Report - pubgwinter.com/

Report Overview

Submitted URL
pubgwinter.com/
IP
173.249.45.65
ASN
#51167 Contabo GmbH
Submitted
2022-09-23 19:45:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
1.kyudiezdf1.cf	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	8.5 MB	173.249.45.65
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	7.0 kB	104.17.25.14
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	33 kB	69.16.175.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.237.163.41
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	2.1 kB	142.250.74.10
www.pubgmobile.com	21653	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	81 kB	23.36.76.227
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	62 kB	142.250.74.106
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	930 B	28 kB	142.250.74.163
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	902 B	104.18.10.207
pubgwinter.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.7 kB	173.249.45.65
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
l.top4top.io	926491	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	20 kB	65.21.235.194
a.top4top.io	588496	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	18 kB	51.159.64.45
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.83
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	22 kB	151.101.85.229
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.20.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	pubgwinter.com/	Phishing
2022-09-23	medium	pubgwinter.com/	Phishing
2022-09-23	medium	pubgwinter.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200	Phishing
2022-09-23	medium	l.top4top.io/m_1725u5z7i1.mp3	Malware
2022-09-23	medium	a.top4top.io/m_1725zobal2.mp3	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	84 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 02:04:03 Times Seen13600 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-04-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-17 19:05:38 Times Seen13985 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	1.kyudiezdf1.cf/js/script.js	166 kB	2023-03-07	2023-03-07
Pretty URL 1.kyudiezdf1.cf/js/script.js IP 173.249.45.65 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:16 Last Seen2023-03-07 23:59:16 Times Seen1 Hash c72b1136544d8ae9a98c4705b4904df1 74f67e681062a60e6529c18679f1e2dd3092de60 8c30ae3a795ccab18e69c84d5792f9ea1228151907ead90256ecd980a547b9b1 Loading...

	pubgwinter.com/	324 B	2023-03-07	2023-03-07
Pretty URL pubgwinter.com/ IP 173.249.45.65 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:21 Last Seen2023-03-07 23:59:16 Times Seen1 Hash 8e97d8ee2a0416800dfda69f3451e32e 44e5e91841fbdb7f2fcfee5ec0d95b46cec8cba3 e2c39bb59094a67aee414bf146e579d9c783aa627ca0f1767b9a314f7c9e030c Loading...

	code.jquery.com/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 02:57:24 Times Seen10017 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

HTTP Transactions (90)

URL IP Response Size

pubgwinter.com/

173.249.45.65

301 Moved Permanently

231 B

URL HTTP/1.1
pubgwinter.com/
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
231 B (231 bytes)
Hash
0895676447d5c37aa026c494e38bda52
ca9a811423a99de82cec987d5a022530ed928b34
eccb9d521f47ecb3e36bcb7cd82847232848d0d3345320621382ecb274906850

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 19:45:11 GMT
Server: Apache
Location: https://pubgwinter.com/
Content-Length: 231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/

18.165.201.83

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.83:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 19:05:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: eVmcWy83oqILmh-miCgMg7jewpY6sDELoNfoNLPZvVwFG-f1bnJHww==
Age: 2397

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16697
Expires: Sat, 24 Sep 2022 00:23:28 GMT
Date: Fri, 23 Sep 2022 19:45:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4309
Expires: Fri, 23 Sep 2022 20:57:00 GMT
Date: Fri, 23 Sep 2022 19:45:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ya2OW8aS3X/333wnWL2MpmlfcKjGlRnsVrPa6bwL3dBX9I4BqEvm4SeNpEtmGx8tKSXgrM/JU2A=
x-amz-request-id: N62JJ1X34VFNK9WV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 19:44:35 GMT
age: 36
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

pubgwinter.com/

173.249.45.65

200 OK

983 B

URL HTTP/1.1
pubgwinter.com/
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- exported SGML document, ASCII text, with very long lines (371), with CRLF line terminators
Size
983 B (983 bytes)
Hash
b328574030a70cdba013831a54e78683
a965e10ba57dc301cd395c60b1ab848638d3f2fa
8268fe5771deb89a8fd1c3e3081270800d0746889816bb16c88e0e82ef0a94d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:45:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

pubgwinter.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200

173.249.45.65

404 Not Found

315 B

URL HTTP/1.1
pubgwinter.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200 HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css

151.101.85.229

200 OK

21 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65324)
Size
21 kB (21038 bytes)
Hash
f19c9e9b686533ff268ae6e13a2345d4
9f3eb00c18999ae1e3aee46c27157db75cd19b20
ed4f576f0efaef4889c69cc7d80c0d752196bd44ea774fa179667b90d9986965

HTTP Headers

GET /npm/bootstrap@4.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.3
x-jsd-version-type: version
etag: W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 19:45:12 GMT
age: 1976460
x-served-by: cache-fra19161-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21038
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
2d9e0062f7421d8467c6e7a09892823e
6c1fac8ecc361a9c31d77045c0f4c1b80a2066a0
13d64a51a2b28770bfecb173172b23c01103d5ebff43487ea1c31cb75d4ee074

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "D824D9F952286154B57FA0BD982017B68E873C98"
Expires: Sat, 24 Sep 2022 06:00:00 GMT
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3318
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f5c7838cdc0b69-OSL

pubgwinter.com/favicon.ico

173.249.45.65

404 Not Found

315 B

URL HTTP/1.1
pubgwinter.com/favicon.ico
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

1.kyudiezdf1.cf/

173.249.45.65

200 OK

20 kB

URL HTTP/1.1
1.kyudiezdf1.cf/
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
20 kB (19868 bytes)
Hash
da03024491aed56c88ab638265c6a408
d70e717c46795e2ffc37d099cdd0105c8b7e7a91
9c9163ff728e0eeb81c992aaef374bb7e84db6767d889704278da8b8d0601d4f

HTTP Headers

GET / HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

1.kyudiezdf1.cf/css/style.css

173.249.45.65

200 OK

14 kB

URL HTTP/1.1
1.kyudiezdf1.cf/css/style.css
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
assembler source, ASCII text
Size
14 kB (13834 bytes)
Hash
65ccd2e07ddac0376cb11501da611a99
facfaefa085d07ba8e68437ea5bf912ae3ac490e
d7cc4a3e3781209bb91d7cf2f3cc4a80d279ca42731cf9a022c33537bb110486

HTTP Headers

GET /css/style.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:07:24 GMT
Accept-Ranges: bytes
Content-Length: 13834
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 19:45:12 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6117955
expires: Wed, 13 Sep 2023 19:45:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koeUxUILmJ63zDRawnT00PXoee38ezlpWDOx32koUuuh%2FYG7chkhPKGqMy2XNHWu8Joxbg60JRXhDiOUmScmDahRzvgiXTKvXWVCNAI1EzEJaEsCdNf8tJ731MBg4t9ePEEBbEFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f5c78439c20b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Last-Modified: Fri, 23 Sep 2022 18:08:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

1.kyudiezdf1.cf/css/login/facebook.css

173.249.45.65

200 OK

3.1 kB

URL HTTP/1.1
1.kyudiezdf1.cf/css/login/facebook.css
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
ASCII text
Size
3.1 kB (3136 bytes)
Hash
7963984a8f422cb6cdabcb6597f3f252
8932b3a35c501044ccf88aab675703b972868182
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

HTTP Headers

GET /css/login/facebook.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:20:44 GMT
Accept-Ranges: bytes
Content-Length: 3136
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

1.kyudiezdf1.cf/css/login/twitter.css

173.249.45.65

200 OK

2.1 kB

URL HTTP/1.1
1.kyudiezdf1.cf/css/login/twitter.css
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
ASCII text
Size
2.1 kB (2068 bytes)
Hash
aa7cc463409f187509e7e5fb570e1d0c
0321e26b58b7f779248e23a56c9153c908d42ed6
6eb360154fcda50619dcbdbc620141c511b0a2be9bbee053f3abe67e70fd5533

HTTP Headers

GET /css/login/twitter.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:20:46 GMT
Accept-Ranges: bytes
Content-Length: 2068
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

code.jquery.com/jquery-1.10.2.min.js

69.16.175.10

200 OK

33 kB

URL HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 19:45:12 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663962312.dop205.sk1.t,1663962312.cds202.sk1.hn,1663962312.cds243.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Last-Modified: Fri, 23 Sep 2022 18:08:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.106

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 09:02:32 GMT
expires: Fri, 22 Sep 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 124960
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.106

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 14:39:25 GMT
expires: Fri, 22 Sep 2023 14:39:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 104747
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.kyudiezdf1.cf/css/animate.css

173.249.45.65

200 OK

78 kB

URL HTTP/1.1
1.kyudiezdf1.cf/css/animate.css
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
ASCII text
Size
78 kB (77906 bytes)
Hash
8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:07:22 GMT
Accept-Ranges: bytes
Content-Length: 77906
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.10

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1332 bytes)
Hash
759b343127f50d0480f867392a68a9cd
e3d5cdc2f9daddb521f54675db8e0a54ec838a15
72947b77cbf69ec97b689001dca2748fe484016520d271b5da40c19005497da9

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 19:45:12 GMT
date: Fri, 23 Sep 2022 19:45:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.kyudiezdf1.cf/js/script.js

173.249.45.65

200 OK

166 kB

URL HTTP/1.1
1.kyudiezdf1.cf/js/script.js
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
166 kB (165929 bytes)
Hash
c72b1136544d8ae9a98c4705b4904df1
74f67e681062a60e6529c18679f1e2dd3092de60
8c30ae3a795ccab18e69c84d5792f9ea1228151907ead90256ecd980a547b9b1

HTTP Headers

GET /js/script.js HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:25:30 GMT
Accept-Ranges: bytes
Content-Length: 165929
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

1.kyudiezdf1.cf/img/login-Method1.png

173.249.45.65

200 OK

29 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/login-Method1.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /img/login-Method1.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:00 GMT
Accept-Ranges: bytes
Content-Length: 28789
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/rewards/4.png

173.249.45.65

200 OK

222 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/4.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
222 kB (221935 bytes)
Hash
ed6111803a6b47a10fa56b05fa7156f5
f4488b14580271057652d4d7d9e97f79b6c13642
62e4f67fd71f684dc185546d106ecc86bf82972064e932b3bf324aa03cd3bbd6

HTTP Headers

GET /img/rewards/4.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:26 GMT
Accept-Ranges: bytes
Content-Length: 221935
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/popup-navbar.png

173.249.45.65

200 OK

46 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/popup-navbar.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1200 x 123, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (46205 bytes)
Hash
8d07369fdcdb66cb11ad805ddaf34bb8
4d2eebf5ce3d05855fb1cd137da29c630b468d55
92a9d074e024f93bd185d431c27d782328b389d8c324be07095bb4eaa32af91f

HTTP Headers

GET /img/popup-navbar.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:06 GMT
Accept-Ranges: bytes
Content-Length: 46205
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/footer-img.png

173.249.45.65

200 OK

14 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-img.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 669 x 99, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14457 bytes)
Hash
d8e7ade119fece88de74909f9625a4f4
fcd55a597136e98a1ef13fb4ec78b5fdfe5ddffb
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4

HTTP Headers

GET /img/footer-img.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 14457
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/navbar-logo.png

173.249.45.65

200 OK

177 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/navbar-logo.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
177 kB (177317 bytes)
Hash
d2d4c42a8bef48daa7c8151a838870c9
7ad25c9e369e069f97093188699bd58a2b298888
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587

HTTP Headers

GET /img/navbar-logo.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:02 GMT
Accept-Ranges: bytes
Content-Length: 177317
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/rewards/1.png

173.249.45.65

200 OK

540 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/1.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
540 kB (540405 bytes)
Hash
42099eac9bab675b923f48d6314d63f1
ab2f66be6bba5ea5113c38b12e1bfbda9ee6e6ce
d87e9dba724fa04a35dc5e727c97e696e4b141a0f3c0aeb02b977680c30f3c66

HTTP Headers

GET /img/rewards/1.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:24 GMT
Accept-Ranges: bytes
Content-Length: 540405
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/event-theme-title.png

173.249.45.65

200 OK

463 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/event-theme-title.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 3464 x 1052, 8-bit/color RGBA, non-interlaced\012- data
Size
463 kB (462978 bytes)
Hash
ec8c42b8e24bee8c140e6306fae720f2
6669784bcd55fdf2c0dd6c7350e93c8e9a5631b7
a6543bfb6b2e97ca0fa7fcbedf24da6a06a37b5d893ad6335c708c2581a18439

HTTP Headers

GET /img/event-theme-title.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Length: 462978
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/rewards/2.png

173.249.45.65

200 OK

567 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/2.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
567 kB (566643 bytes)
Hash
1a4571cf2f7554d3962c6fe1ed6aa8f5
7912e58f404fcb3b9745f9ec2d460e289c7c8a04
a1c4cf92120811e900ab96edbcca4f534af11eb4897ea29318455be00bd6c884

HTTP Headers

GET /img/rewards/2.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:26 GMT
Accept-Ranges: bytes
Content-Length: 566643
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/rewards/5.png

173.249.45.65

200 OK

243 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/5.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
243 kB (242568 bytes)
Hash
a50c137697907a2efc19dbd3cfda1454
4c36584ba51c55fcafe52afe1e8280373a1e00fc
b38a2d56c5597f326ac7e02098a9585651a2f49dc6a8f14508531ef201e7b88c

HTTP Headers

GET /img/rewards/5.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:28 GMT
Accept-Ranges: bytes
Content-Length: 242568
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/background.jpg

173.249.45.65

200 OK

811 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/background.jpg
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1440, orientation=[*0*], width=2560], baseline, precision 8, 2532x1440, components 3\012- data
Size
811 kB (810935 bytes)
Hash
e86588388ca7270baa837ac0585ce3a0
c6b81498926b85f6230cbbe6f806533c19022ccc
ec3f27f805adcd045fb9e95a6e1cc25f6397933ff8a7c5f042453b0f35f84078

HTTP Headers

GET /img/background.jpg HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:46 GMT
Accept-Ranges: bytes
Content-Length: 810935
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

1.kyudiezdf1.cf/img/event-theme-subtitle.png

173.249.45.65

404 Not Found

315 B

URL HTTP/1.1
1.kyudiezdf1.cf/img/event-theme-subtitle.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /img/event-theme-subtitle.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

1.kyudiezdf1.cf/img/btn-off.png

173.249.45.65

200 OK

10 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/btn-off.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Size
10 kB (10127 bytes)
Hash
2e09d03f4f375948d94c3d1b0f09e545
1ced072f209a0b4d732372ee6886b686af24a6c9
d1c394718be9565c7959ff182c4eda2e1cb5473adda6daf71356bbfc4d669f13

HTTP Headers

GET /img/btn-off.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:50 GMT
Accept-Ranges: bytes
Content-Length: 10127
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/btn-item.png

173.249.45.65

200 OK

9.7 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/btn-item.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 203 x 72, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9723 bytes)
Hash
76d0b6823004c888e72a711d65533667
54a8ef539dd23ba58251a0be9284390f76124436
b5534877294c67fc528ac2ebfdbdc291d47e3a6529fad8c8b14aaa03acf35d4c

HTTP Headers

GET /img/btn-item.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:48 GMT
Accept-Ranges: bytes
Content-Length: 9723
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.kyudiezdf1.cf/img/rewards/6.png

173.249.45.65

200 OK

353 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/6.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
353 kB (352875 bytes)
Hash
bc4e5f8b051ab1c2c40a49bbc1a46ae9
4d3d6a8671bb225c6d58c1baa7eb74a875d0b566
6608ed65607f94ca52aa9416f5db5f0539301701576401ce8002241d7098d029

HTTP Headers

GET /img/rewards/6.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:28 GMT
Accept-Ranges: bytes
Content-Length: 352875
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.83

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.83:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 19:33:00 GMT
Expires: Fri, 23 Sep 2022 20:31:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4c52c2a46d6ce20208b2160aa3b35a5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: qk_H6EJ_uijRrgPa4bARh4keqipjs0RfxOfA6Iq4q15oVqZnpXj_ZQ==
Age: 732

1.kyudiezdf1.cf/img/rewards/9.png

173.249.45.65

200 OK

474 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/9.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
474 kB (474524 bytes)
Hash
5910e7d35da0e8c82702176d8e6a3659
80279182a8c296f164ac905547254edc386b2c80
d0678c7cd837e539b72a1170214e5ee0214db87d473eef8a3fd8a75a025c7b50

HTTP Headers

GET /img/rewards/9.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:30 GMT
Accept-Ranges: bytes
Content-Length: 474524
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/rewards/3.png

173.249.45.65

200 OK

772 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/3.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
772 kB (772188 bytes)
Hash
bb37c8b8960c3ae424e8d9e44ba1c5c7
d40ea76a35db8be98dbd624320ead230132dfcbf
64f6c675d88b716aa5ee02773feb9e8f6a41b6b801170637a30e3ab1952141eb

HTTP Headers

GET /img/rewards/3.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:26 GMT
Accept-Ranges: bytes
Content-Length: 772188
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/containerHome.jpg

173.249.45.65

200 OK

1.2 MB

URL HTTP/1.1
1.kyudiezdf1.cf/img/containerHome.jpg
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1621, components 3\012- data
Size
1.2 MB (1191391 bytes)
Hash
d512f0d5b93704715277f11418480cea
cef99ac5a79c199c3ebc1a84bddff976bb659ec2
ee34c4c18af3345fb947be7630c2d8f631939aa856ffa6d0d4096e206605e0db

HTTP Headers

GET /img/containerHome.jpg HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:50 GMT
Accept-Ranges: bytes
Content-Length: 1191391
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

1.kyudiezdf1.cf/img/rewards/10.png

173.249.45.65

200 OK

338 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/10.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
338 kB (338490 bytes)
Hash
5ee7ddc853dd3919378e227c07f3983e
6bf03a319005e463aa9c90c51dcb3c02700ce902
140cb21830adfe83799ca54faf98387a3ac9d94c3e23d4fa5bc7a42c4acfc744

HTTP Headers

GET /img/rewards/10.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:32 GMT
Accept-Ranges: bytes
Content-Length: 338490
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Size
13 kB (13196 bytes)
Hash
5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c

HTTP Headers

GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1.kyudiezdf1.cf
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:04:04 GMT
expires: Tue, 19 Sep 2023 20:04:04 GMT
cache-control: public, max-age=31536000
age: 344468
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.kyudiezdf1.cf/img/rewards/8.png

173.249.45.65

200 OK

328 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/8.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
328 kB (328280 bytes)
Hash
bd1b37a538a2eaca665fae48dce75bcf
1182488a50e9795a044186b0b4dd18d3a5d5c3c0
1fa8c37c3fddd36eb89f94d13376598e4eb3b02b12e8bc06ad3e5595a225f1e2

HTTP Headers

GET /img/rewards/8.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:30 GMT
Accept-Ranges: bytes
Content-Length: 328280
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/rewards/11.png

173.249.45.65

200 OK

606 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/11.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
606 kB (606529 bytes)
Hash
0dd93b7d94e59ec35f50633b586e0bf7
28db736791459cd43d12f95cde0c371d8096ad17
96e43b5a1d1f042f1e6d45e10c9a4604da7a413e91aa62e31c8419af23f34c0e

HTTP Headers

GET /img/rewards/11.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:32 GMT
Accept-Ranges: bytes
Content-Length: 606529
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size
13 kB (13324 bytes)
Hash
b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6

HTTP Headers

GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1.kyudiezdf1.cf
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:23:43 GMT
expires: Thu, 21 Sep 2023 20:23:43 GMT
cache-control: public, max-age=31536000
age: 170489
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.kyudiezdf1.cf/img/footer-bg.jpg

173.249.45.65

200 OK

12 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-bg.jpg
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Size
12 kB (11651 bytes)
Hash
27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

HTTP Headers

GET /img/footer-bg.jpg HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Length: 11651
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

1.kyudiezdf1.cf/img/footer-socmed-1.png

173.249.45.65

200 OK

646 B

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-socmed-1.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
646 B (646 bytes)
Hash
d9b949876ffd15f8f62a6af5c3ce4225
fd7febfcad61f1cca9d60d284117e38ded1b32ed
5d48175e94e95b4e801686879daffd5c52bec5fd6d027d2d58b917a68717d670

HTTP Headers

GET /img/footer-socmed-1.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 646
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2724
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:13 GMT
Last-Modified: Fri, 23 Sep 2022 18:59:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

1.kyudiezdf1.cf/img/footer-socmed-2.png

173.249.45.65

200 OK

1.1 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-socmed-2.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 51 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1051 bytes)
Hash
ec2c26f319ff87f93b5db555f2f4f9d3
ae06369bb7369d3935e6bc823f88ccb817d4a4de
3e85dd60d3f26a55e620b5304c2a0053e47925d862c76ef67295a413708be7e9

HTTP Headers

GET /img/footer-socmed-2.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 1051
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/footer-socmed-3.png

173.249.45.65

200 OK

831 B

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-socmed-3.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 52 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
831 B (831 bytes)
Hash
f16f23a9441fe2bd148daceaa5ade434
0a1299df393af49a7b6204644fc1d09c1a032149
20aac3d9f780c22dc015a948d5991fec159b81dbc7df99002dc49b78db33c2f5

HTTP Headers

GET /img/footer-socmed-3.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:56 GMT
Accept-Ranges: bytes
Content-Length: 831
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/footer-socmed-4.png

173.249.45.65

200 OK

1.2 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-socmed-4.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1240 bytes)
Hash
a2e2c015e404a74a9a9873580de4bf86
f9c24d1c8f03c16d42bcd9ba4e393802b2cc6b43
fad672e88bc51db52fe1a1a949e9e5af70ea5ec010a1be1ecd1deb54d593cc8c

HTTP Headers

GET /img/footer-socmed-4.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:56 GMT
Accept-Ranges: bytes
Content-Length: 1240
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/footer-socmed-5.png

173.249.45.65

200 OK

908 B

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-socmed-5.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
908 B (908 bytes)
Hash
2c03fbdb681a30ba337e755ef542b08f
e2297377e89bd6b6627507e228ccd8eab443bfa5
bdf47d624e19676f645ae87439ae3ecd6f31519904b67ab17f1e62b6d3366541

HTTP Headers

GET /img/footer-socmed-5.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:58 GMT
Accept-Ranges: bytes
Content-Length: 908
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/rewards/12.png

173.249.45.65

200 OK

263 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/12.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
263 kB (263358 bytes)
Hash
9e297ff24155072b66dde55433047e79
fd7eb5ad17c5a45b91167b8ad55967807b66d47e
5f5a8aa15ff168c57ea6faaeec001e88c5d19f92c12406497dd1fa6feb341218

HTTP Headers

GET /img/rewards/12.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:34 GMT
Accept-Ranges: bytes
Content-Length: 263358
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/footer-socmed-6.png

173.249.45.65

200 OK

4.3 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/footer-socmed-6.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 184 x 140, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4316 bytes)
Hash
27eb10858d473bfd39cca3251fe35a26
f472c341ec3696a0c7bb85799495995ff72f941f
e0e93e88b46229223de82294608854d6578f0ade6f696b31f830cda37aae9b0e

HTTP Headers

GET /img/footer-socmed-6.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:58 GMT
Accept-Ranges: bytes
Content-Length: 4316
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/popup-box-bg.png

173.249.45.65

200 OK

197 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/popup-box-bg.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1200 x 494, 8-bit/color RGBA, non-interlaced\012- data
Size
197 kB (197340 bytes)
Hash
5d59f791b9edc8ca964d93e3b7561428
67f79028db1fe1121a651895b1375c0dbd4915d2
e5c022dcf8fa2728a24e4d119d76dbc383faa42b305450bb7dc096e9736883ea

HTTP Headers

GET /img/popup-box-bg.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:04 GMT
Accept-Ranges: bytes
Content-Length: 197340
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c39e5f1c325e73e69efd1e1f27c264e2
a2a3516cd183e4680e15979dbace203c44edd518
30a817cbad0436b91c95e9f4761f5c79edf716e94b870da205e030f170fef10d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30A817CBAD0436B91C95E9F4761F5C79EDF716E94B870DA205E030F170FEF10D"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4321
Expires: Fri, 23 Sep 2022 20:57:14 GMT
Date: Fri, 23 Sep 2022 19:45:13 GMT
Connection: keep-alive

1.kyudiezdf1.cf/img/rewards/7.png

173.249.45.65

200 OK

431 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/rewards/7.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
431 kB (431383 bytes)
Hash
ad60e8fa12e882edf283ad83294f8fe5
0bdddfcc2a59fe2147d6c59110ab405dadcb6881
cf9f4c2131480181c2351106b035ca2d7aaf7e9b4fa2aaa77acf781fda7c9525

HTTP Headers

GET /img/rewards/7.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:30 GMT
Accept-Ranges: bytes
Content-Length: 431383
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.kyudiezdf1.cf/img/popup-footer.png

173.249.45.65

200 OK

64 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/popup-footer.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 1200 x 144, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64086 bytes)
Hash
05bdc2e7a9b5a2adb0a0a6e74ef9b4fc
67aa09624c4466e018d7fa63f130ac951ddf5c5b
de9fe257e692daa75a0ddf6164ae6171c1d2f7eaab98cf5b0b2e5479b0195fa2

HTTP Headers

GET /img/popup-footer.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:06 GMT
Accept-Ranges: bytes
Content-Length: 64086
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/img/btn-on.png

173.249.45.65

200 OK

11 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/btn-on.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11056 bytes)
Hash
47b5981fe1e6139a4e5b2c9960143740
b6ed0c5c1bd07d0006770141972799e163a4aae0
3bc271d6a3d7ee4df7a4aa8ffe694c8ac720fb70cf5c9f235bf755cb6343dfef

HTTP Headers

GET /img/btn-on.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:50 GMT
Accept-Ranges: bytes
Content-Length: 11056
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

1.kyudiezdf1.cf/media/header.mp4

173.249.45.65

206 Partial Content

60 kB

URL HTTP/1.1
1.kyudiezdf1.cf/media/header.mp4
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
data
Size
60 kB (59547 bytes)
Hash
198a6cd0109b2157b98e9ae91297ee2f
bd2486ec7501016fd8b49af1c5dbb4d5fd4c075a
74b039c5458548a76e3759dfc9a26665fc28b6aaceab9c5498eff43c4168932e

HTTP Headers

GET /media/header.mp4 HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=7176192-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:15:40 GMT
Accept-Ranges: bytes
Content-Length: 59547
Content-Range: bytes 7176192-7235738/7235739
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: video/mp4

www.pubgmobile.com/en/images/footer_link_bg.png

23.36.76.227

200 OK

1.6 kB

URL HTTP/2
www.pubgmobile.com/en/images/footer_link_bg.png
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1630 bytes)
Hash
92ae645b6114492e8c1c5464d949466a
1d27f2644c0f5e899e9478c78136a9bc94131150
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417

HTTP Headers

GET /en/images/footer_link_bg.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=300
expires: Fri, 23 Sep 2022 19:50:13 GMT
date: Fri, 23 Sep 2022 19:45:13 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_download.svg

23.36.76.227

200 OK

485 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_download.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size
485 B (485 bytes)
Hash
105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2

HTTP Headers

GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 485
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.227

200 OK

675 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 675
X-Firefox-Spdy: h2

1.kyudiezdf1.cf/img/login-Method2.png

173.249.45.65

200 OK

4.3 kB

URL HTTP/1.1
1.kyudiezdf1.cf/img/login-Method2.png
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /img/login-Method2.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:00 GMT
Accept-Ranges: bytes
Content-Length: 4298
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.227

200 OK

426 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 426
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_shop.svg

23.36.76.227

200 OK

526 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_shop.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size
526 B (526 bytes)
Hash
ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3

HTTP Headers

GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 526
X-Firefox-Spdy: h2

www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg

23.36.76.227

200 OK

75 kB

URL HTTP/2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size
75 kB (75149 bytes)
Hash
92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

HTTP Headers

GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=294
expires: Fri, 23 Sep 2022 19:50:07 GMT
date: Fri, 23 Sep 2022 19:45:13 GMT
X-Firefox-Spdy: h2

l.top4top.io/m_1725u5z7i1.mp3

65.21.235.194

206 Partial Content

20 kB

URL HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
65.21.235.194:0
ASN
#24940 Hetzner Online GmbH

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
server: nginx
date: Fri, 23 Sep 2022 19:45:13 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 24 Sep 2022 19:21:53 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Fri, 23 Sep 2022 21:45:13 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

a.top4top.io/m_1725zobal2.mp3

51.159.64.45

206 Partial Content

18 kB

URL HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
51.159.64.45:0
ASN
#12876 Online S.a.s.

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
server: nginx
date: Fri, 23 Sep 2022 19:45:13 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 24 Sep 2022 19:21:53 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Fri, 23 Sep 2022 21:45:13 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.237.163.41

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.163.41:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qxSHI1oO9z19BFAga3mLCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yThLfWTpuFe83Ft2p3RS+gz7Ih8=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 79012
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14579 bytes)
Hash
f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 77606
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7005 bytes)
Hash
1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 78718
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10127 bytes)
Hash
b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 77866
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5340 bytes)
Hash
3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 77628
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8497 bytes)
Hash
7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 77627
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

1.kyudiezdf1.cf/media/header.mp4

173.249.45.65

206 Partial Content

0 B

URL HTTP/1.1
1.kyudiezdf1.cf/media/header.mp4
IP
173.249.45.65:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/header.mp4 HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:15:40 GMT
Accept-Ranges: bytes
Content-Length: 7235739
Content-Range: bytes 0-7235738/7235739
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: video/mp4

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 19:45:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9409066
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f5c7849b07b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (90)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type