| ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== | 91.185.215.4 | 200 OK | 1.2 kB |
URL User Request GET HTTP/1.1ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== IP91.185.215.4:443 ASN#41828 Telemach Slovenija d.o.o.
CertificateIssuerLet's Encrypt Subjectysxa2.sa.com FingerprintDE:85:1F:FE:9A:97:2E:D4:5F:27:64:4A:13:A3:23:A2:8C:93:23:E5 ValiditySun, 07 Apr 2024 20:20:59 GMT - Sat, 06 Jul 2024 20:20:58 GMT
File typeHTML document, ASCII text, with very long lines (475) Hash247e8f3c18fdb021661afa17a4fea102 84b25bd876a25f9c26d0c246b873a45d809148bb 2737879b7b4b28e45e809b1d2817d2bf10795f33e5b70c167fbb67336f4111ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== HTTP/1.1
Host: ysxa2.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 07:54:44 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| ysxa2.sa.com/cn-file/edg/assets/js/index.js | 91.185.215.4 | 200 OK | 25 kB |
URL GET HTTP/1.1ysxa2.sa.com/cn-file/edg/assets/js/index.js IP91.185.215.4:443 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerLet's Encrypt Subjectysxa2.sa.com FingerprintDE:85:1F:FE:9A:97:2E:D4:5F:27:64:4A:13:A3:23:A2:8C:93:23:E5 ValiditySun, 07 Apr 2024 20:20:59 GMT - Sat, 06 Jul 2024 20:20:58 GMT
File typeASCII text, with very long lines (14329), with CRLF line terminators Hasha4279d8d402beb941895d3e9c18b738d 6cab01a778966e2d5d1d84659525339d5f70cb88 e4f1f89acd4984a38721d43081ffb9b10323f1b2d37ae35c9c92eb69ae109d5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cn-file/edg/assets/js/index.js HTTP/1.1
Host: ysxa2.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 07:54:44 GMT
Server: Apache
Last-Modified: Thu, 22 Feb 2024 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 24730
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== | 91.185.215.4 | 200 OK | 1.2 kB |
URL User Request GET HTTP/1.1ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== IP91.185.215.4:443 ASN#41828 Telemach Slovenija d.o.o.
CertificateIssuerLet's Encrypt Subjectysxa2.sa.com FingerprintDE:85:1F:FE:9A:97:2E:D4:5F:27:64:4A:13:A3:23:A2:8C:93:23:E5 ValiditySun, 07 Apr 2024 20:20:59 GMT - Sat, 06 Jul 2024 20:20:58 GMT
File typeHTML document, ASCII text, with very long lines (475) Hash247e8f3c18fdb021661afa17a4fea102 84b25bd876a25f9c26d0c246b873a45d809148bb 2737879b7b4b28e45e809b1d2817d2bf10795f33e5b70c167fbb67336f4111ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== HTTP/1.1
Host: ysxa2.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 07:54:44 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| ysxa2.sa.com/cn-file/edg/assets/js/index.js | 91.185.215.4 | 200 OK | 25 kB |
URL GET HTTP/1.1ysxa2.sa.com/cn-file/edg/assets/js/index.js IP91.185.215.4:443 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerLet's Encrypt Subjectysxa2.sa.com FingerprintDE:85:1F:FE:9A:97:2E:D4:5F:27:64:4A:13:A3:23:A2:8C:93:23:E5 ValiditySun, 07 Apr 2024 20:20:59 GMT - Sat, 06 Jul 2024 20:20:58 GMT
File typeASCII text, with very long lines (14329), with CRLF line terminators Hasha4279d8d402beb941895d3e9c18b738d 6cab01a778966e2d5d1d84659525339d5f70cb88 e4f1f89acd4984a38721d43081ffb9b10323f1b2d37ae35c9c92eb69ae109d5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cn-file/edg/assets/js/index.js HTTP/1.1
Host: ysxa2.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 07:54:45 GMT
Server: Apache
Last-Modified: Thu, 22 Feb 2024 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 24730
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| ysxa2.sa.com/cn-file/edg/assets/php/policy.php | 91.185.215.4 | 200 OK | 228 B |
URL POST HTTP/1.1ysxa2.sa.com/cn-file/edg/assets/php/policy.php IP91.185.215.4:443 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerLet's Encrypt Subjectysxa2.sa.com FingerprintDE:85:1F:FE:9A:97:2E:D4:5F:27:64:4A:13:A3:23:A2:8C:93:23:E5 ValiditySun, 07 Apr 2024 20:20:59 GMT - Sat, 06 Jul 2024 20:20:58 GMT
Hashe94f7870425bb3226ea06ca11ffb45a3 7c0572f2223515106e03b73eeaad7f19eb721182 fe51122dde238f843aa177a7f340135b7cc7fefa1058976f200639a6502a1fd0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cn-file/edg/assets/php/policy.php HTTP/1.1
Host: ysxa2.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ==
Content-Type: application/json
Content-Length: 52
Origin: https://ysxa2.sa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 07:54:45 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| www.google.com/s2/favicons?domain=mycraftmail.com | 142.250.74.164 | 301 Moved Permanently | 335 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=mycraftmail.com IP142.250.74.164:443
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash0c2a4132711d226631b128ec05f00e64 ba7b67dc8618c15689a350d51aee51f708dc0d56 b471549dade2b69f3debd8f1af5b6ac7d97145c2d4e6237eeeff3f984172cb1f
GET /s2/favicons?domain=mycraftmail.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ysxa2.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 335
x-xss-protection: 0
date: Tue, 07 May 2024 07:49:18 GMT
expires: Tue, 07 May 2024 08:19:18 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=mycraftmail.com | 142.250.74.164 | 301 Moved Permanently | 335 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=mycraftmail.com IP142.250.74.164:443
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash0c2a4132711d226631b128ec05f00e64 ba7b67dc8618c15689a350d51aee51f708dc0d56 b471549dade2b69f3debd8f1af5b6ac7d97145c2d4e6237eeeff3f984172cb1f
GET /s2/favicons?domain=mycraftmail.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ysxa2.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 335
x-xss-protection: 0
date: Tue, 07 May 2024 07:49:18 GMT
expires: Tue, 07 May 2024 08:19:18 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 | 142.250.74.100 | | 726 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 IP142.250.74.100:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ysxa2.sa.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 07 May 2024 07:54:46 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 | 142.250.74.100 | | 726 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 IP142.250.74.100:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ysxa2.sa.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 07 May 2024 07:54:46 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 | 142.250.74.100 | 404 Not Found | 726 B |
URL GET HTTP/2t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 IP142.250.74.100:443
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ysxa2.sa.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 07 May 2024 07:54:46 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== | 91.185.215.4 | 200 OK | 1.2 kB |
URL GET HTTP/1.1ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== IP91.185.215.4:443 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerLet's Encrypt Subjectysxa2.sa.com FingerprintDE:85:1F:FE:9A:97:2E:D4:5F:27:64:4A:13:A3:23:A2:8C:93:23:E5 ValiditySun, 07 Apr 2024 20:20:59 GMT - Sat, 06 Jul 2024 20:20:58 GMT
File typeHTML document, ASCII text, with very long lines (1287), with no line terminators Hash568221a04eeb06a2845e674ca91cf392 a3cb3d65681151217b5cd2578e2e84e29edfff38 e544b4d688f81d861888c641e7d0afe29d6f4dcf1bd9ceee9fcfd4cd1178ee5a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== HTTP/1.1
Host: ysxa2.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 07:54:44 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| mail.mycraftmail.com/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ==
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: mail.mycraftmail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ysxa2.sa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 | 142.250.74.100 | 404 Not Found | 726 B |
URL GET HTTP/2t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 IP142.250.74.100:443
Requested byhttps://ysxa2.sa.com/cn-file/edg/index.php?info=bm9ib2R5QG15Y3JhZnRtYWlsLmNvbQ== CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mycraftmail.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ysxa2.sa.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 07 May 2024 07:54:46 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|