| ucofficialunban.cyou/ | 172.67.167.82 | 200 OK | 4.9 kB |
IP172.67.167.82:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text Hashd592160d98b6c0cdc73e016a52815df6 f47b437fea9e687a137d0343e64879fbe44aa644 f1f6f6de49b84fa4a9d9aa6ffe6624f3af5c1490c3098a0829d80388759ce08d
Analyzer | Verdict | Alert | openphish | Tencent | | fortinet | Phishing | |
GET / HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSA1GlAIxfjQjp%2BA2F%2Ffv0DNeM5qRI5jA95T1NfTOGWceqJT7U4ccgJ9jAQMlUt%2BH%2B7IIgSt3p4aQFdoUGnJ3eSx602Q%2FzPjmseKZPRMdxr01N6L%2B4yTHQ8SsnEeB5gP%2FJoRXI%2F3Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793307037cf20b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10795
Expires: Thu, 02 Feb 2023 15:45:58 GMT
Date: Thu, 02 Feb 2023 12:46:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashe935ea42be4feaed61a824b0b903913e f966cfa80d65a805cb9d7c6a53b3340865d7c51a eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4226
Expires: Thu, 02 Feb 2023 13:56:29 GMT
Date: Thu, 02 Feb 2023 12:46:03 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 12:36:06 GMT
content-type: application/json
age: 597
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha8d45deaa7ebfcd996c2055dae592ab8 55befe074589fe7b39757c145968058162a8fc6b 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7269
Expires: Thu, 02 Feb 2023 14:47:12 GMT
Date: Thu, 02 Feb 2023 12:46:03 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: naHXmxBsK17Y88Rz/abLjz8h90DI+ugRCv8BuyaZGyswkQ3p5hklyvmlrTM3VyRSgOnlphgBc21WwcfCZ8Qq0g==
x-amz-request-id: 48YAVMG49T2G7S5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 11:51:58 GMT
age: 3245
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 12:46:03 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ucofficialunban.cyou/css/style.css | 172.67.167.82 | 200 OK | 2.7 kB |
URL HTTP/1.1ucofficialunban.cyou/css/style.css IP172.67.167.82:0
File typeassembler source, ASCII text Hashb56b2f27277fcc41d07b664d838a4dbc 39f81e19a6d9be53860ff76151ff8ef6d7378a46 3436928d75ec2a5aedaae64d30210c150fffd9d0a6f30293f589f631b52225a0
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /css/style.css HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: text/css
Content-Length: 2713
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:09 GMT
last-modified: Wed, 27 Jul 2022 00:39:16 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61134
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6O1EI4A%2FkhfPDlGUBbTHB9l9Gquuk5PMULMc%2FyF%2BhACEryTzXj8qNCUdGXJaCxjsk6r545yCVJ8pAWEAFTlngH6ySbHhkvDTb3ceF0RFKD5QgE1UopsFQ1acQ6EL7CO%2FoO7SHsjJw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793307061fd80b61-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/css/login/facebook.css | 172.67.167.82 | 200 OK | 776 B |
URL HTTP/1.1ucofficialunban.cyou/css/login/facebook.css IP172.67.167.82:0
Hashb7cdda4601c8bb7390623733c98336a7 8dadedc4de2c57c10ec8d4de31e11ad1d4ebc2f8 ef8f9f22faeba81276267c476015413ab0df636729ee46040c6d6c62966d33d2
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /css/login/facebook.css HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: text/css
Content-Length: 776
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Sun, 18 Jul 2021 18:51:10 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyhOkX33aBRGE5HBDM8qBIzxhQz%2Bk6KQQTfVrQyq59wuU0I5LNGHm%2BSbhNQlnCgcOOiRUozBhjFhvm6TyNrxy4AER03mI8KAC6qCETLtFAgno7EbrPA4xvu2R5faKDigp2qPoAtWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793307061bf40b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/css/animate.css | 172.67.167.82 | 200 OK | 4.8 kB |
URL HTTP/1.1ucofficialunban.cyou/css/animate.css IP172.67.167.82:0
Hash28a4d6d57d6e015573f4aff35132beba 9fe7b240d8ad129b7386346d6b9670e7edf6f886 8f4720196ecc8f4f3e0b557e828210a5f18adca51c0a7d3b9e3d1c83f02cbcb7
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /css/animate.css HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: text/css
Content-Length: 4775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:09 GMT
last-modified: Sun, 27 Mar 2022 07:52:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61134
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlGNQ1Fz1t20lemtx8wZOiaAxwcNSISJA%2B3Iq5Xz3%2BOTIjysy9SY01Vy6hi%2B%2B4HkNN4IpzvPCN9w%2FhBt%2FJElf8t9V8bPOd5mGlrATnA%2BXHRoGg%2Bmiy8jXrvwGa3bZncYGwBmVz1yaA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793307061ac0b50b-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/css/login/twitter.css | 172.67.167.82 | 200 OK | 688 B |
URL HTTP/1.1ucofficialunban.cyou/css/login/twitter.css IP172.67.167.82:0
Hashc3dbf2033e032b32686394ae7f631b1e 12bd4836eb2e60240a67c21ca05fb29dd52d2624 516f8128c01077c6329e11a98018a2950461ccb89681d14084bac27ee79266ac
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /css/login/twitter.css HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: text/css
Content-Length: 688
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Tue, 23 Nov 2021 16:14:12 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7D2e%2Bd19jdMHKnMjPkdWdOst0dl2JW28fK0ooBEOJsdgsH8ZuM0OppixdttaxRbVGflaL5fIk04goQZfR%2BvZwqPmd%2BTjD0EBG98zCI3tLnvXNypUaAVhLjNmaoDGJgU1zFdti2V8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793307061bfdb4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/js/script.js | 172.67.167.82 | 200 OK | 1.2 kB |
URL HTTP/1.1ucofficialunban.cyou/js/script.js IP172.67.167.82:0
Hashf95933186460416c795ca470afcd7c01 0ead2aef5aa3199fe0f3ae044ba373a3b17f7a49 2ddc8ec9c696c4a0c5e3438d2296aa2de1cb4ae037d94598569e82df691b7721
Analyzer | Verdict | Alert | openphish | Tencent | | fortinet | Phishing | |
GET /js/script.js HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: application/javascript
Content-Length: 1159
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Sun, 19 Jun 2022 05:29:16 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMVoFjpyr7ZivBOdgFBGjGiWoJisplOPvAIsqA9uudjS3HJy%2FrdMM7qm7Tu1XRz6lgg%2B3lKrgz%2FL0AvDuW0OZYwUDUEiZIZL6bAHEQSr%2BKEzoSHAFTRYfJcrLkKw5HdRusRmIbFzsg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793307063c1d0b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/js/showHide.js | 172.67.167.82 | 200 OK | 272 B |
URL HTTP/1.1ucofficialunban.cyou/js/showHide.js IP172.67.167.82:0
File typeASCII text, with CRLF line terminators Hash6d977127a16ed01d9383bb873fb500dd b636c90c342e1d9b55ad1f854ce731c14ceb55cb 0e18086f49c35381b1d6a0bbc479fa009d75ed5f1d4dbb48f821ac2095715ba3
Analyzer | Verdict | Alert | openphish | Tencent | | fortinet | Phishing | |
GET /js/showHide.js HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: application/javascript
Content-Length: 272
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Sat, 02 Apr 2022 18:25:36 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcJ2BoMwMJzA87GUUo2RlSz3SoT3JYOSjr1XbV0qNi41wDuAb%2F9M4f8KQsy8TXFtn3B8Z2o8iJFF6nYlgWXBiP3zOsCbZJnbguNWm4keK4QdS3XXE%2FvJP3SBjUICXMKkqcxu4FgT%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793307063ae3b50b-OSL
alt-svc: h2=":443"; ma=60
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.25.14 | 200 OK | 5.8 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.25.14:0
File typeASCII text, with very long lines (65536), with no line terminators Hasha7e25a22602a2b2ed35f90fd5210cff1 148c4f275b60e6cf6253d6b4c7bdc486515b2202 312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 12:46:03 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3578821
expires: Tue, 23 Jan 2024 12:46:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBUReWkNimg7V7jxZ9KAmSVpwZGspbsE2UVjP6IlhBUbTtXb17vagDSzlvcLOoJlexqFbl37FMyk3mGsAUgUSqgDtUg7EFVzKJPIt4W7%2F3sRGijaAyqV5etAJ9Wb%2FhDM6DwHT1vV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793307063fd0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hasha7f7aaefea5c7c65dc3c2e83b2032919 492d09014cebce118c2ae4adb38d97637016e629 bd41dab63041d1b61138918350b5616ec031ffab572ed6e37113be12efa112e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5722
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Last-Modified: Thu, 02 Feb 2023 11:10:42 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
|
|
| code.jquery.com/jquery-1.10.2.min.js | 69.16.175.10 | 200 OK | 33 kB |
URL HTTP/2code.jquery.com/jquery-1.10.2.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (32072) Hash68cc08e82915da8b82fc6be74ab86365 4089530b0c00f6cbd1452d7f873be85454196fd1 6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 12:46:03 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675341963.dop210.sk1.t,1675341963.cds258.sk1.hn,1675341963.cds243.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashbc86d7c50932e7f39faadd669ebc9e85 d75d2f04a04d2ef05d7f9bd05b9e785e811905e2 b328b793a46841251fb4a6174d1b652b6c5e0ce3b5191e0655658a20c2533fc1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3625
Cache-Control: max-age=151410
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Etag: "63db4ed4-117"
Expires: Sat, 04 Feb 2023 06:49:33 GMT
Last-Modified: Thu, 02 Feb 2023 05:49:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ucofficialunban.cyou/img/rewards/1.jpg | 172.67.167.82 | 200 OK | 25 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/1.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 534x540, components 3\012- data Hash3de7b1d3ef5f8b6704117c1626bcfdce f6c70b80da5f3f332dd3f5380c67ba5da695b3cd 855d35df25f816b1b2355c47a0eaf2be1fafb53fe9951a7b5d158a7215c6066b
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/1.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 24608
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:57:50 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CWFX%2B2g%2BkE3HtDN%2FO%2B6jLVngrb7%2Fnanm%2Fy6DXnMdlNt5dNwuKP7cU%2Fb%2FAtzHuUf9SeT7koaBzt2MlJ5iO4ZJe%2ByhJt%2FnOcx8B6XoQ8pnAakXZo1RvClZue9wUoca4RnU3au6PxBLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79330706bcbb0b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX2ljb25fMTY1ODM3Mjc3M18wMTE/icon.png?w=100&fakeurl=1&type=.webp | 104.26.9.22 | 200 OK | 3.8 kB |
URL HTTP/2image.winudf.com/v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX2ljb25fMTY1ODM3Mjc3M18wMTE/icon.png?w=100&fakeurl=1&type=.webp IP104.26.9.22:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashdef6f09127eda5f0a512cab1d9112374 de9894543d7502d483d7120d292d7a10d521d157 7c3185bd6465e64e1a901a6e51c6fffde754e266650a1eaaea80ae8ae3df4392
GET /v2/image1/Y29tLmR0cy5mcmVlZmlyZXRoX2ljb25fMTY1ODM3Mjc3M18wMTE/icon.png?w=100&fakeurl=1&type=.webp HTTP/1.1
Host: image.winudf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 12:46:03 GMT
content-type: image/webp
content-length: 3810
etag: e14daa36
x-cache: MISS
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 61133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IU4obtDxp9TpkRwMqYW68Cdqs8fxi7Bcxgso04Tlyu%2BPkE7EC6D2WBm%2BS8ydmze%2BIRgloy5CdA3odN7QUeJ33pr5V8GmZbCsmkPMR9ineYBSL8d3ydHIH0bZV6lNKBg9wc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 79330706c8040b45-OSL
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 216.58.211.10 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP216.58.211.10:0
File typeASCII text, with very long lines (32061) Hashb90b3d2618cce9d766152cd3092b5c27 496339457cd00caab8118e2e1f30ea18dc05b9f4 b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:38:24 GMT
expires: Fri, 02 Feb 2024 00:38:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 43659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 216.58.211.10 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP216.58.211.10:0
File typeASCII text, with very long lines (32180) Hashf16500423cc2867eff8b773df637c48f 1cd32d75b59a89c3a70274e383151a61ce0594f4 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:14 GMT
expires: Sat, 27 Jan 2024 10:05:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 528049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 7.3 kB |
URL HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:0
File typeASCII text, with very long lines (30837) Hash3b6b4013c2d9f1b5822ce6713afb6675 961464cfdfe9df9d0c047e0fc63c3695be46b8dd b7758cec4940029755e284ad7965d0e3344d4b301533de43541b05d1c78dedee
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 12:46:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 20788717
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79330706ab5ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ucofficialunban.cyou/img/rewards/5.jpg | 172.67.167.82 | 200 OK | 30 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/5.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 511x540, components 3\012- data Hashdb7484b8b99f1e243057a79bf3d4ec51 fbc0e1bc08ff9c043ae68d63d7bacc2a7da9c94e c0bf7def3c77f20e6f960933c0447aa877076a75a06bf9cc4a69b55f3519ad66
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/5.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 29957
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:58:02 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW8Ru7Y4iN71vlJB0Vdq9r%2FqFI9VU190AhASDxzcRsxNOFrxtsLAg1b5NuU8wkc0QCatmnm65Vw9qPqWs%2BTXNkvuau%2BumTglAa9dRRgWYj%2FNPZKGmAFZ69e%2FGGPLwfSVyA7HKER06Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307073d57b4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/rewards/6.jpg | 172.67.167.82 | 200 OK | 15 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/6.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 358x415, components 3\012- data Hashcf694e32a2e15ef7f75a6cb0b4c1b3f2 256926792f5dbce3d3fd102e7dac956920391937 1575a6fc10933564a26bca01a36b5869f86f8e198e828cba1a456ad0980544bd
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/6.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 14855
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:58:04 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnY7CP8dED3M1S3fKz6ZX98CqdRy%2Ff32v%2BuSmEYJRP0wte1pFsCNQRhS3TZ7xyPABouqz8hjRr%2Bkr21GQu17646L6fdaFHboX6smXzRf7M6lrALNISLSEcjWtREigKyxUPx8hedeUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307073d4a0b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/popup-close.png | 172.67.167.82 | 200 OK | 422 B |
URL HTTP/1.1ucofficialunban.cyou/img/popup-close.png IP172.67.167.82:0
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Hashd45afd0750df1473f2835dceb7933be8 25fe98b2ed17c8d857094d1d254fcc2a2f34c363 fd5d4a16b40eb27ac0372e93f5f0f9faa21032d1004a980838024f99798b37c8
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/popup-close.png HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/png
Content-Length: 422
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Sat, 18 Jun 2022 12:51:56 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BQFzfOcBIDzB558Z7iizdLDkMimkYZPNyXd7i9plWKvxGz5Lhg1hQuDwzVMk2Q%2FsudDvWM%2B1DUCk5ndxTsR322XvwUIAM1F29vIO%2FPIj5sL9MgzyC%2FGTkSX%2BTP6u1ESqFmaUYULmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307073be4b4ed-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/rewards/3.jpg | 172.67.167.82 | 200 OK | 28 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/3.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 554x554, components 3\012- data Hashaa28ba417df8c9f2f9a3d77b801ebc5e 44fd7d7dafa43f595ba9770759426bec1a589570 91c81ff45ca0b3d631fa48f955962b776f01bce724c4240ad301cdb92452fbdd
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/3.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 28440
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:57:56 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlW579l9RTrfb71pbwGtHyGb%2FsRzm2b1TXWxbMBwfBxdZxGLx5oFm4BiU7%2FotSYyjMWKXs7EfsuIMNkjygBCQW9vnTC9nMbkk%2BsAp7misQQ6ggtAU7Kso76VU6o8MtGcvlmWuKHtyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307075d790b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/rewards/4.jpg | 172.67.167.82 | 200 OK | 31 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/4.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 478x393, components 3\012- data Hash6e16a8ffe8f4bbf5041311a71e65478d dfdb47d62b652c96243c1f0ea2bee83404d68776 8ab02111ed4d6b38bd203060878a3b667393e539e7dddc4b8249fb3809749618
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/4.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 31105
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:58:00 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdFHnPzWRe6nRGR4Stk06RH9vjsqix7cyh55K4i1yB7IraNV8nteDiPzvfB9pGyYzqAI7GIfc3qqjTXiZrBq9H9IUyyiouRitS%2Fylf6gkGPItSLd9zrEAPRalP24WEMj0RXAIWYh6A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7933070749380b61-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/rewards/9.jpg | 172.67.167.82 | 200 OK | 40 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/9.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 536x545, components 3\012- data Hash4dbaa12d7657c690e12d1ebaded2b8f3 668069cf05cb0c37248514770ece24f6f14b3520 3fd4b0092ac1390b144455a44a6943c35ee4fd09053e861c1bb903c9e61c928f
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/9.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 40294
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 01:02:28 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCb9hH7L0lCzFgCf9upEGCFg1fQ0Nhv3ZkNLqSBSLPSaRWMiKOetnCn0%2Bxyz4j81ap355nIe4FANYi0iG8UOa9qpl6iBAXq8DcXIE6E9Wme79iz3e0bi1Ed8h5Sweoofe07KO3pvgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307074d85b4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/rewards/2.jpg | 172.67.167.82 | 200 OK | 22 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/2.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 490x540, components 3\012- data Hash4f148c733e6c9594be436815f013a9df 093d6ddb8ddb9efbfa73bee8eb53ae3de12d8194 6f8e6514bb1d229c9899b5f120a4f23d9bcbd2e0772f9a5bb0d6c47fb81e34d9
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/2.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 22382
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:57:54 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9s7M0t%2FRrEZe5l%2FMZHmlTRgKd7WC%2F%2B9usB%2BXIh%2FOMPgu08G91zJDD5rctRmX4O4q5HdrRTCDeXpBuWiPv8joRpBl4Gwwc0LKud1ig%2FEeqLUtDTyCXooLWOP%2FCL1nxIGORG%2FM4mcHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307074f541c0e-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/rewards/8.jpg | 172.67.167.82 | 200 OK | 5.8 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/8.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x219, components 3\012- data Hash9bd96227a15e1d3380d1fb23aef9afe1 d016976ddcac50a909c47aa10a615c4132287b32 14c0d25da3acf4952cc59d738e1c426b5ab8dc668de7c58419b3dc1486e4841d
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/8.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 5849
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 01:01:32 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRQzn4L3GIrpijngeZyUalow7StZLRWjuvzW0ILyvzU6eL3cMcEqgz857JjLW73JVGuhDBnxcKigAAIg2ZyVIiCo%2FbNmJjh18EdOtQ5H76qXqgaZ%2F1Q5Ux3xmOqaYnMoxYaNOyR5Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307077dcbb4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/rewards/7.jpg | 172.67.167.82 | 200 OK | 9.1 kB |
URL HTTP/1.1ucofficialunban.cyou/img/rewards/7.jpg IP172.67.167.82:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 284x177, components 3\012- data Hash8f099f103a237d009990cc750779b455 e9cf0df59bf8f4c704875e4ab7cee79cceab9098 78fdf174bcf8be05ce5514cc7a6f948c5285e5e019c22b519adc5b4258c14140
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/rewards/7.jpg HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/jpeg
Content-Length: 9056
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:59:30 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDxWPfQQOJ5O7joU9xRab%2BGh%2FfRAQ0mWUxgyO%2FI%2FbZY6rBuSmcbmi2bv%2B9tQyBhivwPa66IEoumdbWZmQRCN17Et%2Fjnr7ITGOXQzcttLfq7T0p0WHUlrsxTFzfqwLzgyjJNIxncnKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793307079dd60b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ucofficialunban.cyou/img/event-theme.png | 172.67.167.82 | 200 OK | 145 kB |
URL HTTP/1.1ucofficialunban.cyou/img/event-theme.png IP172.67.167.82:0
File typePNG image data, 838 x 101, 8-bit/color RGBA, non-interlaced\012- data Size145 kB (145089 bytes) Hash019861f20e3b2b0a11de0f193f85766b 3a2a68b20f7df17c5e9cca77953702ef4ab460d5 a735a82329063d251d5b73db05256efeab239b131662470478ed7650adb2dadc
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/event-theme.png HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/css/style.css
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/png
Content-Length: 145089
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Wed, 27 Jul 2022 00:47:18 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLJcK%2BKROEjedeDfz0SGs1RsO3VFTqc8Q3QM2%2FhMjBrjdNIM4iHdsaAgksmKS4os%2B%2F5nWYeeDw2hkG8x0N3%2FBZa7YyHlx4knavCuG1NNPtmpnRFi4yBUQL%2BVqwoBpjVI%2Ff0j96%2FaUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79330707ce1fb4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| ucofficialunban.cyou/img/btn_item.png | 172.67.167.82 | 200 OK | 58 kB |
URL HTTP/1.1ucofficialunban.cyou/img/btn_item.png IP172.67.167.82:0
File typePNG image data, 490 x 167, 8-bit/color RGBA, non-interlaced\012- data Hashaf8a508cb60567967ba844f8966bb436 9ba0bc4f220f5554d26fe73605d208696287e2db 29d11d5a9fa76408be475d2c6844174056e58521324a397b29e095f6b4b4758d
Analyzer | Verdict | Alert | openphish | Tencent | |
GET /img/btn_item.png HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ucofficialunban.cyou/css/style.css
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: image/png
Content-Length: 58024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 08 Feb 2023 19:47:10 GMT
last-modified: Sun, 19 Jun 2022 04:56:36 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 61133
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQt47NCsNwTDHFM5QDS9C24cSSS6ItoyUVXARRu7Avoe8OwLIOpkYKj3P%2F%2FN%2BM5ap1gkFaT%2BnImwza7GzCMHj4rgtgh297%2FCKxbrdAihuzow%2FJn96O17D8TR9Z6KctTA%2FOzSFf2vKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79330707ee3db4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash42d54c8c12a2f90c448a11bf42800e86 bb66d35435411c825bfcd0a091f33b7d1708191e 3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.ibb.co/V9rgBqw/twitter-text.png | 162.19.58.161 | 200 OK | 4.3 kB |
URL HTTP/2i.ibb.co/V9rgBqw/twitter-text.png IP162.19.58.161:0
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Hashfef946b8bba756359e2a1e87ccd915ea acc364946077b0e32b2343474ce4066ad3ee524c 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 12:46:03 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.ibb.co/Wg8qQxh/facebook-text.png | 162.19.58.161 | 200 OK | 29 kB |
URL HTTP/2i.ibb.co/Wg8qQxh/facebook-text.png IP162.19.58.161:0
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 12:46:03 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 | 142.250.74.35 | 200 OK | 13 kB |
URL HTTP/2fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data Hash5b9fce771bd530ab9767e2b5aebd28c1 28ee5935b59df8b2d6876707e1f0f0e6768d2d31 a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ucofficialunban.cyou
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:56:32 GMT
expires: Fri, 02 Feb 2024 00:56:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
age: 42571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 | 142.250.74.35 | 200 OK | 13 kB |
URL HTTP/2fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data Hashb4082c888eefa2dca3fe2c9d46a87180 05aeb6c58175f659fe59eaca5a9d3735dd0530e3 352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ucofficialunban.cyou
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 21:08:39 GMT
expires: Wed, 31 Jan 2024 21:08:39 GMT
cache-control: public, max-age=31536000
age: 142644
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ucofficialunban.cyou/media/header.mp4 | 172.67.167.82 | 206 Partial Content | 48 kB |
URL HTTP/1.1ucofficialunban.cyou/media/header.mp4 IP172.67.167.82:0
Hashcaade424ab3a705ef6894b377bad2a32 471d16e0e615f363dc5942d49a34e9848e2ecc6c de986aaf05b12c000a7307e4846d1ff2fa647b07d4ddb7e6135155892d770f85
Analyzer | Verdict | Alert | openphish | Tencent | | fortinet | Phishing | |
GET /media/header.mp4 HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=2916352-
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 206 Partial Content
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: video/mp4
Content-Length: 48485
Connection: keep-alive
last-modified: Wed, 27 Jul 2022 00:33:50 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Content-Range: bytes 2916352-2964836/2964837
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD1FVj4fT8stHEThTNNKp6XyrzGx1mQ0xrerSoc0pwel6iR9KkLcleAL122GWYFaYCG%2FNPdzzpbDTdckzsPe7TVlKDhUUkMZXm%2BjnakVFQM%2BmSiSl8i2zhTCoB0PBDbPQxU2aB5FJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79330708af66b4f4-OSL
alt-svc: h2=":443"; ma=60
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash42d54c8c12a2f90c448a11bf42800e86 bb66d35435411c825bfcd0a091f33b7d1708191e 3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:46:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbc193eded0b0b8930bcc5e5df4087bd7 44f598fc1c01d118e44c4ba312c826cfa87c5dda de2d20b89f8b3c8168e9785662093504621b4591a1fe93eeab15bf3aafa851be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE2D20B89F8B3C8168E9785662093504621B4591A1FE93EEAB15BF3AAFA851BE"
Last-Modified: Wed, 01 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11626
Expires: Thu, 02 Feb 2023 15:59:49 GMT
Date: Thu, 02 Feb 2023 12:46:03 GMT
Connection: keep-alive
|
|
| l.top4top.io/m_1725u5z7i1.mp3 | 65.21.235.194 | 206 Partial Content | 20 kB |
URL HTTP/2l.top4top.io/m_1725u5z7i1.mp3 IP65.21.235.194:0 ASN#24940 Hetzner Online GmbH
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data Hashee5b5d12064ae26f839b882edb33da62 6fa93ef00f294eec4ef05276e81813db1e95e346 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Thu, 02 Feb 2023 12:46:03 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 03 Feb 2023 12:22:43 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Thu, 02 Feb 2023 14:46:03 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 12:30:30 GMT
age: 933
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5010
Expires: Thu, 02 Feb 2023 14:09:34 GMT
Date: Thu, 02 Feb 2023 12:46:04 GMT
Connection: keep-alive
|
|
| dl.dir.freefiremobile.com/common/web_event/hash/2dc91d2e1b83aefb1aec34494c6833edjpg | 95.101.10.32 | 200 OK | 129 kB |
URL HTTP/1.1dl.dir.freefiremobile.com/common/web_event/hash/2dc91d2e1b83aefb1aec34494c6833edjpg IP95.101.10.32:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, progressive, precision 8, 512x780, components 3\012- data Size129 kB (129204 bytes) Hash54c6eaa39c491b93371d0e3c0d8fa2ec 6aa5d11c176d7e75aa9a5de9f258941403ee0db0 f71ba777189af374c0d98aaa86bd347fb6865b8170929caf8e2782e89566494b
GET /common/web_event/hash/2dc91d2e1b83aefb1aec34494c6833edjpg HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 000001860E84D12B9809FA6DD8408FED
Accept-Ranges: bytes
ETag: "1fb3bda67d601d16eb3bb1bcde0d477d"
Last-Modified: Thu, 04 Aug 2022 12:33:53 GMT
Content-Type: text/plain
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS8laUqouovJeoZsL7rG2oiYa2yOhot5
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 02 Feb 2023 12:46:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| freefiremobile-a.akamaihd.net/common/web_event/official/logo-small_20210113.png | 23.36.76.115 | 200 OK | 1.0 kB |
URL HTTP/1.1freefiremobile-a.akamaihd.net/common/web_event/official/logo-small_20210113.png IP23.36.76.115:0 ASN#20940 Akamai International B.V.
File typePNG image data, 162 x 42, 8-bit colormap, non-interlaced\012- data Hashd84253a98835ccc82017b63d8ccc54f3 578107b030cc1610f665692948af61fc554252c1 3414e1a42c1555294d1d1e8baeb35a8e323db521608de4f4589a4653814f15b7
GET /common/web_event/official/logo-small_20210113.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 00000185F8C08A85901A379101BCF417
Accept-Ranges: bytes
ETag: "d84253a98835ccc82017b63d8ccc54f3"
Last-Modified: Thu, 04 Aug 2022 12:36:37 GMT
Content-Type: image/png
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSfn5WALS8uHum0LI81KzBfI+JeXbILJ
Content-Length: 1014
Date: Thu, 02 Feb 2023 12:46:04 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| freefiremobile-a.akamaihd.net/ffwebsite/images/logo_small_foot.png | 23.36.76.115 | 200 OK | 3.3 kB |
URL HTTP/1.1freefiremobile-a.akamaihd.net/ffwebsite/images/logo_small_foot.png IP23.36.76.115:0 ASN#20940 Akamai International B.V.
File typePNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data Hash28e3613e41bf30be9a6ff398c2876731 95d245f62f99d9ec3580bc94c120ebb74066c538 8831a2445b11d8d98fc3e121c0e53d66d8ef678a780588c6cda387d415628672
GET /ffwebsite/images/logo_small_foot.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 00000185FC102077954CFE5295A45A15
Accept-Ranges: bytes
ETag: "28e3613e41bf30be9a6ff398c2876731"
Last-Modified: Thu, 04 Aug 2022 12:38:52 GMT
Content-Type: image/png
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSk4P4Khh6bc1rlDcmtiu1LywMizgrQ7
Content-Length: 3265
Date: Thu, 02 Feb 2023 12:46:04 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| push.services.mozilla.com/ | 34.210.150.237 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.210.150.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BoGUv6GYYpwyZV5SWIRZ5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BsnR/5MgS3PFk3flm1Jd9r9ZGqM=
|
|
| www.battlegroundsmobileindia.com/common/img/favicon.ico | 23.36.76.243 | 200 OK | 1.4 kB |
URL HTTP/2www.battlegroundsmobileindia.com/common/img/favicon.ico IP23.36.76.243:0 ASN#20940 Akamai International B.V.
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data Hash80856a1f0c07b83a6b67d557d0aca397 031cab2f407c8059dcfab8599f8bba9486512f21 5609e69ac9fb00efc23806475c7a228fcb5a87dc7e4380673a44e018af7a8060
GET /common/img/favicon.ico HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 1436
last-modified: Fri, 14 May 2021 10:49:26 GMT
etag: "59c-5c247ff585980"
accept-ranges: bytes
date: Thu, 02 Feb 2023 12:46:04 GMT
X-Firefox-Spdy: h2
|
|
| a.top4top.io/m_1725zobal2.mp3 | 51.159.64.45 | 206 Partial Content | 18 kB |
URL HTTP/2a.top4top.io/m_1725zobal2.mp3 IP51.159.64.45:0
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data Hash70ded6b0b406f9710307bc35e221629f 7034ec2ff72c936255b04c0890ce8976599380cc 22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Thu, 02 Feb 2023 12:46:05 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 03 Feb 2023 12:22:45 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Thu, 02 Feb 2023 14:46:05 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7347
Expires: Thu, 02 Feb 2023 14:48:32 GMT
Date: Thu, 02 Feb 2023 12:46:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7347
Expires: Thu, 02 Feb 2023 14:48:32 GMT
Date: Thu, 02 Feb 2023 12:46:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7347
Expires: Thu, 02 Feb 2023 14:48:32 GMT
Date: Thu, 02 Feb 2023 12:46:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7347
Expires: Thu, 02 Feb 2023 14:48:32 GMT
Date: Thu, 02 Feb 2023 12:46:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7347
Expires: Thu, 02 Feb 2023 14:48:32 GMT
Date: Thu, 02 Feb 2023 12:46:05 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf1d06527f75868ea84da730b7c8b5660 6c0cb65a477d6bc7d013529411d5735bd39e3d46 2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EnMwKHnlZQbvGDjPKuFqW9G8CBaRAV6QKzJ2VFOtRPDm3EIgVUpmYQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:29 GMT
age: 53316
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4bb3a6fba496d54cdbbccaf2b9600386 8e30002699e9fbf2047f9ac11a36d2175fc9c591 927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 19797
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash604c573da6f79effa2a81e711c14ad9e 322a3a510ca73e124d78e31b49d676ec891a6762 8d2b897fe4251106be9183fa2a6a3b0918cd1f4dcc5f814aa88a630a77b4045c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: 774cebdf-b2bf-4a98-9d2b-e2abd4bd1a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BG-hoAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-234163873ca67e934d684a1d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uBOoIV3qLgPgjOas4bG9LnzvJyW5AmcxMm7xqxI2keBg3er2G3MldA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:31 GMT
etag: "322a3a510ca73e124d78e31b49d676ec891a6762"
content-type: image/jpeg
age: 53074
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash41c44051cc3b4c69924df66048e7566b 5c6a12595c3f6005fec4baa84b16575951e72178 72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qON7fRZ1XPCkl7ldiGagd0UcPynLKMzysXr8LZSRvS1ily9cN5w_wA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:22:55 GMT
age: 51790
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg | 34.120.237.76 | 200 OK | 5.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7c823f1d6bf1c50d58eb263b85e6e37c a7b74d11494fb3254df907e5cc1eead070d84617 b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 51867
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash395bb0f71f9eba82f5ca23548d08900f b1fada280c7ea3eb775a6fa46ce173a51eb045f5 7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 53294
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 IP142.250.74.106:0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 12:46:03 GMT
date: Thu, 02 Feb 2023 12:46:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ucofficialunban.cyou/media/header.mp4 | 172.67.167.82 | 206 Partial Content | 0 B |
URL HTTP/1.1ucofficialunban.cyou/media/header.mp4 IP172.67.167.82:0
Analyzer | Verdict | Alert | openphish | Tencent | | fortinet | Phishing | |
GET /media/header.mp4 HTTP/1.1
Host: ucofficialunban.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://ucofficialunban.cyou/
HTTP/1.1 206 Partial Content
Date: Thu, 02 Feb 2023 12:46:03 GMT
Content-Type: video/mp4
Content-Length: 2964837
Connection: keep-alive
last-modified: Wed, 27 Jul 2022 00:33:50 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Content-Range: bytes 0-2964836/2964837
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InLkOiASozaldMM8ZITm3Bz9T1jp1A27woAtFqvRI8KEqbUqPBEkSABLEbp%2BK4VE6QLT0YHdko9DclTGI5tb2qmH6ELypk%2ByhzeKcrH9%2FOyiDC5wso973cyqnjyswALtKpXN2%2BwlpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79330706bbd1b50b-OSL
alt-svc: h2=":443"; ma=60
|
|