Report - pubg-claim-2022.duckdns.org/

Report Overview

Submitted URL
pubg-claim-2022.duckdns.org/
IP
20.92.243.201
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-08-28 19:38:08
Access
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected

Detections

urlquery
24
Network Intrusion Detection
0
Threat Detection Systems
102

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	1.6 kB	4.4 kB	23.36.76.249
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-06T05:09:16Z	985 B	46 kB	104.17.25.14
www.pubgmobile.com	21653	2018-04-27T13:06:13Z	2023-03-06T04:32:06Z	3.3 kB	1.5 MB	23.36.76.250
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-06T08:54:25Z	419 B	746 B	142.250.74.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	35.165.182.128
pubg-claim-2022.duckdns.org	unknown			7.5 kB	1.1 MB	20.92.243.201
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-06T05:16:06Z	980 B	28 kB	142.250.74.163
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-06T05:09:10Z	289 B	33 kB	69.16.175.42
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-06T09:48:42Z	780 B	32 kB	216.58.207.202
i.ibb.co	13485	2018-11-25T11:13:48Z	2023-03-06T19:39:25Z	2.3 kB	352 kB	51.210.32.106
l.top4top.io	926491	2020-01-15T00:19:40Z	2023-03-06T04:32:05Z	444 B	20 kB	65.21.235.194
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.25
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	329 B	737 B	93.184.220.29
i.postimg.cc	23840	2018-04-11T12:01:12Z	2023-03-06T09:53:02Z	7.7 kB	840 kB	141.94.200.42
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-06T05:10:42Z	2.0 kB	4.2 kB	142.250.74.3
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-06T11:17:42Z	418 B	12 kB	104.18.11.207
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.2 kB	53 kB	34.120.237.76
a.top4top.io	588496	2019-12-05T19:36:40Z	2023-03-06T10:51:25Z	430 B	18 kB	51.159.64.45

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Tencent

PhishTank

Scan Date	Severity	Indicator	Alert
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-08-28	medium	pubg-claim-2022.duckdns.org/	Phishing
2022-08-28	medium	l.top4top.io/m_1725u5z7i1.mp3	Malware
2022-08-28	medium	a.top4top.io/m_1725zobal2.mp3	Malware
2022-08-28	medium	pubg-claim-2022.duckdns.org/media/header.mp4	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed
2022-08-28	medium	pubg-claim-2022.duckdns.org	Sinkholed

JavaScript (2)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 01:56:05 Times Seen37108387 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pubg-claim-2022.duckdns.org/	5.1 kB	2023-03-07	2023-05-29
Pretty URL pubg-claim-2022.duckdns.org/ IP 20.92.243.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:49 Last Seen2023-05-29 13:29:26 Times Seen3 Hash e049df3c78be66d3c55ae023cc93238f 0aba51b8a7468b0bafeef7f41a4bf27ed086693d 1c55edd7a9be9cb8fbe540b53e740c2669871f84afa34324a49e76cc8a58e86c Loading...

HTTP Transactions (90)

URL IP Response Size

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
21b1296f31569e4fb94048c52df34904
3e3194f640d71b9da28e809660443e332bdba310
7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4438
Expires: Sun, 28 Aug 2022 20:51:54 GMT
Date: Sun, 28 Aug 2022 19:37:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 28 Aug 2022 19:13:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J1LKUu0kzdq5Sjrb-68yPnPo7j04psz2_9Zxu_DkAQhOlsYR_bf0vA==
Age: 1437

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 27 Aug 2022 22:35:58 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lrr5TqjsTeo-XwwfPZvVPdzjmeGGCAx7oZe328snT_8CRZqx_4b4iA==
age: 75718
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 28 Aug 2022 19:17:13 GMT
Cache-Control: max-age=3600
Expires: Sun, 28 Aug 2022 19:47:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _TI9VQ1ARjPnfmcTW8nBgVXuurS-GZbFIj_du6vYNloHPMRYXN_aFQ==
Age: 1245

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
396ffb5d17a8a353f8f748959fcf7966
8301f51528695b9c8a48de0e6e889b603f34308c
a5c0dd3453bdba148aea970cda083b70b3ba680286a6c65878cc369d20f1d216

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1971
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:57 GMT
Last-Modified: Sun, 28 Aug 2022 19:05:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.165.182.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.182.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OTxz3wiP4ckLDA+S0WxXyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t5aw4NeZluEY2fI5ubll577ovrk=

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3871121
expires: Fri, 18 Aug 2023 19:37:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zf3WKIgaysZ54kOoUBKaNxWjCLi2OlU9vvWmegU87Dp1GGIHqo5vk%2Fm1vZKtHMosc2lUq23QIX5gdZo7zv0vdAaSQuWpm4Ks6%2BfqafFB79R1zTUgQizy%2BlVz4katkdt5g76GZsa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 741f812b3fe1b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pubg-claim-2022.duckdns.org/

20.92.243.201

200 OK

41 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5107), with CRLF line terminators
Size
41 kB (41158 bytes)
Hash
70b0d09be82cbb26d9c8d9817ee4370d
74c08cd48b0404adce0e5ddfaebaaa3c0ad24647
ecf28e6941b3d8071397e1f666ffb6cb7a608d6741d0f0360c511205612ed424

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:56 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

i.postimg.cc/SxQ04Qn4/navbar-logo.png

141.94.200.42

200 OK

177 kB

URL HTTP/2
i.postimg.cc/SxQ04Qn4/navbar-logo.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
177 kB (177317 bytes)
Hash
d2d4c42a8bef48daa7c8151a838870c9
7ad25c9e369e069f97093188699bd58a2b298888
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587

HTTP Headers

GET /SxQ04Qn4/navbar-logo.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 177317
last-modified: Tue, 22 Mar 2022 04:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

69.16.175.42

200 OK

33 kB

URL HTTP/1.1
code.jquery.com/jquery-1.10.2.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 32788
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-16bb3"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1661715478.dop015.sk1.t,1661715478.cds243.sk1.c

i.postimg.cc/mcxwnd22/new2.png

141.94.200.42

200 OK

36 kB

URL HTTP/2
i.postimg.cc/mcxwnd22/new2.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
36 kB (35866 bytes)
Hash
e3b1c8e5690e0c0d5b4485e62285de65
c01d6349432d28e16fe476a187e8d4c8c61d8b68
18e61cc494a55c748250b06e0e26f6950f6b796c0521c7b3721b0cd608778ff9

HTTP Headers

GET /mcxwnd22/new2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 35866
last-modified: Fri, 18 Mar 2022 01:22:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/jL18hKz3/11.png

141.94.200.42

200 OK

28 kB

URL HTTP/2
i.postimg.cc/jL18hKz3/11.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
28 kB (27925 bytes)
Hash
133689ccc8f7005104de4968da38ef03
cf993094907548ba1774ee89f3e3f0b27f8506cc
b08371e003d1f4540d4df11b3a6486dc3e6daa3b5806ddb2597f069b1b266292

HTTP Headers

GET /jL18hKz3/11.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 27925
last-modified: Sat, 30 Jul 2022 20:55:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

pubg-claim-2022.duckdns.org/css/style.css

20.92.243.201

200 OK

14 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/css/style.css
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
assembler source, ASCII text
Size
14 kB (13815 bytes)
Hash
fa2bb206e6b1ed508050f7b32c8075ad
465d5f46be3eb795facb1d85197a372e2c12f8d9
ff1ba6c62f2b02afd1349533350c5b9942a5b2dafdd111e6c41f9181c4690540

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 13815
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

i.postimg.cc/N5zb6s3X/new1.png

141.94.200.42

200 OK

30 kB

URL HTTP/2
i.postimg.cc/N5zb6s3X/new1.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
30 kB (30182 bytes)
Hash
8617f0d0753f97beeac331097ea14206
3bdd5911ecf53ab25b4f241b238c373ae74a1d62
8427617e2a1f7e380641c326fabcdefb3ab16503a787da55fead422be9c3d6b0

HTTP Headers

GET /N5zb6s3X/new1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 30182
last-modified: Fri, 18 Mar 2022 01:22:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/gx6gS5sz/12.png

141.94.200.42

200 OK

24 kB

URL HTTP/2
i.postimg.cc/gx6gS5sz/12.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
24 kB (24330 bytes)
Hash
4f1c6340077142bcd0de6f85baaafbcf
29da0ac1d70a40797843e691bdcfa0abcbbe1f9b
ba5b6a70b5170458469ae96d709fb371fc23e82966e1d8e7a1fda585dd664690

HTTP Headers

GET /gx6gS5sz/12.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 24330
last-modified: Sat, 30 Jul 2022 20:55:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/FHNVyZgK/newAkm2.png

141.94.200.42

200 OK

62 kB

URL HTTP/2
i.postimg.cc/FHNVyZgK/newAkm2.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
62 kB (62358 bytes)
Hash
ca7340f6a175ef563bf2f2c234580ef9
74b840a40d5695f788b7981d441425d45bc604b5
49d4eba953a972be1bf227524ff891c5d0ece3a5b791d1eb763bc879cc5a1f41

HTTP Headers

GET /FHNVyZgK/newAkm2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 62358
last-modified: Sun, 19 Jun 2022 19:33:25 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/g0zpWp22/oro-token.png

141.94.200.42

200 OK

70 kB

URL HTTP/2
i.postimg.cc/g0zpWp22/oro-token.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
70 kB (69802 bytes)
Hash
5e674b60372b9318fa895897136bd83c
034f4d0ad0cddd0719d15cd7cc2d14f51140e82f
fd200c0fdd15dbe9eb53f1a52c8a11cfc8285a5af17fdf5942593193629ff258

HTTP Headers

GET /g0zpWp22/oro-token.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 69802
last-modified: Fri, 05 Aug 2022 04:16:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b84adbf5826fcd175df4c0dca3a6893
73a9c60a4775da221cd24c98664b33571a2d7335
c0f8de8b417c69fadd41cfc20e023026b1e93d2ed447976faf40558be2c216a0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b84adbf5826fcd175df4c0dca3a6893
73a9c60a4775da221cd24c98664b33571a2d7335
c0f8de8b417c69fadd41cfc20e023026b1e93d2ed447976faf40558be2c216a0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.postimg.cc/0QWX9JsG/uc.png

141.94.200.42

200 OK

125 kB

URL HTTP/2
i.postimg.cc/0QWX9JsG/uc.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
125 kB (125141 bytes)
Hash
e0c2e2babc8f6a27605314995d1267ce
e5ee5efed8a21f0a8c462814b6b4cae296523746
8913ad939828cfd2b6ad95bf251c3cee0a55e715203d9b79dd2301f9f28e412c

HTTP Headers

GET /0QWX9JsG/uc.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 125141
last-modified: Thu, 17 Mar 2022 02:00:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/tRcvfPDp/material.png

141.94.200.42

200 OK

89 kB

URL HTTP/2
i.postimg.cc/tRcvfPDp/material.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit/color RGB, non-interlaced\012- data
Size
89 kB (89277 bytes)
Hash
2b1b5c8efcad287491b0325bd74330fa
0de22f17cc9638cd0abe3771e7a4eddf8aefc5d2
423cd07235036660a5f26c8fa74948471ae0d2974bf0866b3f6cc316b7c2819e

HTTP Headers

GET /tRcvfPDp/material.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 89277
last-modified: Thu, 17 Mar 2022 02:01:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/QxWYrtn5/paint.png

141.94.200.42

200 OK

108 kB

URL HTTP/2
i.postimg.cc/QxWYrtn5/paint.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
108 kB (107723 bytes)
Hash
10e82f09bc3347eadde722eee7a2546e
3e89404d354722c674d619f5fe834f9799c6f3a0
7f0cfba3ef55c9db49e2e61185b7b35b7c560cf30adb5863d1b6e799eb1284ee

HTTP Headers

GET /QxWYrtn5/paint.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 107723
last-modified: Thu, 17 Mar 2022 02:01:09 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/jnLQLD1x/footer-socmed-1.png

141.94.200.42

200 OK

5.8 kB

URL HTTP/2
i.postimg.cc/jnLQLD1x/footer-socmed-1.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5796 bytes)
Hash
bef4c998aafaa09e5d29d60f46525c62
6c7f350282f0f6dc01f577c3785e0aaea0fcc2e6
dfba7a0c7d120366be1d50ada6b75adcf62ac2038a1c08fd6e1c77071a38b5d1

HTTP Headers

GET /jnLQLD1x/footer-socmed-1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 5796
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/Thwcks3z/footer-socmed-2.png

141.94.200.42

200 OK

11 kB

URL HTTP/2
i.postimg.cc/Thwcks3z/footer-socmed-2.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 148, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10864 bytes)
Hash
80c10d25063bc5137b0fcf63b4d6165f
9655f83c214eaccb92d34d8b8ca83581a56fb2a7
16f1ccc0e0a89629ef11948c8de6ca77591a6f9b937b8de44ebc18358225bd80

HTTP Headers

GET /Thwcks3z/footer-socmed-2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 10864
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/bdB94RGs/footer-socmed-3.png

141.94.200.42

200 OK

6.6 kB

URL HTTP/2
i.postimg.cc/bdB94RGs/footer-socmed-3.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
6.6 kB (6571 bytes)
Hash
bc99de2d262f8daf5c75d55ea0328990
8af7007005a8725a1c2e2a4710101be68a7ebfea
d1e50bf94ebb01626c1045d43541f5989f67f6b3d62d3d6eb38e34fe0be94595

HTTP Headers

GET /bdB94RGs/footer-socmed-3.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 6571
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

216.58.207.202

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 19:00:12 GMT
expires: Sun, 27 Aug 2023 19:00:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 88666
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.postimg.cc/YvcfCqz7/footer-socmed-4.png

141.94.200.42

200 OK

14 kB

URL HTTP/2
i.postimg.cc/YvcfCqz7/footer-socmed-4.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13796 bytes)
Hash
023bfaf2a56a2b76e7afc94885893502
225d5166c4b3f7346e3bfef148d6bfb87b5b4a96
8014774799900154e012ac41d6cdd404adc93c5955535ee4bd5372e054e90443

HTTP Headers

GET /YvcfCqz7/footer-socmed-4.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 13796
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/w7RQzsJF/footer-socmed-5.png

141.94.200.42

200 OK

9.2 kB

URL HTTP/2
i.postimg.cc/w7RQzsJF/footer-socmed-5.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
9.2 kB (9205 bytes)
Hash
2a03905025f0e6e39ce3934cb40b170f
72ccd4a954ae859709be05f27c5e425dc0c810eb
a72b0b2226327f8af54d11c68347fd2930f05d48004c0f05e1ef39c3505d8ba0

HTTP Headers

GET /w7RQzsJF/footer-socmed-5.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 9205
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

11 kB

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
11 kB (11293 bytes)
Hash
39dfd28b84a286c68fa91cb6a161b2dc
5f4eaad62f6d047aa274deea99a7db36062709c1
1fd530f92ee14352a15c3e8ffa627cc3f939ecf80f290ee3c9fca46536b5b98f

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 7162232
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 741f812b3f24b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.postimg.cc/pV8Q4L9L/footer-img.png

141.94.200.42

200 OK

14 kB

URL HTTP/2
i.postimg.cc/pV8Q4L9L/footer-img.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 669 x 99, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14457 bytes)
Hash
d8e7ade119fece88de74909f9625a4f4
fcd55a597136e98a1ef13fb4ec78b5fdfe5ddffb
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4

HTTP Headers

GET /pV8Q4L9L/footer-img.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 14457
last-modified: Sun, 26 Dec 2021 01:40:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/dtyfWFF2/login-Method2.png

141.94.200.42

200 OK

4.3 kB

URL HTTP/2
i.postimg.cc/dtyfWFF2/login-Method2.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b84adbf5826fcd175df4c0dca3a6893
73a9c60a4775da221cd24c98664b33571a2d7335
c0f8de8b417c69fadd41cfc20e023026b1e93d2ed447976faf40558be2c216a0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

216.58.207.202

200 OK

472 B

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 09:02:32 GMT
expires: Fri, 25 Aug 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 297326
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pubg-claim-2022.duckdns.org/css/login/twitter.css

20.92.243.201

200 OK

2.1 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/css/login/twitter.css
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
2.1 kB (2068 bytes)
Hash
aa7cc463409f187509e7e5fb570e1d0c
0321e26b58b7f779248e23a56c9153c908d42ed6
6eb360154fcda50619dcbdbc620141c511b0a2be9bbee053f3abe67e70fd5533

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /css/login/twitter.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 2068
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

pubg-claim-2022.duckdns.org/css/login/facebook.css

20.92.243.201

200 OK

3.1 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/css/login/facebook.css
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
3.1 kB (3136 bytes)
Hash
7963984a8f422cb6cdabcb6597f3f252
8932b3a35c501044ccf88aab675703b972868182
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /css/login/facebook.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 3136
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sun, 28 Aug 2022 22:18:28 GMT
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sun, 28 Aug 2022 22:18:28 GMT
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sun, 28 Aug 2022 22:18:28 GMT
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10824 bytes)
Hash
e0a52aaf6cfd3c91ef396ec21e668634
96e49f02f48d8e212335722d7a95eba9b21050de
edd20b6a1790cc65fd16f64e6e58c01140d814ffb27a6fe6f41c7dc285a76b2b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10824
x-amzn-requestid: abf116d5-7ffd-4100-bbbb-f8ebcc903e48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJqgGfToAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307230f-058b88810d3d902475af52a3;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:21:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 1QjI_En26B7SLes62WrxkEODPzBCDiUUo8ttH3vOUYsTTTo-ucHIqA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 08:42:16 GMT
age: 39342
etag: "96e49f02f48d8e212335722d7a95eba9b21050de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3669e6e-88e8-42f1-8b3b-7bb300b93ae6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6527 bytes)
Hash
8609f20b4f6de9888a710a1a865a8cca
defd4c20c1034f6890d780022c94cab34cbf87f3
36444bc24a9bd966ab805567dd936db8fcded9244c675025c023fe99b32be5b0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3669e6e-88e8-42f1-8b3b-7bb300b93ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6527
x-amzn-requestid: e00d8dd2-45c6-4d2f-ac77-22b789af807f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xis-kE_ZIAMFuew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8ec3-365ab7026fbf1302654e6e4d;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:38:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Wi_nJPwhDPfeFP_UBplh5_IAa8HZsWoA6aA9kpTGPCx1EpNiQN8vKQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:43:56 GMT
age: 78842
etag: "defd4c20c1034f6890d780022c94cab34cbf87f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febffc56c-14ba-44c3-a52a-2f2dca64b931.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8884 bytes)
Hash
bd559f24c149a22515344de424d9836d
10ae4c1080524020dfeb06984c8c98aabe07db6a
176d82e8f33969b2060fc8d1c8ac93e3e0934f857d90bcdeb7d83454d7d0448d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febffc56c-14ba-44c3-a52a-2f2dca64b931.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: b83f1ecc-1efc-4178-84ce-9d05c053e078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitVoF9_oAMFegA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f57-098fcb077607ffbd2a589692;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GcDiexM3A8JfyGrpvFB9OVebksdmIlIM48gwihb_4qcAs3Nzb2253A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:55:42 GMT
age: 78136
etag: "10ae4c1080524020dfeb06984c8c98aabe07db6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6921 bytes)
Hash
f492a725bd0ff1ffb9bda36a618c8163
54ebcbafcc02053b2e9477ef29e89c9924abb9e0
bbe69be8f14be3d6fdf09fee9cfdcee5847875bc9f6f6097e4afe1692553c125

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6921
x-amzn-requestid: 727cc3c0-9535-43cf-8aa6-1f46d74a5e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xis-bGrXIAMF6ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8ec2-4794034041513a7022688600;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QiL5v8h4rNJMJ8tsIdWb0xv7H28K96hH3V8-Fg312NDEdkNZ32IedQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:45:27 GMT
age: 78751
etag: "54ebcbafcc02053b2e9477ef29e89c9924abb9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

i.postimg.cc/Ln5CfhZZ/10.png

141.94.200.42

200 OK

7.1 kB

URL HTTP/2
i.postimg.cc/Ln5CfhZZ/10.png
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7058 bytes)
Hash
d86049a1b34617a0d41fb4ef97009303
0c0aa0266043aa373afb74a15ab605fba7ceb654
02bcd4310d68f5cffd90c1cced9e9789876f3c51c1edb21f9b0dec1e659118b6

HTTP Headers

GET /Ln5CfhZZ/10.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 23805
last-modified: Sat, 30 Jul 2022 20:55:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7505 bytes)
Hash
ef5729bf444dd3cc7b8e7945187e09ee
ec62fa681d45d696fc7308fede11cd16979594fd
34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UFJ0DtBufSFfM1vFxdagMV5tpP5ZEH2NbdduFvVM6sL7UVpdhSBhGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:03:39 GMT
age: 77659
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg

23.36.76.250

200 OK

75 kB

URL HTTP/2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size
75 kB (75149 bytes)
Hash
92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

HTTP Headers

GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=259
expires: Sun, 28 Aug 2022 19:42:18 GMT
date: Sun, 28 Aug 2022 19:37:59 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.250

200 OK

675 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 675
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_shop.svg

23.36.76.250

200 OK

526 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_shop.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size
526 B (526 bytes)
Hash
ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3

HTTP Headers

GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 526
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.250

200 OK

426 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 426
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_download.svg

23.36.76.250

200 OK

485 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_download.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size
485 B (485 bytes)
Hash
105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2

HTTP Headers

GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 485
X-Firefox-Spdy: h2

pubg-claim-2022.duckdns.org/css/animate.css

20.92.243.201

200 OK

78 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/css/animate.css
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
78 kB (77906 bytes)
Hash
8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 77906
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.pubgmobile.com/en/images/footer_link_bg.png

23.36.76.250

200 OK

1.6 kB

URL HTTP/2
www.pubgmobile.com/en/images/footer_link_bg.png
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1630 bytes)
Hash
92ae645b6114492e8c1c5464d949466a
1d27f2644c0f5e899e9478c78136a9bc94131150
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417

HTTP Headers

GET /en/images/footer_link_bg.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
cache-control: max-age=294
expires: Sun, 28 Aug 2022 19:42:53 GMT
date: Sun, 28 Aug 2022 19:37:59 GMT
X-Firefox-Spdy: h2

i.postimg.cc/DZYQm0Gm/footer-bg.jpg

141.94.200.42

200 OK

12 kB

URL HTTP/2
i.postimg.cc/DZYQm0Gm/footer-bg.jpg
IP
141.94.200.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Size
12 kB (11651 bytes)
Hash
27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

HTTP Headers

GET /DZYQm0Gm/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 13 Apr 2022 14:17:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

104.17.25.14

200 OK

38 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Size
38 kB (38384 bytes)
Hash
a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pubg-claim-2022.duckdns.org
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2155768
expires: Fri, 18 Aug 2023 19:37:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjJr8WV%2BVfq8txluZMWO0%2Bu%2FeG8PBTBf9ra3wOjNf5LJ4rz3FuuqPj8ZlCIB8mWONb2hl7HaUrd4yDnkXOCB7SirTKxom0JnGA0sBJe9cQQ6psn2C%2FqyTa94SNguHkzeb6udHYsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 741f8131df2eb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ab82d0d153255175b1c3c600842227d
a6c6d3bd5479cc2977dd6cf320ad80572f54c1e0
0423daa554124197ae0b9184e4d38dcebeb41906b300fd4d7c2d05eabb9fb90f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ab82d0d153255175b1c3c600842227d
a6c6d3bd5479cc2977dd6cf320ad80572f54c1e0
0423daa554124197ae0b9184e4d38dcebeb41906b300fd4d7c2d05eabb9fb90f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Size
13 kB (13196 bytes)
Hash
5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c

HTTP Headers

GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pubg-claim-2022.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Aug 2022 20:03:01 GMT
expires: Tue, 22 Aug 2023 20:03:01 GMT
cache-control: public, max-age=31536000
age: 516898
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.ibb.co/JFdHX4V/image-76-1.png

51.210.32.106

200 OK

50 kB

URL HTTP/2
i.ibb.co/JFdHX4V/image-76-1.png
IP
51.210.32.106:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
50 kB (50506 bytes)
Hash
648b649c67b8edc4a6894a4969bd85eb
fc80a4331961605198cb658cd95d828c02fa69ca
b965c4ef303c587bc3ee12976a43614f006369ab8875227c9693f84d6bd4a1c2

HTTP Headers

GET /JFdHX4V/image-76-1.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 50506
last-modified: Wed, 18 May 2022 21:28:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size
13 kB (13324 bytes)
Hash
b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6

HTTP Headers

GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pubg-claim-2022.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 20:23:33 GMT
expires: Thu, 24 Aug 2023 20:23:33 GMT
cache-control: public, max-age=31536000
age: 342866
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c118eef91fe22eef7bc3240005f3
08b38e7c41b8b768f843b852e115ad1457214782
a8b29486dccc90250db5d7001703d7fec94914ecd6952e0d7c5d424bf3afce7d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8B29486DCCC90250DB5D7001703D7FEC94914ECD6952E0D7C5D424BF3AFCE7D"
Last-Modified: Sun, 28 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2641
Expires: Sun, 28 Aug 2022 20:22:00 GMT
Date: Sun, 28 Aug 2022 19:37:59 GMT
Connection: keep-alive

i.ibb.co/wzvvStV/grozaNew.png

51.210.32.106

200 OK

63 kB

URL HTTP/2
i.ibb.co/wzvvStV/grozaNew.png
IP
51.210.32.106:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
63 kB (62708 bytes)
Hash
27da5ec6e2a9e8f5512581ca04e7ea74
6e61fa887fa9b22ee4215c55e58379ab7d50aded
782af9b9f518e0b32809fa163a30ac68afb535c2a9a8ae7bf9abc2a74dc1dc9d

HTTP Headers

GET /wzvvStV/grozaNew.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 62708
last-modified: Wed, 20 Jul 2022 18:11:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

l.top4top.io/m_1725u5z7i1.mp3

65.21.235.194

206 Partial Content

20 kB

URL HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
65.21.235.194:0
ASN
#24940 Hetzner Online GmbH

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 29 Aug 2022 19:14:39 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Sun, 28 Aug 2022 21:37:59 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ab82d0d153255175b1c3c600842227d
a6c6d3bd5479cc2977dd6cf320ad80572f54c1e0
0423daa554124197ae0b9184e4d38dcebeb41906b300fd4d7c2d05eabb9fb90f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.ibb.co/tKnVNF1/8.png

51.210.32.106

200 OK

51 kB

URL HTTP/2
i.ibb.co/tKnVNF1/8.png
IP
51.210.32.106:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
51 kB (50570 bytes)
Hash
742d41afca510b1a14cb9c938cb2113f
798dcd1999508cf32c6d805408a5b74a70aa6513
5e204eb0349c0f0360a0be3b45d85419b311c5226d731b8892642a1f90398ae9

HTTP Headers

GET /tKnVNF1/8.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 50570
last-modified: Fri, 15 Apr 2022 01:21:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/VMrskWj/awmNew.png

51.210.32.106

200 OK

49 kB

URL HTTP/2
i.ibb.co/VMrskWj/awmNew.png
IP
51.210.32.106:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
49 kB (48714 bytes)
Hash
f65c87b62280a2834391ae87122e3dcb
0af064678505e4eb7113dc0e4170e627d16e177d
189a14b50b0eb6cea30d1e49d5faa015bd7847abbc035a9714d9fa741374f968

HTTP Headers

GET /VMrskWj/awmNew.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 48714
last-modified: Wed, 20 Jul 2022 18:13:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/Wg93jRK/image-77-1.png

51.210.32.106

200 OK

62 kB

URL HTTP/2
i.ibb.co/Wg93jRK/image-77-1.png
IP
51.210.32.106:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
62 kB (61931 bytes)
Hash
97c1e3eff80c6d61d01542595a0d22d8
4e4d993e4f0aef5e4040f6d4984fd83c222f8453
10d5b2c3eb2c23d0008541d08afb42eb0ed9a6e69b029624c0f69a36f6f649d9

HTTP Headers

GET /Wg93jRK/image-77-1.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 61931
last-modified: Wed, 18 May 2022 21:28:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/x3fJgmc/skorpion-New.png

51.210.32.106

200 OK

76 kB

URL HTTP/2
i.ibb.co/x3fJgmc/skorpion-New.png
IP
51.210.32.106:0
ASN
#16276 OVH SAS

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
76 kB (75723 bytes)
Hash
232c69eacdb31b3a92859b5e150c66b1
fba58752be2a3196998e1e66b04a71ce42ebf07a
06f451e2dbbb9826d4009a57b44b2c169afc808df299242951353f90a0b3a06b

HTTP Headers

GET /x3fJgmc/skorpion-New.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 75723
last-modified: Wed, 20 Jul 2022 18:11:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

pubg-claim-2022.duckdns.org/img/rewards/7.png

20.92.243.201

200 OK

43 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/7.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
43 kB (42929 bytes)
Hash
e5180149f3673bfc57b3466b6812db0c
42222511d009109d3fb6e6597d6f0bd2fd34f85f
6fb3b245fd49c64511a7d4ba088d61b648f17d9bc30e61ac56a883aea99488f6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/7.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 42929
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

www.pubgmobile.com/images/event/Iridescencex_suit/bg1.jpg

23.36.76.250

200 OK

404 kB

URL HTTP/2
www.pubgmobile.com/images/event/Iridescencex_suit/bg1.jpg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x960, components 3\012- data
Size
404 kB (403762 bytes)
Hash
be3790e36fe50b56d89fb8273574d7e1
59f2507d463c59a68e0590ba0b73a8cadaac3e59
5c4f4fb8eacc88b8897b932046dd54607304eda10d37342c4e8d5ab95b3bd1f1

HTTP Headers

GET /images/event/Iridescencex_suit/bg1.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 403762
last-modified: Tue, 19 Jul 2022 10:39:34 GMT
etag: "62d689e6-62932"
accept-ranges: bytes
cache-control: max-age=300
expires: Sun, 28 Aug 2022 19:42:59 GMT
date: Sun, 28 Aug 2022 19:37:59 GMT
X-Firefox-Spdy: h2

a.top4top.io/m_1725zobal2.mp3

51.159.64.45

206 Partial Content

18 kB

URL HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
51.159.64.45:0
ASN
#12876 Online S.a.s.

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 29 Aug 2022 19:14:39 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Sun, 28 Aug 2022 21:37:59 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

pubg-claim-2022.duckdns.org/img/rewards/5.png

20.92.243.201

200 OK

48 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/5.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
48 kB (47847 bytes)
Hash
7afba64c5b2bf8b310725a35665aad06
0a70ae376d464a7ffbfa17eb889aa5e7536d5b56
b04e52225adff7597200c7986b0f4e0a9a99e67f687197ff66291aa61831f6bd

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/5.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 47847
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/rewards/3.png

20.92.243.201

200 OK

56 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/3.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
56 kB (55715 bytes)
Hash
f321d00829e1622da254971d64b2eea5
76b0a7fb8d89884612a387a469ac5170650b8a45
55a4d4a16b843e122b944d6cf50254649faff55f7820cff36a3d68f127f89613

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/3.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 55715
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/rewards/2.png

20.92.243.201

200 OK

98 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/2.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
98 kB (97609 bytes)
Hash
68e280953bc06a09c500337f92b5b0c7
99c94ee862154a8cd2be88f01df0e90250a335e7
4c664b9b545718905fc5ae165f8133d7f835fb59b0ea21b5dc036fc884c4c27c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/2.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 97609
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/rewards/4.png

20.92.243.201

200 OK

57 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/4.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
57 kB (56712 bytes)
Hash
ba3c663afef6e1aaa3b97bcd62607b65
5580e17e81ff68dd3e199556b3b69df0519c2ac0
07c99fdf99d3fc3ee79d19251a69b02de137745a2a04d9d5d3bee370f29e0433

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/4.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 56712
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/container.jpg

20.92.243.201

200 OK

78 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/container.jpg
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 617x960, components 3\012- data
Size
78 kB (78177 bytes)
Hash
b1aec04b66b503986d1ddef7ae7671de
45fb758a5c3c30b23584944d046cd3ac56611bff
b6eaac7ff955ab0191ed2ac2e94f9e431d5c2d1c0c92a24ce09b18ec4213dab6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/container.jpg HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 78177
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

pubg-claim-2022.duckdns.org/img/btn-off.png

20.92.243.201

200 OK

10 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/btn-off.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Size
10 kB (10127 bytes)
Hash
2e09d03f4f375948d94c3d1b0f09e545
1ced072f209a0b4d732372ee6886b686af24a6c9
d1c394718be9565c7959ff182c4eda2e1cb5473adda6daf71356bbfc4d669f13

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/btn-off.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 10127
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/btn-item.png

20.92.243.201

200 OK

9.7 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/btn-item.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 203 x 72, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9723 bytes)
Hash
76d0b6823004c888e72a711d65533667
54a8ef539dd23ba58251a0be9284390f76124436
b5534877294c67fc528ac2ebfdbdc291d47e3a6529fad8c8b14aaa03acf35d4c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/btn-item.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 9723
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/rewards/6.png

20.92.243.201

200 OK

59 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/6.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
59 kB (58761 bytes)
Hash
55ee43b65409b2a87d10fafedd353f95
71fa72741282d050a755fb4fe5aa2037a5d6fcb0
489b2845a0e8e2cb111062d8c314b2c4868cccc92978a391bae391e2629841fe

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/6.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 58761
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/event-title.png

20.92.243.201

200 OK

55 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/event-title.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 632 x 186, 8-bit colormap, non-interlaced\012- data
Size
55 kB (55405 bytes)
Hash
29331d1ec7a39499404484c8aab400bb
96f40b89f0ba20b3a22fcc08c6c4dfd69247fbc8
e8edabcd6925f2bc85cabaccd4967ce8b32ebe12492b525df41d789d96cd6896

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/event-title.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 55405
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/event-notification-icon.png

20.92.243.201

200 OK

75 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/event-notification-icon.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 825 x 877, 8-bit colormap, non-interlaced\012- data
Size
75 kB (74705 bytes)
Hash
3eccbc9590e6d537250cea12c71d2f15
7d77027f056da10caea0c0eb761427a52fb7a0f1
f3d9a7daa276d41fb98a4c936589a0ac72e676664721e8935462550343f5e4c4

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/event-notification-icon.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 74705
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/rewards/9.png

20.92.243.201

200 OK

49 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/9.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
49 kB (49192 bytes)
Hash
9b415b1c7f4b4c092fad508faf38e3c4
36aed795932f8883c46ea755d30e8ecac0119b91
4b7c7ad8916af8ba876e1112f7db0ed7f87a10fc1cbd7729d3474c4b696f706b

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/9.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 49192
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/rewards/8.png

20.92.243.201

200 OK

42 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/8.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
42 kB (41719 bytes)
Hash
4aafddf7cc90a334e1e57a62a8cb536a
6821966b02f3b5c8c4f5d2c2d259a0d8bdd231aa
cb22bc0bcea21d8c8b4e89b4e445663f241df00f7d14f9bb78c178844c06c13f

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/8.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 41719
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/btn-on.png

20.92.243.201

200 OK

11 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/btn-on.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11056 bytes)
Hash
47b5981fe1e6139a4e5b2c9960143740
b6ed0c5c1bd07d0006770141972799e163a4aae0
3bc271d6a3d7ee4df7a4aa8ffe694c8ac720fb70cf5c9f235bf755cb6343dfef

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/btn-on.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 11056
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/socmedBtn1.png

20.92.243.201

200 OK

6.7 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/socmedBtn1.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 147 x 156, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6678 bytes)
Hash
6e1d5e4fb549432547ee49fb334254bb
7d908212d6a1b2148dc44a0aba7903d8293e1173
7313c48d93649d144bbdfc4adebf8d302adf075883fe37a5d74a3ba4d0bd9d1c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/socmedBtn1.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 6678
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/socmedBtn2.png

20.92.243.201

200 OK

6.2 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/socmedBtn2.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 147 x 156, 8-bit colormap, non-interlaced\012- data
Size
6.2 kB (6238 bytes)
Hash
66487b3b76f532a442fefe59c0f9f136
804d5c2a49842a7695adf3068a6135c77d76c5cf
28cf56f6e2b7a366ad36dc948d6140be4bc7ccc926327c3c27b9ea0017c6dde1

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/socmedBtn2.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 6238
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

pubg-claim-2022.duckdns.org/img/rewards/1.png

20.92.243.201

200 OK

296 kB

URL HTTP/1.1
pubg-claim-2022.duckdns.org/img/rewards/1.png
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1280 x 1280, 8-bit colormap, non-interlaced\012- data
Size
296 kB (296197 bytes)
Hash
c4f988be726e7d0648c9f47238275394
89219841b0255e0d2848ff056ccdda2de9c8e549
a8594a35e07899735a9555369bf943e0c04b8738dec42b9da34083a61026678b

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
quad9	Sinkholed

HTTP Headers

GET /img/rewards/1.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 296197
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

www.pubgmobile.com/common/images/icon_logo.jpg

23.36.76.250

200 OK

982 kB

URL HTTP/2
www.pubgmobile.com/common/images/icon_logo.jpg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size
982 kB (982437 bytes)
Hash
b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d

HTTP Headers

GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=19
expires: Sun, 28 Aug 2022 19:38:19 GMT
date: Sun, 28 Aug 2022 19:38:00 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F933e0e21-c280-4b74-a8f8-65fce6314d41.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6305 bytes)
Hash
3dc873af5fc2b0ca028c7cfef840ab59
48f405786f10c0ec70fd69cf63c44fa6b8a164f4
d48a9846a6a470b7d88bfe521b3adae3f9827419b4ae09c78e22f0d8a4c0e0f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F933e0e21-c280-4b74-a8f8-65fce6314d41.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6305
x-amzn-requestid: c8e3d17b-c4fe-474b-aaf4-14fa94606200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xita3EUZoAMFqiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f78-42546a656b9222f12893ddf9;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:41:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: H6vVCulD-zli69M5-qvPjeNmwhRlRmcsA8iDXJDcKSgCXsLDD5lHsg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:48:01 GMT
age: 78604
etag: "48f405786f10c0ec70fd69cf63c44fa6b8a164f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pubg-claim-2022.duckdns.org/media/header.mp4

20.92.243.201

206 Partial Content

0 B

URL HTTP/1.1
pubg-claim-2022.duckdns.org/media/header.mp4
IP
20.92.243.201:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Tencent
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /media/header.mp4 HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/

HTTP/1.1 206 Partial Content
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 3548215
Content-Range: bytes 0-3548214/3548215
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: video/mp4

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Aug 2022 19:37:58 GMT
date: Sun, 28 Aug 2022 19:37:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (90)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1