firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 08:07:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M75OssS0Zdq-Q1U2Y6GPQX7r3wzjj4WU0z8bwPBDpzfnOmChmlp0Rw==
Age: 1398
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9001
Expires: Sun, 11 Sep 2022 11:00:47 GMT
Date: Sun, 11 Sep 2022 08:30:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aDfWFwrgUZwGJ8pXGNWMWKQwer96qwwlrwyEqzhHadw8uPc0V3OM9w==
age: 4415
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
freemlclicknews.line.pm/
20.189.78.99200 OK 13 kB IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4737)
Hash e7c0117c472ad5ac7e09c61db9381f88
12c5e28892781ba11e8903786078b4de2dd515dd
8cd37599d7ed99ea783d7c06218ca6dcd31dd5740546f4f56d9faf6f0bd84699
Analyzer Verdict Alert openphish Mobile Legends
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
content-length: 12700
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://freemlclicknews.line.pm
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5040690
expires: Fri, 01 Sep 2023 08:30:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PssWtjvJjj%2BUkl02DqqvJZ8CWNQ87YGXz6RsP4kff2h4mx7lye3NxxswWXL4XfG9b%2BDFwvUyOIOwi%2FgbLtsPu6a%2B2vMDmQ83FTTKlaVQnjzGIFeh0ykKg4Xbfg%2Bl7SItFu5n0ygV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748f0b1a68c1b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.25.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1517258
expires: Fri, 01 Sep 2023 08:30:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kMW0o3tnP5r030kHYV8UPVfvEK8XTjqEyiK0k08N7HI%2FCCM0iuNuy0g9fQwUpfnjXj0l0wdwSVX8O%2FvejcVXBsJQ%2B3OHcoKTjJznZs%2Fqrsrz2kkc4SEL5b3dEi5X2H0uaWojGEd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748f0b1a7f19b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (65326)
Hash 77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://freemlclicknews.line.pm
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Sep 2022 08:30:47 GMT
age: 14950000
x-served-by: cache-fra19178-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 23906
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 151629f36761d6fb6d0e0330239884a6
ebb9c30e5565793e2767735f0647bdf26fed4ab5
53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://freemlclicknews.line.pm
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Sep 2022 08:30:47 GMT
age: 12546511
x-served-by: cache-fra19179-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 21785
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.5.1.slim.min.js
69.16.175.42200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65245)
Hash 63f8c134408852106835db2f928cf0e0
7ca0035d2a05154f1f93e19793b2298973cc8733
2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://freemlclicknews.line.pm
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 08:30:47 GMT
content-encoding: gzip
content-length: 24606
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662885047.dop229.sk1.t,1662885047.cds258.sk1.hn,1662885047.cds202.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 4cb569e6b8e2f50420828ebeb2d1062e
ef451935fcf4899baa1d0a4f1166dd5e5506dfb1
f4beacd040e2a66e1b3edea6165926ab0c8c8fc0c8e2065e67d54c352ddf017b
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 08:30:47 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2C453A821E923B1DBF959E2C3D166F0FCB24318E"
Expires: Sun, 11 Sep 2022 20:00:00 GMT
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 398
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748f0b1b3a7eb4fd-OSL
freemlclicknews.line.pm/static/css/imryu.css
20.189.78.99200 OK 1.8 kB URL HTTP/1.1 freemlclicknews.line.pm/static/css/imryu.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text
Hash 1789f0e873cf2a569b82f50b194bea20
dd2189eb5a5c74de51dfd9e8f902582c99316652
c7e35a7d97f5498c920e38692b1871687f834c92be7b9ea9dd8b18d0eae70e18
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/css/imryu.css HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: text/css
last-modified: Mon, 29 Aug 2022 17:36:23 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1812
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 10:39:21 GMT
expires: Fri, 08 Sep 2023 10:39:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 251486
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ibb.co/K6gX71h/Capture.png
51.210.32.103200 OK 121 kB URL HTTP/2 i.ibb.co/K6gX71h/Capture.png
IP 51.210.32.103:0
File type PNG image data, 158 x 259, 8-bit/color RGBA, non-interlaced\012- data
Size 121 kB (120801 bytes)
Hash c6fc9af2ad6cde27f714a725fdd222c5
be01795da5190dd9d883505b8dda2450848f53ff
0a3c7d66a0b3d5e13aaaa02daf7dbe332670e6f047e132f27336f729fd752ac8
GET /K6gX71h/Capture.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/png
content-length: 120801
last-modified: Thu, 18 Mar 2021 18:21:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
141.94.130.128200 OK 76 kB URL HTTP/2 i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
IP 141.94.130.128:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:44, GPS-Data, width=0], baseline, precision 8, 260x422, components 3\012- data
Hash 89e965277b68daee285511ff5bfa4f85
a6d8025e96056cfc40f00d5b34dfc1fb34b90512
3d48acf1c00e69c6ff84a2b69e43fb741f22c7cc573dea1a2b35800899ff9976
GET /PJxGBPQQ/IMG-20220524-181326.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 75839
last-modified: Tue, 24 May 2022 11:25:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
freemlclicknews.line.pm/static/css/facebook.css
20.189.78.99200 OK 778 B URL HTTP/1.1 freemlclicknews.line.pm/static/css/facebook.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash ab68b7ca764234f4398489b6670ea487
71f30fa0f466e7ca512fd7a2146b78e12d256edc
e9da869edec18e6658b33048e319d727c192f2521fc30c3c2389218c0fa98f55
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/css/facebook.css HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: text/css
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 778
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/js/imryu.js
20.189.78.99200 OK 432 B URL HTTP/1.1 freemlclicknews.line.pm/static/js/imryu.js
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 93f93b4507255b8b1050ef7cd6543f1b
780cc6da2534eac55d741c2f31663b803d66c51d
8811e7c9f4bdbe30985d988f2bfd4515bf0b55c518040d6ebb3d0c093cd6a9fa
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/js/imryu.js HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: application/javascript
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 432
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/css/animate.css
20.189.78.99404 Not Found 1.2 kB URL HTTP/1.1 freemlclicknews.line.pm/static/css/animate.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/css/animate.css HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/css/twitter.css
20.189.78.99200 OK 573 B URL HTTP/1.1 freemlclicknews.line.pm/static/css/twitter.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash ff4271ea9fe779c7401c5cbf7af369f3
6c309342a011016f270057e4fec99e6c6a9f01ce
98eb01e404331b6bd3967dd607fb812dc6efbdfc2e7cc423581f90cb017224db
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/css/twitter.css HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: text/css
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 573
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
141.94.130.128200 OK 86 kB URL HTTP/2 i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
IP 141.94.130.128:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:51, GPS-Data, width=0], baseline, precision 8, 265x422, components 3\012- data
Hash a8fec8974135dfdfe138a98ed768dd6e
d33c83970e7d1925731fcc597038dc8da0875488
2c83907d79a687a1d8491370042cf5571834d4ce7f71430a2c79d2c889f0bc93
GET /0QVFd91M/IMG-20220524-181304.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 86172
last-modified: Tue, 24 May 2022 11:26:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
141.94.130.128200 OK 76 kB URL HTTP/2 i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
IP 141.94.130.128:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:13 09:08:28, GPS-Data, width=0], baseline, precision 8, 254x416, components 3\012- data
Hash 64c708f0b35767924807decf78122ca3
efe909b3135ad2851b5d8cf43b36d268f387f15c
703d05bb4b445cc412aaa63247360c5f5be317c18ba61a2baaf940ece930e947
GET /W3vX7c5g/IMG-20220513-160904.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 75848
last-modified: Fri, 13 May 2022 12:23:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
141.94.130.128200 OK 98 kB URL HTTP/2 i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Hash 51caaa55dd8525217118bead91291ff4
c95dde7b518e1f9037d8f39034dce2878d8c416d
af1fd5ff7bbb5b2c0de54966a5ab1363d3388769115967d04ca6de276a1b0ef4
GET /Z5BNzfCg/IMG-20220608-WA0006.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 97968
last-modified: Wed, 08 Jun 2022 06:20:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
141.94.130.128200 OK 103 kB URL HTTP/2 i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 484x800, components 3\012- data
Size 103 kB (102924 bytes)
Hash f95fb8fbfbabaf772d003cce10c46190
dbb0a7e52d6f499ee371a0a30855f4db57476ab8
7aeb2dfb02d524ecf9f04330334322abd7c878a8dd24c305b91e04408a14f071
GET /G2M4RvBJ/Legend-Guin.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 102924
last-modified: Tue, 26 Apr 2022 05:28:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
141.94.130.128200 OK 84 kB URL HTTP/2 i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
IP 141.94.130.128:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:37, GPS-Data, width=0], baseline, precision 8, 259x420, components 3\012- data
Hash 2c0b805aac8e851fa50c09d85b17b2e3
831f9ffecc963c91629ac2a9c9c2d693607b8575
981016fe4c87fadcc6272ff88a64ff983111930816aec5cb439f936c1d5287a8
GET /6Q28NpYw/IMG-20220524-181348.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 84260
last-modified: Tue, 24 May 2022 11:24:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/x1P6XcsQ/Zilong.jpg
141.94.130.128200 OK 112 kB URL HTTP/2 i.postimg.cc/x1P6XcsQ/Zilong.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 491x800, components 3\012- data
Size 112 kB (112475 bytes)
Hash bc54c820d676775bcd81234f7b751605
8d0ce0766608d6089244ebf577ae69246530a0ac
df66a08721326009f5f5be05e08d0056a38d128217ab1341ce33268451b3d1b5
GET /x1P6XcsQ/Zilong.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 112475
last-modified: Mon, 07 Feb 2022 22:49:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/fyJcLQjr/1650272368820.jpg
141.94.130.128200 OK 105 kB URL HTTP/2 i.postimg.cc/fyJcLQjr/1650272368820.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 491x800, components 3\012- data
Size 105 kB (105367 bytes)
Hash 4eb38f8b33c43d8580fc5500ce375e2c
752c363b4545a9888f209f2b812121b5c7fd5117
66bbdb1800220ebc78c9276fde2679387be09a4931f327794269faf4324574f0
GET /fyJcLQjr/1650272368820.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 105367
last-modified: Mon, 18 Apr 2022 09:00:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/6p5mKm7h/1655721923429.jpg
141.94.130.128200 OK 127 kB URL HTTP/2 i.postimg.cc/6p5mKm7h/1655721923429.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 500x800, components 3\012- data
Size 127 kB (127065 bytes)
Hash 021b91e3be1eace2e2618433748bb88d
b8a1ace010d96c063148725ca2f849faa512a5f4
932a81f4a7e27849aa47403afdac2911b6446c102134150433933c970a6c9f51
GET /6p5mKm7h/1655721923429.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 127065
last-modified: Mon, 20 Jun 2022 10:50:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/C1BrTTZd/FanyFuni.jpg
141.94.130.128200 OK 107 kB URL HTTP/2 i.postimg.cc/C1BrTTZd/FanyFuni.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 490x800, components 3\012- data
Size 107 kB (107076 bytes)
Hash 428b2e29a1396c1a68c3399d2c3b71fb
7e3b11b337d2e45c0595508991235e1e577b7712
8546bccaa45ec39e96d8f8e62a54cc6c3eccf179bb6cb14ec8a477632e87e460
GET /C1BrTTZd/FanyFuni.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 107076
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/MGr3FKph/Laylaaa.jpg
141.94.130.128200 OK 110 kB URL HTTP/2 i.postimg.cc/MGr3FKph/Laylaaa.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 486x800, components 3\012- data
Size 110 kB (110326 bytes)
Hash ea49da8a836f0d2ebdc520a5d77efdab
785da2684ae1286b29f3ff0d8587b42df2bec61e
411aed626e1a9d80fa36efcd6c827e2730f29885407a04c5de6bc68b062713fd
GET /MGr3FKph/Laylaaa.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 110326
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d0ea6bf4cc7ee5b4483912776c47dacc
bd1333224cc1beead423969ce903b4a67c13bbf8
46521d14873cd9553052ab9bd601d74ca8278f44d97e3964ff7681b938d953eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
141.94.130.128200 OK 108 kB URL HTTP/2 i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Size 108 kB (108322 bytes)
Hash 3751a713af077c0a193ff6b7be6eb98f
6a88f1015175420f4812bc5f7bf64124087615e2
e80b2171f65b2fe668af4196f0afe5df85f8043b04d100c7ca1fe612b1f20ec6
GET /bJ8Sbp3c/IMG-20220608-WA0005.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 108322
last-modified: Wed, 08 Jun 2022 06:20:45 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
51.210.32.103200 OK 60 kB URL HTTP/2 i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
IP 51.210.32.103:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 01:22:38, width=0], baseline, precision 8, 338x600, components 3\012- data
Hash fb0ba7bf741eeab4579c36896e874ff5
9b42c554961b7fa611a261822b10cb85475b6e02
cbb055eb75ed51a2cd95e0647bab4d9e1bbdfad39ecce855465abef9a983d6f7
GET /w4bp4C1/IMG-20220830-012332.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 59475
last-modified: Mon, 29 Aug 2022 17:35:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
141.94.130.128200 OK 138 kB URL HTTP/2 i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
IP 141.94.130.128:0
File type JPEG image data, progressive, precision 8, 505x800, components 3\012- data
Size 138 kB (138084 bytes)
Hash d16c03d4212819b428da0006364ab721
b5513f255eef1da0453048c2602084f08db3ad00
f7073e83bb987c11e76cd66dddd603baca400711405fc259241c46eb63e2421c
GET /cCNwZbMj/Hanabiclll.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 138084
last-modified: Thu, 06 Jan 2022 17:42:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 07:56:07 GMT
Expires: Sun, 11 Sep 2022 08:22:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iGmFueRV3245uWDfGxYlLY2RRGvZioPReEP0Z5Zr0_UqrZtERnYCEg==
Age: 2081
freemlclicknews.line.pm/jabes/3.jpg
20.189.78.99200 OK 9.0 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/3.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x269, components 3\012- data
Hash 60d750b421b89aa2313d184fcf094b7d
eac5212fb8bf7b7bef1599a106b93b6b6c62e445
f5712248a6e5777a0cf3bf3c9c39cec914167ffd803d7c16ef2f0456415f7d9a
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/3.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:27:25 GMT
accept-ranges: bytes
content-length: 8971
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
freemlclicknews.line.pm/jabes/4.jpg
20.189.78.99200 OK 10 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/4.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 164x270, components 3\012- data
Hash 509b677d65fb7f1039c4df9f0b62f088
1db73c62f220cba650d5667abff5808f4247d115
034fb410f7fe0e639129377082faed19736d0197f21d7ef994827936af04f733
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/4.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:42:22 GMT
accept-ranges: bytes
content-length: 10361
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png
142.250.74.161200 OK 27 kB URL HTTP/2 2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash bd173da7555853de60b762b4f5fb66f8
435d86ff96ad5b7296ee6f8e701f3b7045a9bf9b
1213cd035b4e5038179937439f0573d9b6c748bd0e14d71dd690b8ba6bd97ec3
GET /-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="moonton.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 27247
x-xss-protection: 0
date: Sun, 11 Sep 2022 08:30:48 GMT
expires: Mon, 12 Sep 2022 03:59:53 GMT
cache-control: public, max-age=86400, no-transform
etag: "v61f"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://freemlclicknews.line.pm
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 20:23:38 GMT
expires: Thu, 07 Sep 2023 20:23:38 GMT
cache-control: public, max-age=31536000
age: 302830
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d0ea6bf4cc7ee5b4483912776c47dacc
bd1333224cc1beead423969ce903b4a67c13bbf8
46521d14873cd9553052ab9bd601d74ca8278f44d97e3964ff7681b938d953eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 71930
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5986
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Last-Modified: Sun, 11 Sep 2022 06:51:02 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
freemlclicknews.line.pm/static/img/kof/6.png
20.189.78.99200 OK 118 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/kof/6.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 118 kB (117996 bytes)
Hash c8cf836eebc8bd0d7d29f56d1e4fae8c
1daa116901e043b2d97f68a5483451b3da1bf68e
e65f73ce0ba58ef5d687d3e0ddfb9e65d2681f8e4175519f5303632f57103192
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/kof/6.png HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 117996
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
freemlclicknews.line.pm/jabes/000.jpg
20.189.78.99200 OK 65 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 00:57:21, width=0], baseline, precision 8, 226x376, components 3\012- data
Hash 696ed59187ba381773d4489010c867c9
24912f17cee9784a03a2792384b3715b99dfb6ca
de7bee49980a1bd6f55fbe498966fb6b71daeda09edaba69f2b1f5a5d67c2b96
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/000.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/jpeg
last-modified: Mon, 29 Aug 2022 17:34:50 GMT
accept-ranges: bytes
content-length: 65170
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.89.17.198101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.17.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CYpsbN0U8Lyog+jQdkPqIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4BfU0zmuATjg1vJ+XNwjDD5K5Bg=
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 08:29:23 GMT
expires: Sun, 11 Sep 2022 08:44:23 GMT
cache-control: public, max-age=900
age: 85
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 11 Sep 2022 08:30:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 11 Sep 2022 08:30:48 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da7b1c24eee0db0c23872933557b7521
b8bc1215b4073784c048587e51a40152bd88c8ed
6ba38b5c68971135ed3f1fbe7afa658ce883240142a4244ce7d84fa251a64c3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.162200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.162:0
Hash 3aba12fab0e426f9c48d47b287a15a31
815b703ad0c62a6625457074045b0d6f531eaf4c
1fce6e2f93c999c04b5f3b684e64be6f51b495c8baccce696ad898cb79b3deb5
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Sun, 11 Sep 2022 08:30:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5f5af0b2e2290c80358259f2751c6369
965c2f234cf36441cc5f4477d4f7ad4491439a97
bc70dcc41ba7105c00be3db325f7b468b3617af5ee8a323d1fb3e7711e82ec0e
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 08:30:48 GMT
server: ESF
cache-control: private
content-length: 30856
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35963)
Hash 0a10e1669fa5f54a96c02562d935783f
fb9c033841ed0848caeede748301a5c91de6c800
25215608c929fe6c434b08bdb327df9b9ca11355840c6408602b8612073f99f5
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:42 GMT
expires: Thu, 07 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 358026
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 026155feefbacf7f49ce790ae1f79688
79d2e5ec8ab82bdefb633ab1c2c93f202dcf1852
d8c7c6f60fd9a261a1dabbac113d8eb6811d3f3ead219f25db5ea794fe04fae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C7C6F60FD9A261A1DABBAC113D8EB6811D3F3EAD219F25DB5EA794FE04FAE8"
Last-Modified: Sat, 10 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15582
Expires: Sun, 11 Sep 2022 12:50:30 GMT
Date: Sun, 11 Sep 2022 08:30:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.9 kB URL HTTP/2 yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 23fb59dbdd6b7dc76cd71088fecb56be
2c0ed5d42d5651037c27f7a070e3935aba026534
c0bd67f0c5c74150fcaf4f174c8133fc74ef2d2340b548974126612096e9c7c9
GET /m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4909
x-xss-protection: 0
date: Sun, 11 Sep 2022 06:14:02 GMT
expires: Tue, 21 Jun 2022 08:57:50 GMT
cache-control: public, max-age=86400, no-transform
age: 8206
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
freemlclicknews.line.pm/jabes/02.jpg
20.189.78.99200 OK 30 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/02.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 145x257, components 3\012- data
Hash 4fae539b14c385cde860b007c4d2b3fa
a442c48e83af5cbc8bf67c177f1e71d1b84e705c
cc0a71bc85a0d6dc6fa1ff4eb163f4efa35e9eeca14f8405f3823d784ddc1b24
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/02.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:51 GMT
accept-ranges: bytes
content-length: 29618
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freemlclicknews.line.pm/static/sound.mp3
20.189.78.99200 OK 1.1 MB URL HTTP/1.1 freemlclicknews.line.pm/static/sound.mp3
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Size 1.1 MB (1104524 bytes)
Hash 015384eeafba5d69507e7440eb54127e
9c50059810626cae8d2beabbafa0c2a52f961863
f9d4d283265ce49509451b07326652e87f7985c9963329fd51128e5c0347b111
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/sound.mp3 HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: audio/mpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 1104524
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
freemlclicknews.line.pm/jabes/03.jpg
20.189.78.99200 OK 27 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/03.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 148x260, components 3\012- data
Hash 16df2a4c7f71de466f66837d577e7dd2
d38e80ae6ee5dd22cb9406c43e2bb7b2e7339fd7
c4cc742ae92b2b40477417090046abdce40cdd4fe06b1ce01517333066f5e14a
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/03.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:54 GMT
accept-ranges: bytes
content-length: 27173
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
freemlclicknews.line.pm/jabes/04.jpg
20.189.78.99200 OK 26 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/04.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 150x259, components 3\012- data
Hash a4e7f9f345de741267674ac39cd80720
809c6543a8761be30b05a8b1b2259664139cf933
67e5afd8ff28ec8e7a10a7da249feb3a1e822f91dae26aae6dc6873c8229abb5
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/04.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:59 GMT
accept-ranges: bytes
content-length: 25550
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 11 Sep 2022 08:30:48 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 18ef78fba4a55d4168db775e666a9896
eddd67666eca1b24af3ff2f7906c18d7c5d1c585
f9ae9d8be8219e003f4facd08ab41218e51d1998dd12ed7fdf9a437d27e2ae86
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1019
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 08:30:48 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 055475a874ebdf0fc7b9f66024d36433
d5f6eb0ce346e35c47ebd9ff65805856d5e305c2
05b2bc0b9747c62877a29fab2e37374c7fa0675e953df0e8c53bc8e4af5070d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 055475a874ebdf0fc7b9f66024d36433
d5f6eb0ce346e35c47ebd9ff65805856d5e305c2
05b2bc0b9747c62877a29fab2e37374c7fa0675e953df0e8c53bc8e4af5070d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&mime=video%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1662883979&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPcfXl_tcEGQg1xuj2DnUsfHsQef36Tkr_id44c7As_tAiEAjF4Lv3t2e6XaiInsHQA4v_3up3SU70qhvk5yURY7AvY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgcoMp2cGVtJvylTd1XdOPk_XRltXsUWj-P_xeFY221HoCIF8fXIGYfPbarmgJRLEtIf1H6l4-LXwO_aDJO_SuhRuW&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&range=0-124752&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&mime=video%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1662883979&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPcfXl_tcEGQg1xuj2DnUsfHsQef36Tkr_id44c7As_tAiEAjF4Lv3t2e6XaiInsHQA4v_3up3SU70qhvk5yURY7AvY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgcoMp2cGVtJvylTd1XdOPk_XRltXsUWj-P_xeFY221HoCIF8fXIGYfPbarmgJRLEtIf1H6l4-LXwO_aDJO_SuhRuW&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&range=0-124752&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1118), with no line terminators
Hash 48f2665689aae9be062260e0837b3d4b
8bac616b4ff4de6875c26acb9aea102f92cb5ead
c287018526869d22f88f8bdb0105b85ae5dd450b40c7f5a35210b593f39d369a
GET /videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&mime=video%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1662883979&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPcfXl_tcEGQg1xuj2DnUsfHsQef36Tkr_id44c7As_tAiEAjF4Lv3t2e6XaiInsHQA4v_3up3SU70qhvk5yURY7AvY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgcoMp2cGVtJvylTd1XdOPk_XRltXsUWj-P_xeFY221HoCIF8fXIGYfPbarmgJRLEtIf1H6l4-LXwO_aDJO_SuhRuW&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&range=0-124752&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 11 Sep 2022 08:30:49 GMT
Expires: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1118
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=1158078&dur=75.601&lmt=1662683488571237&mt=1662883979&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgSY5XvDYaiDM1uaDz9zaeFUfLeT1z4PHVynADg59cS24CIQCphtONvAAxNgArekbQ7YPGCMY0RNAboRC1LSqkXknN4g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgcoMp2cGVtJvylTd1XdOPk_XRltXsUWj-P_xeFY221HoCIF8fXIGYfPbarmgJRLEtIf1H6l4-LXwO_aDJO_SuhRuW&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&range=0-65934&rn=2&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=1158078&dur=75.601&lmt=1662683488571237&mt=1662883979&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgSY5XvDYaiDM1uaDz9zaeFUfLeT1z4PHVynADg59cS24CIQCphtONvAAxNgArekbQ7YPGCMY0RNAboRC1LSqkXknN4g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgcoMp2cGVtJvylTd1XdOPk_XRltXsUWj-P_xeFY221HoCIF8fXIGYfPbarmgJRLEtIf1H6l4-LXwO_aDJO_SuhRuW&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&range=0-65934&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1061), with no line terminators
Hash 51aad90a06c8743b17304a8bd5b3747a
969441484a502233b04092723d5de1a62511cdc4
851fec6a69f57ae9eda0141d3dd3a31c991085c42c0696cb9a7db29283d4d427
GET /videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=1158078&dur=75.601&lmt=1662683488571237&mt=1662883979&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgSY5XvDYaiDM1uaDz9zaeFUfLeT1z4PHVynADg59cS24CIQCphtONvAAxNgArekbQ7YPGCMY0RNAboRC1LSqkXknN4g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgcoMp2cGVtJvylTd1XdOPk_XRltXsUWj-P_xeFY221HoCIF8fXIGYfPbarmgJRLEtIf1H6l4-LXwO_aDJO_SuhRuW&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&range=0-65934&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 11 Sep 2022 08:30:49 GMT
Expires: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1061
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
freemlclicknews.line.pm/jabes/1.jpg
20.189.78.99200 OK 12 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/1.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x270, components 3\012- data
Hash 6bdafba8b4be45ebc808ada032e5892d
77c8e76b77f0367d59c4530313f34282e5e1e89f
930e1b3f4826f0e907f7e619405b0e1f22f9334ed14a65af13ca1b0fa8ffb2a5
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/1.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:26:53 GMT
accept-ranges: bytes
content-length: 12117
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
freemlclicknews.line.pm/jabes/2.jpg
20.189.78.99200 OK 11 kB URL HTTP/1.1 freemlclicknews.line.pm/jabes/2.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x268, components 3\012- data
Hash c90ffbab6f77dc72dd0f700b7b393583
5759f94da7133ded80829fbbd74545aec8e08767
4930b40e8e2dbdd7ec33b887123328514ec1aaf6a0264aae7745689507796048
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/2.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:27:19 GMT
accept-ranges: bytes
content-length: 11192
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/gg.jpg
20.189.78.99404 Not Found 1.2 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/gg.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/skins/gg.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 055475a874ebdf0fc7b9f66024d36433
d5f6eb0ce346e35c47ebd9ff65805856d5e305c2
05b2bc0b9747c62877a29fab2e37374c7fa0675e953df0e8c53bc8e4af5070d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
52.76.96.242403 Forbidden 169 B URL HTTP/2 pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
IP 52.76.96.242:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3944b69d2e5ed0868bbe4fdcd35e6773
cc891b47510aaaec347a5880913f720b4f13db4a
28379c5f15ea5ffb7fda52f940cf73555f02b2d7e4f20032633b98ac079621b5
Analyzer Verdict Alert fortinet Malware
GET /VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512 HTTP/1.1
Host: pht.qoo-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx/1.12.2
date: Sun, 11 Sep 2022 08:30:48 GMT
content-type: text/html; charset=utf-8
content-length: 169
x-frame-options: sameorigin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
142.250.74.182200 OK 38 kB URL HTTP/2 i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7cb67e1362d8ea77b65fffecee36326f
de14ecf39e3164e689e1b9e0c19d35c197b26caa
a107b245b70d9fed5d261bbf182b47a1bda695fc01fe5b3a9c92b8d784521875
GET /vi_webp/Acv5oGFllDs/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 37536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 07:35:04 GMT
expires: Sun, 11 Sep 2022 09:35:04 GMT
cache-control: public, max-age=7200
age: 3345
etag: "1661507883"
content-type: image/webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freemlclicknews.line.pm/static/img/skins/chou.jpg
20.189.78.99404 Not Found 1.2 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/chou.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/skins/chou.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44dea191939ac099163b97c626450e44
301e00f7cc5684bf2f9081ce4bc05465e4629d4a
c52fc92ad3287134979ca25ef85ce5b8db8ae083ac3a95bc9d6ca09887184d24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44dea191939ac099163b97c626450e44
301e00f7cc5684bf2f9081ce4bc05465e4629d4a
c52fc92ad3287134979ca25ef85ce5b8db8ae083ac3a95bc9d6ca09887184d24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freemlclicknews.line.pm/static/sound.mp3
20.189.78.99206 Partial Content 1.1 MB URL HTTP/1.1 freemlclicknews.line.pm/static/sound.mp3
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Size 1.1 MB (1104524 bytes)
Hash 015384eeafba5d69507e7440eb54127e
9c50059810626cae8d2beabbafa0c2a52f961863
f9d4d283265ce49509451b07326652e87f7985c9963329fd51128e5c0347b111
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/sound.mp3 HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 206 Partial Content
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: audio/mpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
content-range: bytes 0-1104523/1104524
content-length: 1104524
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/12.jpeg
20.189.78.99200 OK 36 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/12.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:47, GPS-Data], baseline, precision 8, 189x343, components 3\012- data
Hash dcdc088e8f7fb04bbb9820f35b0fd2b0
2b16826763293304421cf7703a9eb493ad6a125f
517619ca5c8d4db6bc0133e6e7a493bebfd3cc5ab8c13d0d5057a64c677bf8a0
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/12.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36471
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/card.c777c1a0.png
20.189.78.99200 OK 1.2 MB URL HTTP/1.1 freemlclicknews.line.pm/static/img/card.c777c1a0.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 850 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1178525 bytes)
Hash f61a082b230f98bcd23879c9fa7f92d5
3f54c318324a9ed2a5c4ec4521d359b4e3ccef62
1c1992ca0652089198af657792f6f23513c93c7788b1cc433a2c5c77da83e0fc
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/card.c777c1a0.png HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 17:50:42 GMT
accept-ranges: bytes
content-length: 1178525
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/kof/5.png
20.189.78.99200 OK 113 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/kof/5.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112990 bytes)
Hash 8ebd1c2e91fe2a579c51e002b9fb5ebf
b1f6838a5728e92a44d18dcf9593824c5d7dfcb3
9c88d54f5dea3dcefa99feb9a724aafac3065ba23b2e17ff9fa5851231524bc8
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/kof/5.png HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 112990
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed
i.postimg.cc/d3c3FcM4/Valir.jpg
141.94.130.128200 OK 4.4 kB URL HTTP/2 i.postimg.cc/d3c3FcM4/Valir.jpg
IP 141.94.130.128:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Hash f4e03882d4fb310098454903605c0083
abf913469f6c4dd8670789bac07d69b4815e4431
7510e1443a74343942ced29dd7d8d7a8009346002a08b82aeda0ef65c43de649
GET /d3c3FcM4/Valir.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: image/jpeg
content-length: 36811
last-modified: Sun, 17 Oct 2021 20:01:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
142.250.74.78200 OK 29 kB URL HTTP/2 www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60309)
Hash 15bc156a173e628f890ac915171d929b
c2e4a9e311d65c298fc47d6136166d82467234c6
0eb1a2c179087248a20774cf19ff493feac3e6a6fd03950200438572b89ad08a
GET /embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 08:30:47 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=hg88FqNbx5k; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ciwkQ2hyowI; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 08:30:47 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+933; expires=Tue, 10-Sep-2024 08:30:47 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44dea191939ac099163b97c626450e44
301e00f7cc5684bf2f9081ce4bc05465e4629d4a
c52fc92ad3287134979ca25ef85ce5b8db8ae083ac3a95bc9d6ca09887184d24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&mime=video%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPcfXl_tcEGQg1xuj2DnUsfHsQef36Tkr_id44c7As_tAiEAjF4Lv3t2e6XaiInsHQA4v_3up3SU70qhvk5yURY7AvY%3D&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1662884936&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgDiYTCzF6ZsokwYFtCCD23cPzs_EmBK2ZfwAwHFFG7g0CIQC7mQ5HKjVcsblLE2ys-3YMsr41UDLoUG52IjYFyWXPSg%3D%3D&range=0-124752&rn=3&rbuf=0&pot=D1-wk1rsIAEdX4hgxse1MEMa4uBEbbj_SNdCdZ_3QjHVkOKA7bmd8jmGBrH58LxevrePQRqP3JVHZX-7DT61GF-VV2U6aMcQpBvYixI-qxXaqHKKomdzHFmc9dgEQNXZdOySKZk=
74.125.111.41200 OK 125 kB URL HTTP/1.1 rr4---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&mime=video%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPcfXl_tcEGQg1xuj2DnUsfHsQef36Tkr_id44c7As_tAiEAjF4Lv3t2e6XaiInsHQA4v_3up3SU70qhvk5yURY7AvY%3D&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1662884936&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgDiYTCzF6ZsokwYFtCCD23cPzs_EmBK2ZfwAwHFFG7g0CIQC7mQ5HKjVcsblLE2ys-3YMsr41UDLoUG52IjYFyWXPSg%3D%3D&range=0-124752&rn=3&rbuf=0&pot=D1-wk1rsIAEdX4hgxse1MEMa4uBEbbj_SNdCdZ_3QjHVkOKA7bmd8jmGBrH58LxevrePQRqP3JVHZX-7DT61GF-VV2U6aMcQpBvYixI-qxXaqHKKomdzHFmc9dgEQNXZdOySKZk=
IP 74.125.111.41:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 125 kB (124753 bytes)
Hash ae4863f2e947cbe2de436123533aa0b3
21f3f54a95343bdd2977144810dd956eb584c620
0f2cf1134d6df2f6e38118d27885f55bd992555d426babdf46cb3d1bf30f6f01
GET /videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&mime=video%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPcfXl_tcEGQg1xuj2DnUsfHsQef36Tkr_id44c7As_tAiEAjF4Lv3t2e6XaiInsHQA4v_3up3SU70qhvk5yURY7AvY%3D&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1662884936&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgDiYTCzF6ZsokwYFtCCD23cPzs_EmBK2ZfwAwHFFG7g0CIQC7mQ5HKjVcsblLE2ys-3YMsr41UDLoUG52IjYFyWXPSg%3D%3D&range=0-124752&rn=3&rbuf=0&pot=D1-wk1rsIAEdX4hgxse1MEMa4uBEbbj_SNdCdZ_3QjHVkOKA7bmd8jmGBrH58LxevrePQRqP3JVHZX-7DT61GF-VV2U6aMcQpBvYixI-qxXaqHKKomdzHFmc9dgEQNXZdOySKZk= HTTP/1.1
Host: rr4---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Aug 2022 12:32:26 GMT
Content-Type: video/webm
Date: Sun, 11 Sep 2022 08:30:49 GMT
Expires: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 124753
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
freemlclicknews.line.pm/static/img/logo.png
20.189.78.99200 OK 3.1 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/logo.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 143 x 57, 8-bit colormap, non-interlaced\012- data
Hash ade52d82cc35a17e99ccbb20439cbcbc
9f700e422c6a803a4aefa816a2d9ea2640c17547
18cabba213026d1cfdb15168bd00de62a36dd0705aeff0e3274292ebb9d39384
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/logo.png HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 3110
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/boxOn.png
20.189.78.99200 OK 603 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/boxOn.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1280 x 481, 8-bit/color RGBA, non-interlaced\012- data
Size 603 kB (602563 bytes)
Hash 510f616bc35a268f24ce98d15f9a2429
bf674acfde2279acf8e2d103f52a78d64f718604
f8cdd47205cd93c5e0b7b47611ae2c5c33100a1593039fe271efe2df3eeec4a6
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/boxOn.png HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 17:50:08 GMT
accept-ranges: bytes
content-length: 602563
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/13.jpeg
20.189.78.99200 OK 34 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/13.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:34, GPS-Data], baseline, precision 8, 188x308, components 3\012- data
Hash c27db983a51a794b36da8c05b5666e63
6a5d9710651b38c7de3f130d10537bca214955f3
c625eab36994864ee26e6c57ddede1b5a3b3bf7fdac31b2160de1bb6fa91a68a
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/13.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 33463
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/2newc.jpg
20.189.78.99200 OK 71 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/2newc.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:11:13 10:36:12, GPS-Data, width=0], baseline, precision 8, 233x345, components 3\012- data
Hash 373429187851e808386569195d205f39
c5bafb63e19dac26dc1022e392145a31a24ff53f
b32e5ecdf802d2b19ab9753e42213146931b2a1969d876fbd3500598e54a7e0b
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/skins/2newc.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 71090
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/2new.jpg
20.189.78.99200 OK 79 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/2new.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, baseline, precision 8, 204x338, components 3\012- data
Hash bb0d2324852a75596459207141b8e7cf
66e73ffad47e43c4b94d8051b3d526629218d3de
2a8bf990df2caed939e832d38e44f8f3a916a537cbc6118af0e1cfb2b92778bf
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/skins/2new.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 78700
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/1new.jpg
20.189.78.99200 OK 83 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/1new.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, baseline, precision 8, 208x336, components 3\012- data
Hash f42415aa51283f8556c4d3682802e4ab
18e99d8f5ac756876a26a96fc800680555eb7b8a
03f93970ab1710a1abca976673b7195c7601fe2e253132ed8d45b97dc94fd626
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/skins/1new.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 83305
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/16.jpeg
20.189.78.99200 OK 37 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/16.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:25 09:42:21, GPS-Data], baseline, precision 8, 207x334, components 3\012- data
Hash b0e4b1911e83beec214d12ffc244a85e
be31911792f61503fd1ecf3d20e96f0cd0bab365
e1773d3bd72c93e893f9629c37878f2c2b8d4157c5023ee7f0648df5edc016a6
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/16.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36699
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Sun, 11 Sep 2022 09:40:15 GMT
Date: Sun, 11 Sep 2022 08:30:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 14:09:02 GMT
age: 66107
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnkjEbkwVPPR1stEuMkkuFcQ4WZMDjsuYKA46ZcxejvotwfCG6huhQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:03 GMT
age: 38866
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12666d69f9af3ceb23fdfc2100bd3226
c4d17e3ea44ef6dee9819c1586424e5f056f149c
054236a4d1f88a486f48b8f3a8ac01d21ec2179d5b1f3fc9791d0982d07a88a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5752
x-amzn-requestid: 622ffff0-1bd5-4eb4-a9ff-eb54c5ae44a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqiFiToAMF0tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-49efdcc572b4fad3543f857d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VKsU4S6tKOso216JLUWn7b1bKDyfruIVukt98JooNCjwaXDT9bkPYQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 19:50:13 GMT
age: 45636
etag: "c4d17e3ea44ef6dee9819c1586424e5f056f149c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 38001
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b290c3f75a769f5cb0f36b5c84436c9b
22e386713ccb95ca1cf9aa367a5ad02bd1664954
e311757ae3bc5b821a9c1d4d654250b1ac936228eb4a600aa1e5b391d25adaaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10611
x-amzn-requestid: f034fbd9-c83e-4a29-84ff-674629759818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN3E8PoAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-63dd86ec10dbc2fb7dc0e5de;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -Fht5R4_rLcLWqglaPldh1846mPs_JS6_L3G_mi5G2iQbmkCPopvuQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 14:09:00 GMT
age: 66109
etag: "22e386713ccb95ca1cf9aa367a5ad02bd1664954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:50:01 GMT
age: 27648
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
freemlclicknews.line.pm/static/img/skins/3.jpeg
20.189.78.99200 OK 32 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/3.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:46:04, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash a821cb25aedb8f21ee5c03373f8c6204
b9da5997bc68fd683f3d37472f7a195c3768e5a8
4cc8564668053a9c742519471135bbac27debac4b6973ac3acebace82b545740
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/3.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 31966
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/7.jpeg
20.189.78.99200 OK 15 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/7.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x338, components 3\012- data
Hash fa6f89590fa29d956b348eab35c10e32
594d0b64f1390dd8de4a069ea9743814969d3aa5
df18c8af2cb52fd9d34bedb9d77021d16311c6b53f17a61e99f9446fa0de5813
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/7.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 14591
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/2.jpg
20.189.78.99200 OK 58 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/2.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:10:14 14:07:10, GPS-Data, width=0], baseline, precision 8, 211x342, components 3\012- data
Hash 1cf7efd64ad6cc1439c3539cc20fbc84
296485c7d4c0907843e717c1454ffb2150f20c39
4cb41fdd49332ca98fa3b95cb11dea46f2ea4a92dba60e2563d71b327cc66543
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/skins/2.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 58389
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
rr5---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=251&source=youtube&requiressl=yes&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=1158078&dur=75.601&lmt=1662683488571237&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgSY5XvDYaiDM1uaDz9zaeFUfLeT1z4PHVynADg59cS24CIQCphtONvAAxNgArekbQ7YPGCMY0RNAboRC1LSqkXknN4g%3D%3D&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=6_&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1662884915&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgEH5cRbKEw8Ltf67Fbi6nC2D6-qrL6A58yxqFdkb-MK8CIHUjsbJ2j9F61jIiOSOwp6RDOjT5K3zc0TzoNditWfJm&range=0-65934&rn=5&rbuf=0&pot=D1-wk1rsIAEdX4hgxse1MEMa4uBEbbj_SNdCdZ_3QjHVkOKA7bmd8jmGBrH58LxevrePQRqP3JVHZX-7DT61GF-VV2U6aMcQpBvYixI-qxXaqHKKomdzHFmc9dgEQNXZdOySKZk=
172.217.132.234200 OK 66 kB URL HTTP/1.1 rr5---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=251&source=youtube&requiressl=yes&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=1158078&dur=75.601&lmt=1662683488571237&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgSY5XvDYaiDM1uaDz9zaeFUfLeT1z4PHVynADg59cS24CIQCphtONvAAxNgArekbQ7YPGCMY0RNAboRC1LSqkXknN4g%3D%3D&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=6_&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1662884915&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgEH5cRbKEw8Ltf67Fbi6nC2D6-qrL6A58yxqFdkb-MK8CIHUjsbJ2j9F61jIiOSOwp6RDOjT5K3zc0TzoNditWfJm&range=0-65934&rn=5&rbuf=0&pot=D1-wk1rsIAEdX4hgxse1MEMa4uBEbbj_SNdCdZ_3QjHVkOKA7bmd8jmGBrH58LxevrePQRqP3JVHZX-7DT61GF-VV2U6aMcQpBvYixI-qxXaqHKKomdzHFmc9dgEQNXZdOySKZk=
IP 172.217.132.234:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash f6c4e8ca1992ec1a5e165bf8e1343421
af213f583e64f1981b71136c04822cb5d4332a66
8e4d55c56ed88491a217d2fdd471ea74e17769d0ba70931c7536b24263f3981a
GET /videoplayback?expire=1662906648&ei=uJwdY_b1H4-YyAXX1IPACA&ip=91.90.42.154&id=o-AJn-S6UeAzWpO0FJzZ-GOPeBCj4jDF0DO07m0jdBP1q8&itag=251&source=youtube&requiressl=yes&spc=lT-KhpFnRqNhOpJBy2HRt7A9DUgRY6k&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=91Fqy7u4RceYs6IKdIlUfagH&gir=yes&clen=1158078&dur=75.601&lmt=1662683488571237&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=xzeNaRz6xOWvsw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgSY5XvDYaiDM1uaDz9zaeFUfLeT1z4PHVynADg59cS24CIQCphtONvAAxNgArekbQ7YPGCMY0RNAboRC1LSqkXknN4g%3D%3D&alr=yes&cpn=adVAxFFleMdKwPQx&cver=1.20220907.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=6_&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1662884915&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgEH5cRbKEw8Ltf67Fbi6nC2D6-qrL6A58yxqFdkb-MK8CIHUjsbJ2j9F61jIiOSOwp6RDOjT5K3zc0TzoNditWfJm&range=0-65934&rn=5&rbuf=0&pot=D1-wk1rsIAEdX4hgxse1MEMa4uBEbbj_SNdCdZ_3QjHVkOKA7bmd8jmGBrH58LxevrePQRqP3JVHZX-7DT61GF-VV2U6aMcQpBvYixI-qxXaqHKKomdzHFmc9dgEQNXZdOySKZk= HTTP/1.1
Host: rr5---sn-5hne6n6e.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 09 Sep 2022 00:31:28 GMT
Content-Type: audio/webm
Date: Sun, 11 Sep 2022 08:30:49 GMT
Expires: Sun, 11 Sep 2022 08:30:49 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65935
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
freemlclicknews.line.pm/static/img/skins/6.jpeg
20.189.78.99200 OK 17 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/6.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x340, components 3\012- data
Hash e5da1e2012e6d30a5a7e200a1082d861
09f77c3bcf56cb03d003d1ee9b2aa579d9ea4186
ad04ea1d3edf662dfb76489ccbc8879b070747697f5da08ebdf2fefa6b858ab0
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/6.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 16900
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/4.jpeg
20.189.78.99200 OK 32 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/4.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:45:50, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash 532de4ebbd562ab3608324f1ea71c9fc
07d647d6d682277cab99464c62084a83864fcfd2
8c713e3f2eec756fe2be399b64a26fee2ce9699c09907ab84e011d760e187f9b
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/4.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 32183
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/8.jpeg
20.189.78.99200 OK 12 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/8.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 204x340, components 3\012- data
Hash 668564e4473038f448976765df11af0d
8933a2ba272e2df2f25572d2b3c908dbf3fc2d22
32f800cf39608715be8f8737eeaf8783121d7279c56dcac21fdf5095426dde92
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/8.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11717
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/9.jpeg
20.189.78.99200 OK 38 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/9.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 163x267, components 3\012- data
Hash 0669b7019bc06eddbd03dd49b8d02390
4f91de987444900fc5bc062cf9b7adaa4f11a879
71d715e750841ec57b2e8cc623ef77c25b4ecb9f958fa703f16353ab12567ddb
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/9.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 37838
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/skins/10.jpeg
20.189.78.99200 OK 36 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/skins/10.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x266, components 3\012- data
Hash f38c6a3098302151fc7189d44bb8eb23
b3e943a7c24326216c02b1fda1a10c04b44efc56
14a6a45ed5d0d4de29a998a2166a9654c08e28d4ec53651b7f9037fa45dd0364
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/skins/10.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36512
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/1.jpeg
20.189.78.99200 OK 14 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/1.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 127x125, components 3\012- data
Hash c3f23c759474b52b605376efbc3358ca
8aa3921a9d9996aa58400f7789c1b3a8d6bef993
bbfc84c4fbf2b869a000a32099492c9978c23d3a80695805c2c9fc8678b256d5
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/1.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13882
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/2.jpeg
20.189.78.99200 OK 12 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/2.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x130, components 3\012- data
Hash 89dd611dc90e68c564dd9a332a461c40
6fa24fa9061cb2a6f0b5424854e4de35600ae2f5
1e714f2533ca0e0913503199304bc6ce466ec054705866c2ae340fe596ad4d05
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/2.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12408
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/3.jpeg
20.189.78.99200 OK 12 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/3.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 124x127, components 3\012- data
Hash 943b4a00399dc4e693e4931cf33bef96
df0216e09753f2d2ca2efe7e5baa4b600308d020
de0441e81786232488b2a73e9c56e78040cdd2f9adf82dcda25f4e9d166fd925
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/3.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12468
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/4.jpeg
20.189.78.99200 OK 12 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/4.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x131, components 3\012- data
Hash ed0142f6c936e02fa902084dfb20d32f
a551891b9b27510ad06787329490b9614875519c
292e4dab178b1ff88f05e2cf3060f3ff3af4eb09d22d8b70e19b5c4cce119c6e
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/4.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11944
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/5.jpeg
20.189.78.99200 OK 13 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/5.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x135, components 3\012- data
Hash 110de4b3386b174aa91799da526a5fa4
ca04da5930727af1dbcbe934b42dce6fe170fa72
567c71f609014824e4e9d15baccf60508b5a6fd9c32b89f4809b3f2d9dcd61f1
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/5.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:49 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12875
date: Sun, 11 Sep 2022 08:30:49 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/6.jpeg
20.189.78.99200 OK 14 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/6.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, components 3\012- data
Hash 8d8317eea9213928e3c0319cf237e8ab
34073433e542bfcae6c627a09796828e6b2758f0
5eee23e2ba4c13b2a0d20266aa99d61d20f41725365760f63821ceaf836914b2
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/6.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13578
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/7.jpeg
20.189.78.99200 OK 10 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/7.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 123x125, components 3\012- data
Hash a45314cdf40507ef02c3ee779d608aca
bece15ef6fcb3339a5c9d32545a49d883ced5299
fb91a9fbfacfb720ffe9403476f8f0320cb6387492413191ef944555579dbe31
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/7.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 10538
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/8.jpeg
20.189.78.99200 OK 12 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/8.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 135x131, components 3\012- data
Hash bb3a6821a831388426333e7ff7c21b93
9b3ed817773e8a3cc88e7a7493855b0a68525444
afb9170b3c58fb81966bcf994426ada17c689040546525719b51b527bf4bee06
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/8.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12391
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/9.jpeg
20.189.78.99200 OK 12 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/9.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x125, components 3\012- data
Hash 12b66031d66c51b1861e2e964def545d
78e00bc755458b2662979fab06e3aeebeb5abf1c
336abc805d5ecf4e7b22df535cf7ccbedb2e0f7e4a8a78d2d5f67a3fa0f9ce02
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/9.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11893
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/borders/10.jpeg
20.189.78.99200 OK 14 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/borders/10.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 129x123, components 3\012- data
Hash 5594fba93fa048c23b78ab94585d2c06
13ce3970dfd6ff588fc50fb18cf09f5016d9daf7
682d7221d4009f85742bf6e94480a7c7b552e26cec03f8bff41e5406d48dd39f
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
quad9 Sinkholed
GET /static/img/borders/10.jpeg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13776
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/dm/5000.jpg
20.189.78.99200 OK 82 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/dm/5000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash c890d2d8fabf64205bd762858235f7ab
de805d94df0985d9500905318002589a3c5c3706
e83fbcfc8112158d8a8afd66acebbbad99d942217ecad0c0975c2f4e4db7a216
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/dm/5000.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 81805
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/dm/2500.jpg
20.189.78.99200 OK 81 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/dm/2500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 8f66c7a0904e304b14cd3cbbd31eafb8
92d81b84c9554f8ac5c1a85f21ded1659e709287
8dff9b35c156d6e7f4cdbf0c3499d5a41dd673360cd3ebb92d34b44b0ee6d9ad
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/dm/2500.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 81165
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/dm/1500.jpg
20.189.78.99200 OK 70 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/dm/1500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 71fdfc59ac4b79cd315f750e2f4d6dbd
12d5c30c5832d81d20f71575a480b696441b6ba8
a3f8bf6e347121460e5aabb4779bfb7f0f7e32166c414a1458e20ec6bc8761ac
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/dm/1500.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 69616
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/dm/1000.jpg
20.189.78.99200 OK 64 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/dm/1000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 2f3a912fb5a0576b7884466a499d546a
c5f08eeee75a0d0ebfd8f887f7b43939c7578df8
6e8a2198ba7e7e8c1e71c908445c2274bdbd48d414fbb0a7fc044df49c3ab0cd
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/dm/1000.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 63898
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
freemlclicknews.line.pm/static/img/dm/500.jpg
20.189.78.99200 OK 64 kB URL HTTP/1.1 freemlclicknews.line.pm/static/img/dm/500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash a5ad315a073e74e09b2d4d8294f15a94
57f386aa235168725dedfab8763bfba9a9e77fe4
32cf399c29db81a1e0362fbd3a925ab217fee31de6a092c2396807a2ade9a6cb
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/dm/500.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:50 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 63592
date: Sun, 11 Sep 2022 08:30:50 GMT
server: LiteSpeed
i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
2.22.31.211200 OK 29 kB URL HTTP/2 i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
IP 2.22.31.211:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 9099099d9d7683a1f7df4c453a3b5250
8a5c119fa1bbfaa30e73b899a7cc2f3e6b307162
6015be6edadd8c2d0e36d1d91b3235986f11e9f42379a3faffe4737b80b37413
GET /originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "9099099d9d7683a1f7df4c453a3b5250"
accept-ranges: bytes
content-type: image/jpeg
content-length: 28766
akamai-grn: 0.cf1f1602.1662885050.344284db
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
freemlclicknews.line.pm/static/img/kof/4.png
20.189.78.99200 OK 0 B URL HTTP/1.1 freemlclicknews.line.pm/static/img/kof/4.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /static/img/kof/4.png HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:47 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 109303
date: Sun, 11 Sep 2022 08:30:47 GMT
server: LiteSpeed
fonts.googleapis.com/css2?family=Teko&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP 142.250.74.10:0
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 08:30:47 GMT
date: Sun, 11 Sep 2022 08:30:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 08:30:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 8331801
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 748f0b1a7ea6b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freemlclicknews.line.pm/jabes/01.jpg
20.189.78.99200 OK 0 B URL HTTP/1.1 freemlclicknews.line.pm/jabes/01.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert openphish Mobile Legends
quad9 Sinkholed
GET /jabes/01.jpg HTTP/1.1
Host: freemlclicknews.line.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freemlclicknews.line.pm/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 08:30:48 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:48 GMT
accept-ranges: bytes
content-length: 155520
date: Sun, 11 Sep 2022 08:30:48 GMT
server: LiteSpeed