3 09bd3300d710c3212483159f8398b84cde09da26 6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gZ8I075ljJuPvMcsyyRU3m09P9z7mL3WNBiex99pwXtoWDzt_jWP0A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:25:13 GMT
age: 35518
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash298be26294efc965abc5707a84df8a0a 5ee6c32afd92810ae61a791c059928e33148bb0c d9b5fe88c8e03f6a6a64e360015080bca00f7fb147515a137447832bacc2e6e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11645
x-amzn-requestid: 0ae5c056-6d78-4c37-8e18-b9abfe1e1f47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG34FKIIAMF6Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab832-59fbd91527ea400d333ddc41;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q7rg9YqHScSwWXfS96bSI5Mb0mSYQ-jbShb7wddPcG51nhn0_8DIJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 15:21:32 GMT
age: 60939
etag: "5ee6c32afd92810ae61a791c059928e33148bb0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash888247c1153f8770b880395734749107 7c27c02029eb49e726a076679be2c793da696e45 515852e0d38cdaf86bce45fa5e0df453d08ca36cf6ecfa0c4b868c2143afe333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 83c28267-4d10-476d-8b11-08b48b046985
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG6CGtroAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab840-1167c5285b6837d311bfe2a9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xo0ilY8z0C3rDISFOM5EixEK7HAelSut4hgNNwGYAVQIfPP8C6pUCg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 04:10:05 GMT
age: 14826
etag: "7c27c02029eb49e726a076679be2c793da696e45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9becda6e892a190dbbc63216ae697506 ba3369e1827d8f01ca10acb8648195847dd02ffd d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 37725
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf2384a87f0a565c63926ae86137b081a 955cebe887c6155eadf92a66a960d2595736db31 4165740ae13c7f35084f04d7b88161fb9444aabe8cd63c584809d4e13c916bd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:12 GMT
Server: ECS (amb/6B84)
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf2384a87f0a565c63926ae86137b081a 955cebe887c6155eadf92a66a960d2595736db31 4165740ae13c7f35084f04d7b88161fb9444aabe8cd63c584809d4e13c916bd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:12 GMT
Server: ECS (amb/6BBE)
Content-Length: 471
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/main.js | 113.164.15.82 | 200 OK | 328 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/main.js IP113.164.15.82:0
File typeUnicode text, UTF-8 text, with very long lines (35795) Size328 kB (328449 bytes) Hashcde9018151590a466f186634777a17e8 cce7ca6b0b8b0b7abad693a64f23b8184a2b05ec 498f589cd376a4801a684b81f38229386b8b2f849ab48ee6f644cc19513eacfd
GET /products/pubgm/skin-2020/dist/main/main.js HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:10 GMT
Content-Type: application/x-javascript
Content-Length: 328449
Connection: keep-alive
Last-Modified: Thu, 04 Jun 2020 07:38:55 GMT
ETag: "5ed8a50f-50301"
Expires: Tue, 21 Mar 2023 08:15:20 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/main.css | 113.164.15.82 | 200 OK | 835 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/main.css IP113.164.15.82:0
File typeASCII text, with very long lines (65411) Size835 kB (835049 bytes) Hashd100f85cb486fe28a915d9bf10e39070 057c20c59edab893ee8ccd1850a159a0aebd0afb f9e873ed49fe5fafdd56758d55af1a1ab8321c44e5e2f50f17a981af4af45e2a
GET /products/pubgm/skin-2020/dist/main/main.css HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:10 GMT
Content-Type: text/css
Content-Length: 835049
Connection: keep-alive
Last-Modified: Thu, 04 Jun 2020 10:59:52 GMT
ETag: "5ed8d428-cbde9"
Expires: Tue, 21 Mar 2023 08:15:16 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5149084af9bb01e5471e0be93a009ab0 1aaae44973461346130015cba0c36e9d1b5b77f2 db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5149084af9bb01e5471e0be93a009ab0 1aaae44973461346130015cba0c36e9d1b5b77f2 db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data Hashd7b0b953a50fddaa88089b5b787cf719 2f85bc568b27659a3d6452f58f9fd7678450326d e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:17:40 GMT
expires: Wed, 20 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 122374
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5149084af9bb01e5471e0be93a009ab0 1aaae44973461346130015cba0c36e9d1b5b77f2 db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data Hash3d7f7413fca69bff4d231ebdc50aaab0 cb18e7943b6a8a0e3672d7242197c19a226b92e8 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:04:44 GMT
expires: Sat, 16 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 490350
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data Hash595fe3fc0b85f3cc9ef5aed2d519abc5 96e76de44987e9dec2f97f1e5eb7a18c738daf5d 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:59:06 GMT
expires: Wed, 20 Sep 2023 22:59:06 GMT
cache-control: public, max-age=31536000
age: 119888
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5149084af9bb01e5471e0be93a009ab0 1aaae44973461346130015cba0c36e9d1b5b77f2 db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| new-pubg-tournament-pro.duckdns.org/img/login/twitter_text.png | 20.5.64.12 | 200 OK | 4.3 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/img/login/twitter_text.png IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Hashfef946b8bba756359e2a1e87ccd915ea acc364946077b0e32b2343474ce4066ad3ee524c 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /img/login/twitter_text.png HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:14 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 4298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| new-pubg-tournament-pro.duckdns.org/img/login/twitter_icon.png | 20.5.64.12 | 200 OK | 8.9 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/img/login/twitter_icon.png IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Hash4607476796cc93ca75cfeccf2661fd1a 632414eb759476693c20599e8b4f0851d8a54251 fb71fa5156501b3ca8ff3c88e4501917c651ac60eaaf58c22c2bed6e933d82c5
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /img/login/twitter_icon.png HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:14 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 8862
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg | 23.36.76.250 | 200 OK | 75 kB |
URL HTTP/2www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg IP23.36.76.250:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data Hash92c19dc5bd77186e5bb8ed35ce668979 646bf70d1c669c7d7388f95a0a33755e4721289c 0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=275
expires: Thu, 22 Sep 2022 08:21:49 GMT
date: Thu, 22 Sep 2022 08:17:14 GMT
X-Firefox-Spdy: h2
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/images/icons/Logo-mb-game.png | 113.164.15.82 | 200 OK | 1.2 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/images/icons/Logo-mb-game.png IP113.164.15.82:0
File typePNG image data, 46 x 35, 8-bit colormap, non-interlaced\012- data Hashaa360933ad6c431bf8be7852e6ed700c 082804878018b08b5d00ef59cfa8ac6a19863656 0f8a4bbb3fb310a4941582a4fb2dda936058389500b1ecee69459e2477b968c3
GET /products/pubgm/skin-2020/dist/main/images/icons/Logo-mb-game.png HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:12 GMT
Content-Type: image/png
Content-Length: 1216
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 11:15:32 GMT
ETag: "5e43de54-4c0"
Expires: Tue, 21 Mar 2023 08:15:52 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes
|
|
| new-pubg-tournament-pro.duckdns.org/img/popup_bg.jpg | 20.5.64.12 | 200 OK | 5.6 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/img/popup_bg.jpg IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 870x540, components 3\012- data Hash51e68e30a95cfa80d2c0ba377da41a4b f4ad4f189529ce92fda45610d321dd1ac670e51f 7d64611020756b3f60adf20b347aa22956021a901ca1d7df47936c560189005d
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /img/popup_bg.jpg HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/css/style.css
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:14 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 5568
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/bg-nav.png | 113.164.15.82 | 200 OK | 3.5 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/bg-nav.png IP113.164.15.82:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x90, components 3\012- data Hash64f3bf6a8a290c8a0fb968e29ad6ab4f fd9d41347da9f1b2862a0bbec0f45e0ff686568c 81f8bb9a081a560ab65989a821591ecbfc47987203dce7a87cf3d4aab9908705
GET /products/pubgm/skin-2020/dist/main/images/bg/bg-nav.png HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:12 GMT
Content-Type: image/png
Content-Length: 3478
Connection: keep-alive
Last-Modified: Tue, 04 Feb 2020 09:19:21 GMT
ETag: "5e393719-d96"
Expires: Tue, 21 Mar 2023 08:17:13 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes
|
|
| new-pubg-tournament-pro.duckdns.org/img/login/facebook_text.png | 20.5.64.12 | 200 OK | 29 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/img/login/facebook_text.png IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /img/login/facebook_text.png HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:14 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 28789
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/images/_sprites-f1.png | 113.164.15.82 | 200 OK | 7.2 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/images/_sprites-f1.png IP113.164.15.82:0
File typePNG image data, 260 x 147, 8-bit colormap, non-interlaced\012- data Hash3574889df99f2d2feead3928f43c78c8 476f1deef6a08a3f828fcd0e9afba544a2a101c9 e3398f3317d88171f703ba78cb6164d009ea13bc0fd30f4739cc5ab8885725d2
GET /products/pubgm/skin-2020/dist/main/images/_sprites-f1.png HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:13 GMT
Content-Type: image/png
Content-Length: 7184
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 11:15:32 GMT
ETag: "5e43de54-1c10"
Expires: Tue, 21 Mar 2023 08:17:13 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/images/_sprites-nav.png | 113.164.15.82 | 200 OK | 9.7 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/images/_sprites-nav.png IP113.164.15.82:0
File typePNG image data, 389 x 180, 8-bit colormap, non-interlaced\012- data Hash8c44124105c6302835934f0bdad8cfa1 f1fb408bd148343bfc1b2e5f3790e7c579ae0e64 10aaa743106aab5b136c4e6291660dd25368a94ed25a9be4e95cfee8ea28ea3d
GET /products/pubgm/skin-2020/dist/main/images/_sprites-nav.png HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:13 GMT
Content-Type: image/png
Content-Length: 9731
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 11:15:32 GMT
ETag: "5e43de54-2603"
Expires: Tue, 21 Mar 2023 08:17:13 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes
|
|
| new-pubg-tournament-pro.duckdns.org/img/login/facebook_icon.png | 20.5.64.12 | 200 OK | 79 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/img/login/facebook_icon.png IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 1600 x 1600, 8-bit/color RGBA, non-interlaced\012- data Hash84669eb4301059aa602096c83a13e15f b8bdde81e76105c7fce0a4a95918074d869c3f75 4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /img/login/facebook_icon.png HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:14 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 79439
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/new.jpg | 113.164.15.82 | 200 OK | 21 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/new.jpg IP113.164.15.82:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x900, components 3\012- data Hashb75fe6d16d04560802164b810eccd4ba bb56cadb7e85dc087fb0605af809602b4b669f38 48893d0c088a960897bbc7edec95bd9975e19729c288ab667abee23d0a9af37a
GET /products/pubgm/skin-2020/dist/main/images/bg/new.jpg HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:13 GMT
Content-Type: image/jpeg
Content-Length: 20624
Connection: keep-alive
Last-Modified: Tue, 04 Feb 2020 09:19:21 GMT
ETag: "5e393719-5090"
Expires: Tue, 21 Mar 2023 08:17:14 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes
|
|
| img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/bg-bottom-banner-home.png | 113.164.15.82 | 200 OK | 3.5 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/bg-bottom-banner-home.png IP113.164.15.82:0
File typePNG image data, 1988 x 100, 8-bit colormap, non-interlaced\012- data Hashca63bcd9c7cab394e3d69580f7064f01 7d17fbaee1bf8d703339c5b8ac7f1f1841f65af3 169b6989c2800b5e81484935edf18b73e67f02adf21aec680832884bbce5d653
GET /products/pubgm/skin-2020/dist/main/images/bg/bg-bottom-banner-home.png HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:13 GMT
Content-Type: image/png
Content-Length: 3532
Connection: keep-alive
Last-Modified: Thu, 13 Feb 2020 05:02:49 GMT
ETag: "5e44d879-dcc"
Expires: Tue, 21 Mar 2023 08:17:14 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes
|
|
| new-pubg-tournament-pro.duckdns.org/img/c.jpg | 20.5.64.12 | 200 OK | 242 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/img/c.jpg IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x629, components 3\012- data Size242 kB (241801 bytes) Hashf2fc3361e56064cd136081d51a4fb2fa 2f260c93bb857acacad014a57553a834aff14f10 d03ebdd507a43610a36045079aa7929c3bb2c7628246a17db5902421fb41ed2e
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | |
GET /img/c.jpg HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:14 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 241801
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| new-pubg-tournament-pro.duckdns.org/img/a.jpeg | 20.5.64.12 | 200 OK | 633 kB |
URL HTTP/1.1new-pubg-tournament-pro.duckdns.org/img/a.jpeg IP20.5.64.12:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x719, components 3\012- data Size633 kB (633037 bytes) Hashe5ffb243ab05acce0d9afa2e77bc3af9 bcdc443fa26ff31957373c83ee7883eebac06859 ca84e2a7f35e8e01a487d22a9a367e26c8a3d90f9f5425f2ed7112786f872fb7
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | openphish | Tencent | | fortinet | Phishing | |
GET /img/a.jpeg HTTP/1.1
Host: new-pubg-tournament-pro.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 08:17:14 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 633037
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| img.zing.vn/products/pubgm/icon.ico | 113.164.15.82 | 200 OK | 4.3 kB |
URL HTTP/1.1img.zing.vn/products/pubgm/icon.ico IP113.164.15.82:0
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Hash4ce88b8dea1c75323eb527a29ca08a24 b95297c72dd4368534f8a75ee8933af3a633ad93 8fdf25dae27911773057ffdb2bd187a34d9242c548cbcd7b74d84dbf9c4c3dbe
GET /products/pubgm/icon.ico HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 08:17:14 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 14 Feb 2020 06:41:57 GMT
ETag: "5e464135-10be"
Expires: Tue, 21 Mar 2023 08:15:15 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes
|
|
| statuse.digitalcertvalidation.com/ | 93.184.220.29 | 200 OK | 471 B |
URL HTTP/1.1statuse.digitalcertvalidation.com/ IP93.184.220.29:0
Hash1ee9188f3a1e86af65404cf4f761bd3b 9e4c876d8c03231f0e5e7be6f8ad3fc4e46ecbb1 1ba1a7bc0e4d146ca15fd72354a9b48f51a88ba85ec300c0d0045fd8e89cb9cf
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2122
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 08:17:17 GMT
Last-Modified: Thu, 22 Sep 2022 07:41:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
|
|
| register-1255763977.file.myqcloud.com/pmco_registration/static/img/logos.8ae6d26.png | 211.152.148.87 | 200 OK | 162 kB |
URL HTTP/2register-1255763977.file.myqcloud.com/pmco_registration/static/img/logos.8ae6d26.png IP211.152.148.87:0
File typePNG image data, 5531 x 725, 8-bit/color RGBA, non-interlaced\012- data Size162 kB (161867 bytes) Hash8ae6d26ae5cc931639a0ae97a056f7b1 87ff613707de958c956993bbd8db8c097a4f5db7 848eef7662c04e524a2e6fe11f650320ba849a063e42275a5b3b850e086fcf42
GET /pmco_registration/static/img/logos.8ae6d26.png HTTP/1.1
Host: register-1255763977.file.myqcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 08:17:17 GMT
content-type: image/png
content-length: 161867
server: NWS_Oversea_AP
cache-control: max-age=600
expires: Thu, 22 Sep 2022 08:27:16 GMT
last-modified: Mon, 22 Jun 2020 07:39:44 GMT
x-nws-log-uuid: 226953e4-c60e-40bf-a74b-5e96217949ba
accept-ranges: bytes
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
X-Firefox-Spdy: h2
|
|