Overview

URL pubgspin.my.id/
IP172.67.205.199
ASNCLOUDFLARENET
Location United States
Report completed2022-10-02 22:33:20 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
2022-10-01 2 pubgspin.my.id/ Tencent
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-02 2 pubgspin.my.id/ Phishing
2022-10-02 2 pubgspin.my.id/js-zone/jquery.js Phishing
2022-10-02 2 pubgspin.my.id/js-zone/main-zone.js Phishing
2022-10-02 2 pubgspin.my.id/js-zone/myScript.js Phishing
2022-10-02 2 pubgspin.my.id/js-zone/slide-zone.js Phishing
2022-10-02 2 pubgspin.my.id/index_files/gift-zone.js Phishing
2022-10-02 2 pubgspin.my.id/index_files/slide-zone.js.download Phishing
2022-10-02 2 pubgspin.my.id/index_files/css Phishing
2022-10-02 2 pubgspin.my.id/js-zone/zero-zone.js Phishing
2022-10-02 2 pubgspin.my.id/js-zone/alert-zone.js Phishing
2022-10-02 2 l.top4top.io/m_1725u5z7i1.mp3 Malware
2022-10-02 2 a.top4top.io/m_1725zobal2.mp3 Malware
2022-10-02 2 pubgspin.my.id/index_files/jquery.min.js.download Phishing
2022-10-02 2 pubgspin.my.id/media/spin.mp3 Phishing
2022-10-02 2 pubgspin.my.id/media/header.mp4 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 108.156.28.39
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-02 11:34:52 UTC 69.16.175.42
mnemonic passive DNS i.postimg.cc (11) 23840 2018-04-11 10:01:12 UTC 2022-10-02 12:43:32 UTC 162.19.88.69
mnemonic passive DNS ajax.googleapis.com (2) 12905 2013-06-10 06:53:41 UTC 2022-10-02 17:19:54 UTC 142.250.74.74
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-02 11:24:27 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 52.35.74.102
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.77.32
mnemonic passive DNS pubgspin.my.id (26) 0 2020-05-09 06:30:46 UTC 2022-10-02 18:34:13 UTC 104.21.61.36 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS l.top4top.io (1) 926491 2020-01-14 23:19:40 UTC 2022-10-02 15:42:20 UTC 65.21.235.194
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (8) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-10-02 18:15:57 UTC 104.18.10.207
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 18.165.201.83
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-02 11:24:40 UTC 104.17.25.14
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS www.pubgmobile.com (8) 21653 2018-04-27 11:06:13 UTC 2022-10-02 12:43:34 UTC 23.36.76.227
mnemonic passive DNS a.top4top.io (1) 588496 2019-12-05 18:36:40 UTC 2022-10-02 12:43:33 UTC 51.159.64.45
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-02 16:00:45 UTC 142.250.74.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 172.67.205.199

Date UQ / IDS / BL URL IP
2022-10-02 22:33:20 +0000
0 - 0 - 41 pubgspin.my.id/ 172.67.205.199

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-01 12:58:41 +0000
0 - 0 - 4 surefap.org/publisher/ugaromix 172.67.191.234
2022-12-01 12:57:40 +0000
0 - 0 - 3 denounceexemption.top/ 172.67.196.152
2022-12-01 12:56:52 +0000
0 - 0 - 2 dutadamaikalimantanselatan.id/ 172.67.175.78
2022-12-01 12:56:40 +0000
0 - 0 - 6 fuckmefast.com/fr/ms/1-283022-0/ 104.21.7.27
2022-12-01 12:55:25 +0000
0 - 0 - 4 fuckmefast3.com/fr/p25/ms/1-283022/?cep=Cnt0P (...) 104.21.40.20

Last 1 reports on domain: pubgspin.my.id

Date UQ / IDS / BL URL IP
2022-10-02 22:33:20 +0000
0 - 0 - 41 pubgspin.my.id/ 172.67.205.199

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-14 15:08:24 +0000
0 - 0 - 15 mediafire.getz.my.id/ 104.21.16.227
2022-10-08 06:34:22 +0000
27 - 0 - 2 www.pubgspin46.duckdns.org/ 20.189.78.99
2022-10-08 04:53:24 +0000
27 - 0 - 0 mail.pubgspin45.duckdns.org/ 20.189.78.99
2022-09-25 20:51:41 +0000
19 - 0 - 29 pubgspin10.duckdns.org/ 20.189.78.99
2022-09-17 08:58:57 +0000
27 - 0 - 29 mail.pubg36.duckdns.org/ 20.189.78.99


JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 171, repeated: 1) - SHA256: 06d287bc821986c6d2cea4631dc0329b9cd9e15ca19737eb1479e118526bc3e9

                                        < script src = "js-zone/alert-zone.js" > < /script><script type="text/javascript
" src="
js - zone / zero - zone.js "></script><script language="
JavaScript ">document.write(ls())</script>
                                    

#2 JavaScript::Write (size: 140, repeated: 1) - SHA256: 69db51683da9aaff997d8865c60e37445e2bc99d451ec64029183b375779df4d

                                        < link rel = "stylesheet"
type = "text/css"
href = "css-zone/style-zone.css" / > < link type = "text/css"
rel = "stylesheet"
href = "css-zone/zero-zone.css" >
                                    


HTTP Transactions (84)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16213
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:33:09 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.83
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e963d9388521b938ab0c2d19e2400bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: zKLKlXJP_TrgwcJZ_ni1PhRy2wTQMymuAV1--lp7_wYE812S-rEoFQ==
Age: 1787


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.39
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: vl1tJqgj49ZYqwi28QXuh2kTdJTAQNLafXmQfTJfP4XkPqE9mic0vw==
age: 68393
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JcfVqVCRt%2FkIT2ciA1R3ysVZM1ZNhTbzcUSGCMJTo0qIaFcUKTDJawRy8ZIqCjRW5hdoeTPjGkXm41rZNEM56z5thn4%2BpdBWHo15wUcFKeqdE%2FVSRtNAYg2PNs4ac9AnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e5bb10b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (370), with CRLF line terminators
Size:   4010
Md5:    1ceb12f095e344339b87f0db91d80953
Sha1:   96f521e33b7913715d75aac8c456aa46cc655ae6
Sha256: 745315e5c84d2d3e6175e17e718065d1369a1098be2ba274d8755101af26b741

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /css-zone/facebook.css HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 785
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:53 GMT
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84376
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAlMWP0SLhFalWIHdC46scsEZg1XpADT2Ie7jtysKnYli1ycTl9W%2B%2Fy0sl2FMraGubjw1ZtZ0z5Pr8tYjjciakaW1vnnEPlvjlK8Jldv%2F78GHXev1MUz1t%2F%2B%2F2FdfI6gXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e9c80fb527-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   785
Md5:    d1a79475edda3aac334848f93fb8da66
Sha1:   94ff239747dd8076d61fdf0706a109eafe4b008c
Sha256: 2d3e66515c705b3aa081e29e7056892156d5b13c30467f635f8c15fe97b1b379

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /css-zone/twitter.css HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 684
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:53 GMT
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84376
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAIa4l8bntuHTO5ib%2BzbAlRgC9ouYxG0vOS0MHx%2BUJGcT%2FEWhrFesUXDbN7%2BUsbkoQ18uUbfc6BRRgNtEWrrsQpRFb4KJAVEXhCsTUoEDbWw1anrqvd1F3EiNSVIHoL4aw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e9cbf6b4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   684
Md5:    25ba1091ec0397ac78a7507548c81098
Sha1:   8a3a35c6d6cc9caeaa00cac06329e304974a8378
Sha256: 4152c46cddde07d7e9180a35a10ef4700d9b44b2643a97ed1a846cd25a17df24

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /js-zone/jquery.js HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 451
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:53 GMT
last-modified: Fri, 22 Apr 2022 09:48:20 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84376
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcTWr1qn2YjGjRdeSYQtq%2FBcq2awQrZXjgUXW11p5wRK7dvABMoy0W8pUv4yz%2Fk%2BSoW6T%2FLtJRb%2FnnC96aTF44mlLqspkY%2FqX8H7GCXq6ldt1JURoazdfTyfqW6HtEY5lw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e9dca51c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (1757)
Size:   451
Md5:    1abe5c025a16893ec52beb616bed7b16
Sha1:   9d69e05eeeecfb6f358bfa69e460168a7617f585
Sha256: 1dfae3417846d2cfbd7957679b81e8021a51949912e10b3101c71ca2f9d5dcb3

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /js-zone/main-zone.js HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 345
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:53 GMT
last-modified: Fri, 22 Apr 2022 09:48:20 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84376
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPSeWNJ%2FyGKKCVWfqL4%2BxHEXK18wpD6yZbdeQNR9WBV5D5yiAoUjLqVuxTmYciQ2kb83Uqu2hOQbClLjfrLK5NANcP5lt25bMGlJaRCh4g9%2F3dfGmBelXZ6p5GpupnlqEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e9ebe3b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (316)
Size:   345
Md5:    bbae78527e745cb146a632161f3012f4
Sha1:   c882ece393db1074d14ce6f7a31bbd1a75b063f2
Sha256: c14640cd35d53dc1c450da2a35643dbcaf9877fc7818bc796580801c80c64922

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /js-zone/myScript.js HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 1127
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:53 GMT
last-modified: Sun, 24 Jul 2022 04:11:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84376
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqLrIrdUMJbTGvJLdjbXHHmzEuAG8LzUmudsP4TwRNfumdZi%2Bpf508Ft8NcyiX4sfy%2FeMLTZ0OvxJbwq9VhrP6onU2LcYmgsRdvMR9ySkUSv9BWVYvnWkaZrv2QBBXyxyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e9edba1bfe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (5572), with no line terminators
Size:   1127
Md5:    2d1be668ebd19909c9428914f93321a0
Sha1:   ca0bcb13262a32c0faf6425aff907df0c037f83e
Sha256: 6952845840cdbe81f203ed67fa129a4c6a60d4d4dce92d3679a7b061ef805539

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /js-zone/slide-zone.js HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 596
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:55 GMT
last-modified: Fri, 22 Apr 2022 09:48:20 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84374
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCUu9MEN7TvJHP%2FnDgpzcjHudAe3ACcY663eRP991xSel4tg8mvTUqdNwxqkltKOuHvS2PQRzqf221N56gfkYY%2B%2BFuBD7RAk0yELceYG%2F9LzV9J8YnQXlm1eALRb4psQcw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ea0cc01c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (530)
Size:   596
Md5:    c311a1bb166e62daf0cba4d7c329dcc5
Sha1:   ef905dfbe8b851daf1eaa09548da4f05b1ffd246
Sha256: 9af879c13db6a97f0fb98e8b1135d35ffb169caab7bf4265c02a9cc223605020

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /index_files/gift-zone.js HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 633
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:54 GMT
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84375
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPRzemSTsPMcAjhqSbx6P09kk0Xo7x4jDO5pb00OX%2F8Ch54T4EHud9VsDqS9N5CIzt9gCtsF5YE3ao%2BR%2FQLqg9LH3Rqv3PvKnwik%2Fw0nkg8cqZUORPttFlXw57%2FGxQkvaw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ea0c26b4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   633
Md5:    36c66a5858739e6e4292644a69881502
Sha1:   c88534cd8a09aab21ef15eaee7ca3726584b0eb3
Sha256: 585e9d93d2a5e5eb3c781272abe9f16ded59439a48b5860ec4a321c991ac48d1

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 407240
expires: Fri, 22 Sep 2023 22:33:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXW48vEbcZsqEL%2BP7YFg8sIPXhKTS2fQ3IiLa3Fy%2BwdLpwM7ype0qn8ygdidxj4b0%2BBTdJaaU6AxjsVO%2FVD%2B0VdIzh%2BzeOW%2FrjtD5OLnSgTBJ31fRI4KFEeKPFQBslXluXzquFeR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7540e5ea1b700b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   5845
Md5:    a7e25a22602a2b2ed35f90fd5210cff1
Sha1:   148c4f275b60e6cf6253d6b4c7bdc486515b2202
Sha256: 312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
                                        
                                            GET /jquery-1.10.2.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 02 Oct 2022 22:33:09 GMT
content-encoding: gzip
content-length: 32788
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664749989.dop017.sk1.t,1664749989.cds215.sk1.hn,1664749989.cds243.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32072)
Size:   32788
Md5:    68cc08e82915da8b82fc6be74ab86365
Sha1:   4089530b0c00f6cbd1452d7f873be85454196fd1
Sha256: 6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4944
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:33:09 GMT
Last-Modified: Sun, 02 Oct 2022 21:10:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /Thwcks3z/footer-socmed-2.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 10864
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 148, 8-bit/color RGBA, non-interlaced\012- data
Size:   10864
Md5:    80c10d25063bc5137b0fcf63b4d6165f
Sha1:   9655f83c214eaccb92d34d8b8ca83581a56fb2a7
Sha256: 16f1ccc0e0a89629ef11948c8de6ca77591a6f9b937b8de44ebc18358225bd80
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pV8Q4L9L/footer-img.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 14457
last-modified: Sun, 26 Dec 2021 01:40:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 669 x 99, 8-bit/color RGBA, non-interlaced\012- data
Size:   14457
Md5:    d8e7ade119fece88de74909f9625a4f4
Sha1:   fcd55a597136e98a1ef13fb4ec78b5fdfe5ddffb
Sha256: 49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4
                                        
                                            GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 15:43:54 GMT
expires: Sat, 30 Sep 2023 15:43:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 197355
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32061)
Size:   29671
Md5:    b90b3d2618cce9d766152cd3092b5c27
Sha1:   496339457cd00caab8118e2e1f30ea18dc05b9f4
Sha256: b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
                                        
                                            GET /bdB94RGs/footer-socmed-3.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 6571
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   6571
Md5:    bc99de2d262f8daf5c75d55ea0328990
Sha1:   8af7007005a8725a1c2e2a4710101be68a7ebfea
Sha256: d1e50bf94ebb01626c1045d43541f5989f67f6b3d62d3d6eb38e34fe0be94595
                                        
                                            GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 22:16:16 GMT
expires: Sun, 01 Oct 2023 22:16:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 87413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29707
Md5:    f16500423cc2867eff8b773df637c48f
Sha1:   1cd32d75b59a89c3a70274e383151a61ce0594f4
Sha256: 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
                                        
                                            GET /3wBVgZTz/login-Method1.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 28789
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size:   28789
Md5:    74190b93fc4f5d88f0c8e6411ba20bd8
Sha1:   89ce2ecb660a90b8e6ed1b335443d7767c59f28a
Sha256: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
                                        
                                            GET /dtyfWFF2/login-Method2.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size:   4298
Md5:    fef946b8bba756359e2a1e87ccd915ea
Sha1:   acc364946077b0e32b2343474ce4066ad3ee524c
Sha256: 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4944
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:33:09 GMT
Last-Modified: Sun, 02 Oct 2022 21:10:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /YvcfCqz7/footer-socmed-4.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 13796
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   13796
Md5:    023bfaf2a56a2b76e7afc94885893502
Sha1:   225d5166c4b3f7346e3bfef148d6bfb87b5b4a96
Sha256: 8014774799900154e012ac41d6cdd404adc93c5955535ee4bd5372e054e90443
                                        
                                            GET /w7RQzsJF/footer-socmed-5.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 9205
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   9205
Md5:    2a03905025f0e6e39ce3934cb40b170f
Sha1:   72ccd4a954ae859709be05f27c5e425dc0c810eb
Sha256: a72b0b2226327f8af54d11c68347fd2930f05d48004c0f05e1ef39c3505d8ba0
                                        
                                            GET /Sxyy8Kzz/footer-socmed-6.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 4316
last-modified: Wed, 13 Apr 2022 13:57:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 184 x 140, 8-bit/color RGBA, non-interlaced\012- data
Size:   4316
Md5:    27eb10858d473bfd39cca3251fe35a26
Sha1:   f472c341ec3696a0c7bb85799495995ff72f941f
Sha256: e0e93e88b46229223de82294608854d6578f0ade6f696b31f830cda37aae9b0e
                                        
                                            GET /jnLQLD1x/footer-socmed-1.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 5796
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   5796
Md5:    bef4c998aafaa09e5d29d60f46525c62
Sha1:   6c7f350282f0f6dc01f577c3785e0aaea0fcc2e6
Sha256: dfba7a0c7d120366be1d50ada6b75adcf62ac2038a1c08fd6e1c77071a38b5d1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /SxQ04Qn4/navbar-logo.png HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 177317
last-modified: Tue, 22 Mar 2022 04:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size:   177317
Md5:    d2d4c42a8bef48daa7c8151a838870c9
Sha1:   7ad25c9e369e069f97093188699bd58a2b298888
Sha256: a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587
                                        
                                            GET /en/images/nav_download.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 02 Oct 2022 22:33:09 GMT
content-length: 485
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size:   485
Md5:    105955f14143a23be57cadef8e91950e
Sha1:   98cc1e76113b4b2a2a77805bb1f1d6b364344d88
Sha256: b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.83
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 02 Oct 2022 22:32:56 GMT
Expires: Sun, 02 Oct 2022 22:46:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 096e5ecae9d1cd03edf8411ad106b092.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: OOSGepthnWgbC_-TDr2ykfS9LsqoTqWFv8I4CnFT9pKbTiPiioSmvQ==
Age: 13


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /index_files/slide-zone.js.download HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 2054
Connection: keep-alive
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mJGYZzoi85Z5KGFB5MHeVIId%2BOFbXK%2Be3mupTuTkRSl%2Fu8%2Fv08DY4%2FqvTxOaxfrFpMTwSBzPGj87kDNqjyt1w23TPjN8xSlvGsG0kbNT1XUlFeUBDZeHkvzJF8yrxkYJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ea0c11b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (530)
Size:   2054
Md5:    290d1a9d8c436b4815b9f543e3a302de
Sha1:   fda5d1f65e6b1eb4d929ea77de3b911ee208a27a
Sha256: 5decabf43c201e0f9e058461dd0d8a8bc744e4174583ef39971abc226bf2ca08

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4626
Cache-Control: max-age=125441
Date: Sun, 02 Oct 2022 22:33:09 GMT
Etag: "63394694-1d7"
Expires: Tue, 04 Oct 2022 09:23:50 GMT
Last-Modified: Sun, 02 Oct 2022 08:06:44 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /index_files/css HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 62268
Connection: keep-alive
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljYTQ3cbcjx1NWLlBGOTYWuYHc%2B9%2Ff0%2BwWTGpMXQMQlOwhzz4qEK0UlG6Ul3TRQQMZO9MMhBs%2BLn9kUNhX37WPj%2B8mwYiPjHvWEValuTzowIQDV%2BBnp1t%2B5%2F34n5YOc6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e9becfb505-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1116)
Size:   62268
Md5:    755df17a408beddb747e36f27ae4dedc
Sha1:   53daa61ef477c0badec68fa8942cb5ffce0c38b0
Sha256: a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /img/reward/1.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 57528
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:58 GMT
last-modified: Fri, 22 Jul 2022 00:40:32 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84372
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvY5S3J9W63qdEP5emBowkYxZv6pQuJPi94RMpcTeC%2BUkplN3v2Kh6HOf3mjQABvp%2FLrtoqR%2BIH%2Bl%2FLi6KAGSPVL33b6xqlAD3txogMGLdjWs8GD4UOT%2FJRhLajwBXNx1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5edef7fb4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size:   57528
Md5:    0e4df1245f66d1bb80bde7bb122de75d
Sha1:   12b188d382938edef719ccef3552bdc54c65490f
Sha256: db64067730eede2c793802490ae36b959159e750af50a660ce0cb707560dfc4e

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/reward/4.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 39737
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:58 GMT
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84372
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyJKRHb5o3VV4Yeg6Kg1QnNRhwoTYphA4jDZtVmxdUp73KcKu41a1vgvrZhEiei%2FnV4t%2BhmdRmqcHKoVruuc%2BfvJQhprK0Xe%2Bix94lq9kS8UDJTF3oIsfRdU50GiGXeizg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5ede8491bfe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 640 x 640, 8-bit colormap, non-interlaced\012- data
Size:   39737
Md5:    e7134182b0622d7dc96ca39a9ee38f54
Sha1:   75ac9658535f6579b5b9295d3d280e9470c893bb
Sha256: 711f17bd667e28b99943069dab753cb68e00773621cae063de324f0e87d3d3aa

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/reward/6.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 44591
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:58 GMT
last-modified: Fri, 22 Jul 2022 00:40:32 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84372
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWnVXpmA9xyJSLNC%2B08D1poL%2FSEsNh%2FjFocNGd2drIyNCsmGU3BrqFrnudVxd6SzZV%2FRUQ9djnJd0d%2BOpZgnG1gbD%2FZXiRmNHzpp3ErU0iHHaaXEsVwUFtMR2rF4gpzETA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5edea44b505-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size:   44591
Md5:    193711949042535538ba89a8ff8f597b
Sha1:   9e16deac47a834240916411a426362009a5b9741
Sha256: 22f58a0e433d4360083726a341776945bb576baaf4a0f461e82fbbe3342b71ba

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/reward/3.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 95004
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:58 GMT
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84372
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Hj29CWYmLvZZVXRur%2BkzBOD0l4dODDm0%2F%2FGCSAuvBNjAu7uScpZJHViGFP%2FFmvNzfKBBxLVsKRfFGYPdB8iUruIToWbJkLZcPwjdRAnKH5ejt2RbJMDLfuj%2BXNjssxxzg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5ede8321c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 1080 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   95004
Md5:    a2830ae61d43bd21ca6186eeafbe8a1d
Sha1:   3eef15dac36d395933fe5015f5b8d43fdf225900
Sha256: e0c3eccbf8534af45e19bd503704b22a11fd84c459a4c775c5644d53ec9d0d28

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/draw.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 106627
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:56 GMT
last-modified: Fri, 22 Jul 2022 00:31:54 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84374
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuaq7zxbA7wNCLjf27%2Fil9j1rlqMyLVOPmLMDvTTdOJavAHEadSiS1IdrWDBGggaM4yKAtTqyMd7Fr1XKyh2QyU0KYM97Mb4ZZECbF5RVfwaQSB2Yv1lgXV4GnaVzJ0WEA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5edef47b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data
Size:   106627
Md5:    d364dbe62f597a52a12578369294a26a
Sha1:   956f898c5a10b8f5029677f359a262ec06634282
Sha256: 7fc37b0c27e8a24a1a67fbfe22af0c03a725832835ff9d507e6ca4f8a6a5d278

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/reward/2.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 26474
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:58 GMT
last-modified: Fri, 22 Jul 2022 00:40:32 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84372
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7%2BCIudyGfFYLYfdLJF6SRY2HeVMyPOfqYrqEubUTT0LL3ZOWOoTSLxRwNx20N3rurjcxl6jgVqfRXQ2QolloeBxxoo3NMZ5lY5eJqoQQcysE4GHjjHeNYQ5QXZNj3SqEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5ee085f1bfe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size:   26474
Md5:    e1354ed1e173a0f644de60b8775019b0
Sha1:   9af8284123f1bd07081dc8fcb3e771fb6b435cc9
Sha256: 6d4fea2ffb9f3fb5c2758a8ec02a4f0ae70179c80d077a715658d6349575c1be

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/reward/5.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 82766
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:58 GMT
last-modified: Fri, 22 Jul 2022 08:01:16 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84372
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtySAZP0aML%2FrSBQ0msf%2F%2FrgIkSWR80Q3OhSciR7NEFS3UawYdXeX2jEZHfRv912lOJQ6QKkfNsPMscbx9RxzykMJ%2F2D3hV%2Fx%2BAr8RtKFcECtMaxhuasJTtuzsNmUq7rvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5ee0f96b4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 1080 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   82766
Md5:    6aec64013499cd73ca387e441b9b1c7d
Sha1:   c4dfd8a78f00a94ed7989885cc6b1f38e5eabd5d
Sha256: 5bf4c4167595d05f6c1f39e314697b36c32b892e39036e267df8b8437d715e07

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /js-zone/zero-zone.js HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 360
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:55 GMT
last-modified: Fri, 22 Apr 2022 09:48:20 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84375
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TrC%2F3IhSxXFox85ihLUskuzPJXMdb7nOBzRyrjH4rWvEXyKjpY9Gb8DkamUyqd5rNg%2Bh%2BNgHiUCfyvyJq5rPQS5GygDQgW%2BrNIQuQX2xRgyrQyPusH%2FsDleFP7qVtL%2Byw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ee18471c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (612)
Size:   360
Md5:    f5f344af95f2ea78322ba0231c998ad2
Sha1:   2cba1787df5a060739fc914ce979b71ec649b038
Sha256: b3c218d6b3ec189d95b6b97ec73d66f4665101a0cad0709753df919c520ba205

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /js-zone/alert-zone.js HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 16998
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:54 GMT
last-modified: Fri, 22 Apr 2022 09:48:20 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84376
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CinGX4fZR%2Fb2vF9%2FA3vaCgktSO3nzhmb4pHcyzMf2m0KbPAaCykvDcYLqTyNhsPQFLcOMWDPIvXBeDW3OeM8Gzpij0plCicXAINX1MccZGENlbxQi2OSyOtj%2Bf8fQHXWyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ee1a6ab505-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (64301)
Size:   16998
Md5:    5fc670873cc9844660062270f2fd1c5f
Sha1:   8f5a5f5c6d59675e6b9222e819464d3c509ec80d
Sha256: 272630f94545b1e2aa126c0ee68b70fbb9fd540f4cc2b2b3a9f6dd0471d90752

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "71A3D0681838451AEF58794E5247935C296EC65380F56D13C05A8AC84610564F"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Sun, 02 Oct 2022 23:23:29 GMT
Date: Sun, 02 Oct 2022 22:33:10 GMT
Connection: keep-alive

                                        
                                            GET /css-zone/style-zone.css HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 4091
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:55 GMT
last-modified: Fri, 22 Jul 2022 07:29:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84375
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Phb3yOQ9oTPUuamMVny7MmpCgA1055C9Vs6jABgixEhzBzV8waTuz3YlDlyHYUnOOI5yJf6%2BLzPxQHY4QDDZNRi188U56XTY6OXm50rHgUZPBFty2tWlIvBbIGzis9HtTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ee6fa5b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (411), with CRLF line terminators
Size:   4091
Md5:    53e35f55b773269a22ce02dbb1dbd706
Sha1:   d85c757da9f1c36bc1fe485ed95eb572020ac3e5
Sha256: 533e08a5c2c9e4bfdc631a64b0bb09cb734092e8f40e0b9a4320f6c7e3e1d10a

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /css-zone/zero-zone.css HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 987
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:55 GMT
last-modified: Fri, 22 Jul 2022 07:18:20 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84375
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LR%2BDxk9S3%2Fxke5Hdevdqj9GPgWCfA5CuSrZ6f4hWwEXal9EaiTGc1B%2FuJ2ihSQSdvhsube8aa0J0VpL6XDXo9s55AP3MeFoDM5efBNBC9rb7FxuwfzAzO2FpNkMyOJ3yKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ee68811c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   987
Md5:    3aa47aa4390ed572bb4ef868b757ff4c
Sha1:   97977f5c471c365c60bc9feb5f142cbdaeb2a717
Sha256: 9c5f2cebc910cf8dce739027d7b077e006cebd3aafaee201fb634044398e405f

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /m_1725u5z7i1.mp3 HTTP/1.1 
Host: l.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.21.235.194
HTTP/2 206 Partial Content
content-type: audio/mpeg
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:10 GMT
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 03 Oct 2022 22:09:50 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Mon, 03 Oct 2022 00:33:10 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size:   19781
Md5:    ee5b5d12064ae26f839b882edb33da62
Sha1:   6fa93ef00f294eec4ef05276e81813db1e95e346
Sha256: 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/event-title.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/css-zone/style-zone.css

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 91452
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:57 GMT
last-modified: Fri, 22 Jul 2022 07:42:34 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84373
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL89JNlUi8XEVQuS%2BFCvGXA%2BGfl%2B889VNAAv4vCnh9U1FdzTLQUeEI7KkNWX2o4jgzdAB9bxePgw%2Bs3%2BlEUUu7GpPR0el9RY0qYgJrl4w8fSqWItgeG1GeRJeElC319pIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5eea8b11c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 1264 x 306, 8-bit colormap, non-interlaced\012- data
Size:   91452
Md5:    d0b5d74003143278974b5ee42f53f8c3
Sha1:   94669dad88e1a654d0000274409faea9325737ab
Sha256: 1dd77507bb1776b8ed0ef178ce2c60b180d35a1af4696560dd8b346c4b774920

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/item-off.png HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/css-zone/zero-zone.css

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 114406
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 23:06:57 GMT
last-modified: Fri, 22 Jul 2022 00:31:54 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 84373
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4DtyEZrpkjl95vA9nrA7v1vxGaKHEbd880Rw0J4niEpLR8%2FOh2yNx5CP6X26xljPNST7sn0E%2BT1f2swPrVptfVsME9Rogj9cVtTTvJ0HSYaKvn4bgUXMrdYkcH7JQzkAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540e5eea84ab4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data
Size:   114406
Md5:    e22e8c64a52b9aee71d0325ad98434f5
Sha1:   263f3fd557ed077ffc73d579db99c4f08f856550
Sha256: 51c8dc27564c06b970dd2bbd406a3cd7670f3127148308e0a10729332a4f7d15

Alerts:
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /02KwtTc7/footer-bg.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.19.88.69
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:10 GMT
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Size:   11651
Md5:    27b8ceba13cb26a4ac6951cecdd4a5d3
Sha1:   accbec4f1b6038f0bcd2032da80c2ee342033d2e
Sha256: d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
                                        
                                            GET /m_1725zobal2.mp3 HTTP/1.1 
Host: a.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.159.64.45
HTTP/2 206 Partial Content
content-type: audio/mpeg
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:10 GMT
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 03 Oct 2022 22:09:50 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Mon, 03 Oct 2022 00:33:10 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size:   17691
Md5:    70ded6b0b406f9710307bc35e221629f
Sha1:   7034ec2ff72c936255b04c0890ce8976599380cc
Sha256: 22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pubgspin.my.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 20:24:16 GMT
expires: Thu, 28 Sep 2023 20:24:16 GMT
cache-control: public, max-age=31536000
age: 353334
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size:   13324
Md5:    b4082c888eefa2dca3fe2c9d46a87180
Sha1:   05aeb6c58175f659fe59eaca5a9d3735dd0530e3
Sha256: 352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 81SZ11eLnh2Eb3cHDsq1eQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.74.102
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SW7p7u+dpzZMLI3YzOd1r1KFN4g=

                                        
                                            GET /index_files/jquery.min.js.download HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Sun, 02 Oct 2022 22:33:09 GMT
Content-Length: 86927
Connection: keep-alive
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XL6kdKzGwWSshdTVE7P13m%2FDs5zjXTeyGGa8cdIZaZaiAKczQyq2H2CmNw8v7JAI1J6ZJdoKMROOUERc1rVMYfrdFqFQ153Qwp17laBb2kVVQeZhQX5IOwzct9US7Uc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5e9f83cb527-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   86927
Md5:    a09e13ee94d51c524b7e2a728c7d4039
Sha1:   0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
Sha256: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en/images/nav_shop.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 02 Oct 2022 22:33:10 GMT
content-length: 526
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size:   526
Md5:    ad0548f5478991acc360e6464247e82a
Sha1:   40e3e327eebfc39a8e45b1aa46b725d65390cdcc
Sha256: 6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
                                        
                                            GET /images/event/royalepassm13/m_bg_3.jpg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 125421
last-modified: Wed, 20 Jul 2022 05:46:16 GMT
etag: "62d796a8-1e9ed"
accept-ranges: bytes
cache-control: max-age=279
expires: Sun, 02 Oct 2022 22:37:49 GMT
date: Sun, 02 Oct 2022 22:33:10 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x1624, components 3\012- data
Size:   125421
Md5:    c7605644b75df6e9a7bdff8426fa84c2
Sha1:   931e26a910d9b673650cc2acacba30a7c086d1f6
Sha256: d17ffa328bc3680b6a3b5a17e113587beac035ebf78b3b60d3079f3f0f9bab55
                                        
                                            GET /en/images/nav_menu.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 02 Oct 2022 22:33:10 GMT
content-length: 426
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size:   426
Md5:    76f5753e4fe160785df31ef342ada1c1
Sha1:   a78cc3e318b79b7fe5e7eb8df11683706b518e8f
Sha256: 52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26
                                        
                                            GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=272
expires: Sun, 02 Oct 2022 22:37:42 GMT
date: Sun, 02 Oct 2022 22:33:10 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size:   75149
Md5:    92c19dc5bd77186e5bb8ed35ce668979
Sha1:   646bf70d1c669c7d7388f95a0a33755e4721289c
Sha256: 0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
                                        
                                            GET /css2?family=Teko&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 22:33:09 GMT
date: Sun, 02 Oct 2022 22:33:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   239538
Md5:    b9369ea6edc853546e2038b33fb9e427
Sha1:   ac28814ef08ee9d3e91f816677bd5d54a7814659
Sha256: c41b7cf3d95d3682e024402ef645ef8694f9340bc254699f28dffbdc905dbb31
                                        
                                            GET /en/images/nav_language.svg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 02 Oct 2022 22:33:10 GMT
content-length: 675
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size:   675
Md5:    77e7b8dcd13159c59219706782b1a897
Sha1:   a3c73409a8e9841a00b771d96ce6cb0ce76d222e
Sha256: 4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
                                        
                                            GET /media/spin.mp3 HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 132739
Connection: keep-alive
last-modified: Tue, 21 Jun 2022 00:07:42 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Content-Range: bytes 0-132738/132739
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtL2UXUIJ%2BTWsuRlVr3XgLjBFf%2BfMj%2BmYdUY%2FGQTv5%2BJttC8K05TuHtrl55cl3nGRObMJNXqNxN5QmLUcf5rvVgkkhaQOlkuaGS9mdWD0ggm4ltjNHEEwwjbH40glgqM%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5f029b7b4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data
Size:   132739
Md5:    5e6ad4032df296732508803deb114b90
Sha1:   99d585eab4db1d9d5555b5ea4aae2542c5c635e5
Sha256: 9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /en/images/footer_link_bg.png HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=298
expires: Sun, 02 Oct 2022 22:38:09 GMT
date: Sun, 02 Oct 2022 22:33:11 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced\012- data
Size:   1630
Md5:    92ae645b6114492e8c1c5464d949466a
Sha1:   1d27f2644c0f5e899e9478c78136a9bc94131150
Sha256: f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5351
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:33:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5351
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:33:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5351
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:33:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5351
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:33:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5351
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:33:11 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 2795
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 2795
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8158
Md5:    721a8d8f94c3796abf021978fcdbc831
Sha1:   3fc3aeae907a0ce0db21753c67c1000681e48b8e
Sha256: cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6983
x-amzn-requestid: e551848c-073a-4317-8841-1fc5fd8a38c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWb3EGdoAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044b-6c6a638527bb19f621cd40b1;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vwxQ66TiwYUOkU8eN1EMUraA6OlSIn7I1B9VHz9RrAL4z_RI_igMJQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 2795
etag: "2d543d6b1bed9901437c3b880bd415ece354cbf7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6983
Md5:    91079e915678800d2e2e1f68415d5dc4
Sha1:   2d543d6b1bed9901437c3b880bd415ece354cbf7
Sha256: b9bda55eef23a199fff3bd3fde22486ef4d50edd36b105b0ee13479b96c2ba22
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 64292
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QUAqebzhQ9iSZGYTDNVjov5z04lkVREs5HYXMjFziBKHiTJIEFtIyg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:25 GMT
age: 2866
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6321
Md5:    8bb7613964aef696917cb85a6d0bcac4
Sha1:   89ce0e6d742144439a96ace034adae4e7e167311
Sha256: 24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 400 Bad Request
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 22:33:11 GMT
content-length: 3
x-amzn-requestid: 16e94d98-943f-472b-b563-951d9e6592e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZeb1FuUIAMFoig=
cache-control: max-age=120,public
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a1118-35552ee27f01d28973cb41d6;Sampled=0
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Error from cloudfront
x-amz-cf-id: GUpg-HnzHQsH2gxEHyCDaUvj05BPHBrCqgo2QWGNGenzP01SbRoZIw==
age: 116
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    fcc3d7489d15ef49dbbf735234234cf7
Sha1:   654e0aaee80e38636c503629d32225db31a616de
Sha256: 52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f
                                        
                                            GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450 HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: application/x-empty; charset=binary
                                        
server: nginx
content-length: 1
x-amzn-requestid: e07bcab1-4238-4f19-bd9f-5c13df7d377f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWamH3tIAMFzbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0443-074d95046d062c2475ab5efb;Sampled=0
x-amzn-remapped-date:
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5YU9gPtzbBt1JHoOo05mPgE4n4VPzMcFzGczDf49M3vsULsxlD_4oQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:42:17 GMT
age: 3054
etag:
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    7215ee9c7d9dc229d2921a40e899ec5f
Sha1:   b858cb282617fb0956d960215c8e84d1ccf909c6
Sha256: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
                                        
                                            GET /common/images/icon_logo.jpg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=286
expires: Sun, 02 Oct 2022 22:37:57 GMT
date: Sun, 02 Oct 2022 22:33:11 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size:   982437
Md5:    b83d8d3e9beecfac081f4e742d27661c
Sha1:   448330670bef8c2ee17baf6d2410ca974341cb88
Sha256: 5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3695
x-amzn-requestid: f1f35cb1-9fc2-4694-8bf4-9d9e41f9bd7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabEM8oAMF0RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-3140202b1a3b892702978a7e;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kxxeDkHccWmlQFBbBf-5gKzqY0utY15Czvx0Ms7QS1lJMXExRmbjjQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:51:56 GMT
age: 2482
etag: "6d0cee63012a8f79aef1f1e751e2940582b981e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3695
Md5:    e3dfda0e06e989942bf45f4c2bf18d7c
Sha1:   6d0cee63012a8f79aef1f1e751e2940582b981e1
Sha256: a79d4015713255da4475ff9193ccfeed72737f5f03027a42fd86cc7b095ddf03
                                        
                                            GET /media/header.mp4 HTTP/1.1 
Host: pubgspin.my.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubgspin.my.id/

                                         
                                         104.21.61.36
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Date: Sun, 02 Oct 2022 22:33:10 GMT
Content-Length: 2804682
Connection: keep-alive
last-modified: Wed, 20 Jul 2022 23:22:44 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Content-Range: bytes 0-2804681/2804682
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXemWWnAtBq2ev2QzIXSGEydq%2FbsHuIoX%2Bc6XSssIm1fVsGFvwFvLH9EA5zNAbOjFGWd8ofSRaJexwEJm7FrqetF0R2vOiuNJ7jeVaCWg4JwLFX4zEs1c7I0S69tZA9zjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540e5ee9fdeb524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pubgspin.my.id
Connection: keep-alive
Referer: http://pubgspin.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 02 Oct 2022 22:33:09 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: cafbd7afbb858a0f67f1709f3ff5ccb4
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7540e5eabc8a0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---