r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 21b1296f31569e4fb94048c52df34904
3e3194f640d71b9da28e809660443e332bdba310
7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4438
Expires: Sun, 28 Aug 2022 20:51:54 GMT
Date: Sun, 28 Aug 2022 19:37:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 28 Aug 2022 19:13:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J1LKUu0kzdq5Sjrb-68yPnPo7j04psz2_9Zxu_DkAQhOlsYR_bf0vA==
Age: 1437
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 27 Aug 2022 22:35:58 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lrr5TqjsTeo-XwwfPZvVPdzjmeGGCAx7oZe328snT_8CRZqx_4b4iA==
age: 75718
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 28 Aug 2022 19:17:13 GMT
Cache-Control: max-age=3600
Expires: Sun, 28 Aug 2022 19:47:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _TI9VQ1ARjPnfmcTW8nBgVXuurS-GZbFIj_du6vYNloHPMRYXN_aFQ==
Age: 1245
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 396ffb5d17a8a353f8f748959fcf7966
8301f51528695b9c8a48de0e6e889b603f34308c
a5c0dd3453bdba148aea970cda083b70b3ba680286a6c65878cc369d20f1d216
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1971
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:57 GMT
Last-Modified: Sun, 28 Aug 2022 19:05:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.182.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.182.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OTxz3wiP4ckLDA+S0WxXyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t5aw4NeZluEY2fI5ubll577ovrk=
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3871121
expires: Fri, 18 Aug 2023 19:37:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zf3WKIgaysZ54kOoUBKaNxWjCLi2OlU9vvWmegU87Dp1GGIHqo5vk%2Fm1vZKtHMosc2lUq23QIX5gdZo7zv0vdAaSQuWpm4Ks6%2BfqafFB79R1zTUgQizy%2BlVz4katkdt5g76GZsa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 741f812b3fe1b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pubg-claim-2022.duckdns.org/
20.92.243.201200 OK 41 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5107), with CRLF line terminators
Hash 70b0d09be82cbb26d9c8d9817ee4370d
74c08cd48b0404adce0e5ddfaebaaa3c0ad24647
ecf28e6941b3d8071397e1f666ffb6cb7a608d6741d0f0360c511205612ed424
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
phishtank Other
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:56 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
i.postimg.cc/SxQ04Qn4/navbar-logo.png
141.94.200.42200 OK 177 kB URL HTTP/2 i.postimg.cc/SxQ04Qn4/navbar-logo.png
IP 141.94.200.42:0
File type PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 177 kB (177317 bytes)
Hash d2d4c42a8bef48daa7c8151a838870c9
7ad25c9e369e069f97093188699bd58a2b298888
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587
GET /SxQ04Qn4/navbar-logo.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 177317
last-modified: Tue, 22 Mar 2022 04:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.10.2.min.js
69.16.175.42200 OK 33 kB URL HTTP/1.1 code.jquery.com/jquery-1.10.2.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 32788
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-16bb3"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1661715478.dop015.sk1.t,1661715478.cds243.sk1.c
i.postimg.cc/mcxwnd22/new2.png
141.94.200.42200 OK 36 kB URL HTTP/2 i.postimg.cc/mcxwnd22/new2.png
IP 141.94.200.42:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash e3b1c8e5690e0c0d5b4485e62285de65
c01d6349432d28e16fe476a187e8d4c8c61d8b68
18e61cc494a55c748250b06e0e26f6950f6b796c0521c7b3721b0cd608778ff9
GET /mcxwnd22/new2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 35866
last-modified: Fri, 18 Mar 2022 01:22:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/jL18hKz3/11.png
141.94.200.42200 OK 28 kB URL HTTP/2 i.postimg.cc/jL18hKz3/11.png
IP 141.94.200.42:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 133689ccc8f7005104de4968da38ef03
cf993094907548ba1774ee89f3e3f0b27f8506cc
b08371e003d1f4540d4df11b3a6486dc3e6daa3b5806ddb2597f069b1b266292
GET /jL18hKz3/11.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 27925
last-modified: Sat, 30 Jul 2022 20:55:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
pubg-claim-2022.duckdns.org/css/style.css
20.92.243.201200 OK 14 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/css/style.css
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text
Hash fa2bb206e6b1ed508050f7b32c8075ad
465d5f46be3eb795facb1d85197a372e2c12f8d9
ff1ba6c62f2b02afd1349533350c5b9942a5b2dafdd111e6c41f9181c4690540
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 13815
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
i.postimg.cc/N5zb6s3X/new1.png
141.94.200.42200 OK 30 kB URL HTTP/2 i.postimg.cc/N5zb6s3X/new1.png
IP 141.94.200.42:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 8617f0d0753f97beeac331097ea14206
3bdd5911ecf53ab25b4f241b238c373ae74a1d62
8427617e2a1f7e380641c326fabcdefb3ab16503a787da55fead422be9c3d6b0
GET /N5zb6s3X/new1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 30182
last-modified: Fri, 18 Mar 2022 01:22:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/gx6gS5sz/12.png
141.94.200.42200 OK 24 kB URL HTTP/2 i.postimg.cc/gx6gS5sz/12.png
IP 141.94.200.42:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 4f1c6340077142bcd0de6f85baaafbcf
29da0ac1d70a40797843e691bdcfa0abcbbe1f9b
ba5b6a70b5170458469ae96d709fb371fc23e82966e1d8e7a1fda585dd664690
GET /gx6gS5sz/12.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 24330
last-modified: Sat, 30 Jul 2022 20:55:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/FHNVyZgK/newAkm2.png
141.94.200.42200 OK 62 kB URL HTTP/2 i.postimg.cc/FHNVyZgK/newAkm2.png
IP 141.94.200.42:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash ca7340f6a175ef563bf2f2c234580ef9
74b840a40d5695f788b7981d441425d45bc604b5
49d4eba953a972be1bf227524ff891c5d0ece3a5b791d1eb763bc879cc5a1f41
GET /FHNVyZgK/newAkm2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 62358
last-modified: Sun, 19 Jun 2022 19:33:25 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/g0zpWp22/oro-token.png
141.94.200.42200 OK 70 kB URL HTTP/2 i.postimg.cc/g0zpWp22/oro-token.png
IP 141.94.200.42:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 5e674b60372b9318fa895897136bd83c
034f4d0ad0cddd0719d15cd7cc2d14f51140e82f
fd200c0fdd15dbe9eb53f1a52c8a11cfc8285a5af17fdf5942593193629ff258
GET /g0zpWp22/oro-token.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 69802
last-modified: Fri, 05 Aug 2022 04:16:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b84adbf5826fcd175df4c0dca3a6893
73a9c60a4775da221cd24c98664b33571a2d7335
c0f8de8b417c69fadd41cfc20e023026b1e93d2ed447976faf40558be2c216a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b84adbf5826fcd175df4c0dca3a6893
73a9c60a4775da221cd24c98664b33571a2d7335
c0f8de8b417c69fadd41cfc20e023026b1e93d2ed447976faf40558be2c216a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/0QWX9JsG/uc.png
141.94.200.42200 OK 125 kB URL HTTP/2 i.postimg.cc/0QWX9JsG/uc.png
IP 141.94.200.42:0
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 125 kB (125141 bytes)
Hash e0c2e2babc8f6a27605314995d1267ce
e5ee5efed8a21f0a8c462814b6b4cae296523746
8913ad939828cfd2b6ad95bf251c3cee0a55e715203d9b79dd2301f9f28e412c
GET /0QWX9JsG/uc.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 125141
last-modified: Thu, 17 Mar 2022 02:00:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/tRcvfPDp/material.png
141.94.200.42200 OK 89 kB URL HTTP/2 i.postimg.cc/tRcvfPDp/material.png
IP 141.94.200.42:0
File type PNG image data, 600 x 600, 8-bit/color RGB, non-interlaced\012- data
Hash 2b1b5c8efcad287491b0325bd74330fa
0de22f17cc9638cd0abe3771e7a4eddf8aefc5d2
423cd07235036660a5f26c8fa74948471ae0d2974bf0866b3f6cc316b7c2819e
GET /tRcvfPDp/material.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 89277
last-modified: Thu, 17 Mar 2022 02:01:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/QxWYrtn5/paint.png
141.94.200.42200 OK 108 kB URL HTTP/2 i.postimg.cc/QxWYrtn5/paint.png
IP 141.94.200.42:0
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (107723 bytes)
Hash 10e82f09bc3347eadde722eee7a2546e
3e89404d354722c674d619f5fe834f9799c6f3a0
7f0cfba3ef55c9db49e2e61185b7b35b7c560cf30adb5863d1b6e799eb1284ee
GET /QxWYrtn5/paint.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 107723
last-modified: Thu, 17 Mar 2022 02:01:09 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/jnLQLD1x/footer-socmed-1.png
141.94.200.42200 OK 5.8 kB URL HTTP/2 i.postimg.cc/jnLQLD1x/footer-socmed-1.png
IP 141.94.200.42:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash bef4c998aafaa09e5d29d60f46525c62
6c7f350282f0f6dc01f577c3785e0aaea0fcc2e6
dfba7a0c7d120366be1d50ada6b75adcf62ac2038a1c08fd6e1c77071a38b5d1
GET /jnLQLD1x/footer-socmed-1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 5796
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/Thwcks3z/footer-socmed-2.png
141.94.200.42200 OK 11 kB URL HTTP/2 i.postimg.cc/Thwcks3z/footer-socmed-2.png
IP 141.94.200.42:0
File type PNG image data, 180 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 80c10d25063bc5137b0fcf63b4d6165f
9655f83c214eaccb92d34d8b8ca83581a56fb2a7
16f1ccc0e0a89629ef11948c8de6ca77591a6f9b937b8de44ebc18358225bd80
GET /Thwcks3z/footer-socmed-2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 10864
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/bdB94RGs/footer-socmed-3.png
141.94.200.42200 OK 6.6 kB URL HTTP/2 i.postimg.cc/bdB94RGs/footer-socmed-3.png
IP 141.94.200.42:0
File type PNG image data, 180 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash bc99de2d262f8daf5c75d55ea0328990
8af7007005a8725a1c2e2a4710101be68a7ebfea
d1e50bf94ebb01626c1045d43541f5989f67f6b3d62d3d6eb38e34fe0be94595
GET /bdB94RGs/footer-socmed-3.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 6571
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
216.58.207.202200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 19:00:12 GMT
expires: Sun, 27 Aug 2023 19:00:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 88666
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/YvcfCqz7/footer-socmed-4.png
141.94.200.42200 OK 14 kB URL HTTP/2 i.postimg.cc/YvcfCqz7/footer-socmed-4.png
IP 141.94.200.42:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 023bfaf2a56a2b76e7afc94885893502
225d5166c4b3f7346e3bfef148d6bfb87b5b4a96
8014774799900154e012ac41d6cdd404adc93c5955535ee4bd5372e054e90443
GET /YvcfCqz7/footer-socmed-4.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 13796
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/w7RQzsJF/footer-socmed-5.png
141.94.200.42200 OK 9.2 kB URL HTTP/2 i.postimg.cc/w7RQzsJF/footer-socmed-5.png
IP 141.94.200.42:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a03905025f0e6e39ce3934cb40b170f
72ccd4a954ae859709be05f27c5e425dc0c810eb
a72b0b2226327f8af54d11c68347fd2930f05d48004c0f05e1ef39c3505d8ba0
GET /w7RQzsJF/footer-socmed-5.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 9205
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 11 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 39dfd28b84a286c68fa91cb6a161b2dc
5f4eaad62f6d047aa274deea99a7db36062709c1
1fd530f92ee14352a15c3e8ffa627cc3f939ecf80f290ee3c9fca46536b5b98f
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 7162232
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 741f812b3f24b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/pV8Q4L9L/footer-img.png
141.94.200.42200 OK 14 kB URL HTTP/2 i.postimg.cc/pV8Q4L9L/footer-img.png
IP 141.94.200.42:0
File type PNG image data, 669 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash d8e7ade119fece88de74909f9625a4f4
fcd55a597136e98a1ef13fb4ec78b5fdfe5ddffb
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4
GET /pV8Q4L9L/footer-img.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 14457
last-modified: Sun, 26 Dec 2021 01:40:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/dtyfWFF2/login-Method2.png
141.94.200.42200 OK 4.3 kB URL HTTP/2 i.postimg.cc/dtyfWFF2/login-Method2.png
IP 141.94.200.42:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b84adbf5826fcd175df4c0dca3a6893
73a9c60a4775da221cd24c98664b33571a2d7335
c0f8de8b417c69fadd41cfc20e023026b1e93d2ed447976faf40558be2c216a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
216.58.207.202200 OK 472 B URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 216.58.207.202:0
Hash 4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 09:02:32 GMT
expires: Fri, 25 Aug 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 297326
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pubg-claim-2022.duckdns.org/css/login/twitter.css
20.92.243.201200 OK 2.1 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/css/login/twitter.css
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash aa7cc463409f187509e7e5fb570e1d0c
0321e26b58b7f779248e23a56c9153c908d42ed6
6eb360154fcda50619dcbdbc620141c511b0a2be9bbee053f3abe67e70fd5533
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /css/login/twitter.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 2068
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
pubg-claim-2022.duckdns.org/css/login/facebook.css
20.92.243.201200 OK 3.1 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/css/login/facebook.css
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 7963984a8f422cb6cdabcb6597f3f252
8932b3a35c501044ccf88aab675703b972868182
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /css/login/facebook.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 3136
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sun, 28 Aug 2022 22:18:28 GMT
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sun, 28 Aug 2022 22:18:28 GMT
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sun, 28 Aug 2022 22:18:28 GMT
Date: Sun, 28 Aug 2022 19:37:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0a52aaf6cfd3c91ef396ec21e668634
96e49f02f48d8e212335722d7a95eba9b21050de
edd20b6a1790cc65fd16f64e6e58c01140d814ffb27a6fe6f41c7dc285a76b2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10824
x-amzn-requestid: abf116d5-7ffd-4100-bbbb-f8ebcc903e48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJqgGfToAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307230f-058b88810d3d902475af52a3;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:21:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 1QjI_En26B7SLes62WrxkEODPzBCDiUUo8ttH3vOUYsTTTo-ucHIqA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 08:42:16 GMT
age: 39342
etag: "96e49f02f48d8e212335722d7a95eba9b21050de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3669e6e-88e8-42f1-8b3b-7bb300b93ae6.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3669e6e-88e8-42f1-8b3b-7bb300b93ae6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8609f20b4f6de9888a710a1a865a8cca
defd4c20c1034f6890d780022c94cab34cbf87f3
36444bc24a9bd966ab805567dd936db8fcded9244c675025c023fe99b32be5b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3669e6e-88e8-42f1-8b3b-7bb300b93ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6527
x-amzn-requestid: e00d8dd2-45c6-4d2f-ac77-22b789af807f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xis-kE_ZIAMFuew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8ec3-365ab7026fbf1302654e6e4d;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:38:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Wi_nJPwhDPfeFP_UBplh5_IAa8HZsWoA6aA9kpTGPCx1EpNiQN8vKQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:43:56 GMT
age: 78842
etag: "defd4c20c1034f6890d780022c94cab34cbf87f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febffc56c-14ba-44c3-a52a-2f2dca64b931.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febffc56c-14ba-44c3-a52a-2f2dca64b931.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd559f24c149a22515344de424d9836d
10ae4c1080524020dfeb06984c8c98aabe07db6a
176d82e8f33969b2060fc8d1c8ac93e3e0934f857d90bcdeb7d83454d7d0448d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febffc56c-14ba-44c3-a52a-2f2dca64b931.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: b83f1ecc-1efc-4178-84ce-9d05c053e078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitVoF9_oAMFegA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f57-098fcb077607ffbd2a589692;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GcDiexM3A8JfyGrpvFB9OVebksdmIlIM48gwihb_4qcAs3Nzb2253A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:55:42 GMT
age: 78136
etag: "10ae4c1080524020dfeb06984c8c98aabe07db6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f492a725bd0ff1ffb9bda36a618c8163
54ebcbafcc02053b2e9477ef29e89c9924abb9e0
bbe69be8f14be3d6fdf09fee9cfdcee5847875bc9f6f6097e4afe1692553c125
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6921
x-amzn-requestid: 727cc3c0-9535-43cf-8aa6-1f46d74a5e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xis-bGrXIAMF6ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8ec2-4794034041513a7022688600;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QiL5v8h4rNJMJ8tsIdWb0xv7H28K96hH3V8-Fg312NDEdkNZ32IedQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:45:27 GMT
age: 78751
etag: "54ebcbafcc02053b2e9477ef29e89c9924abb9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.postimg.cc/Ln5CfhZZ/10.png
141.94.200.42200 OK 7.1 kB URL HTTP/2 i.postimg.cc/Ln5CfhZZ/10.png
IP 141.94.200.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d86049a1b34617a0d41fb4ef97009303
0c0aa0266043aa373afb74a15ab605fba7ceb654
02bcd4310d68f5cffd90c1cced9e9789876f3c51c1edb21f9b0dec1e659118b6
GET /Ln5CfhZZ/10.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:58 GMT
content-type: image/png
content-length: 23805
last-modified: Sat, 30 Jul 2022 20:55:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef5729bf444dd3cc7b8e7945187e09ee
ec62fa681d45d696fc7308fede11cd16979594fd
34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UFJ0DtBufSFfM1vFxdagMV5tpP5ZEH2NbdduFvVM6sL7UVpdhSBhGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:03:39 GMT
age: 77659
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.250200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=259
expires: Sun, 28 Aug 2022 19:42:18 GMT
date: Sun, 28 Aug 2022 19:37:59 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_language.svg
23.36.76.250200 OK 675 B URL HTTP/2 www.pubgmobile.com/en/images/nav_language.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Hash 77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 675
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_shop.svg
23.36.76.250200 OK 526 B URL HTTP/2 www.pubgmobile.com/en/images/nav_shop.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Hash ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 526
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_menu.svg
23.36.76.250200 OK 426 B URL HTTP/2 www.pubgmobile.com/en/images/nav_menu.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Hash 76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 426
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_download.svg
23.36.76.250200 OK 485 B URL HTTP/2 www.pubgmobile.com/en/images/nav_download.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Hash 105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 28 Aug 2022 19:37:59 GMT
content-length: 485
X-Firefox-Spdy: h2
pubg-claim-2022.duckdns.org/css/animate.css
20.92.243.201200 OK 78 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/css/animate.css
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /css/animate.css HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:58 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 77906
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.pubgmobile.com/en/images/footer_link_bg.png
23.36.76.250200 OK 1.6 kB URL HTTP/2 www.pubgmobile.com/en/images/footer_link_bg.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash 92ae645b6114492e8c1c5464d949466a
1d27f2644c0f5e899e9478c78136a9bc94131150
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417
GET /en/images/footer_link_bg.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
cache-control: max-age=294
expires: Sun, 28 Aug 2022 19:42:53 GMT
date: Sun, 28 Aug 2022 19:37:59 GMT
X-Firefox-Spdy: h2
i.postimg.cc/DZYQm0Gm/footer-bg.jpg
141.94.200.42200 OK 12 kB URL HTTP/2 i.postimg.cc/DZYQm0Gm/footer-bg.jpg
IP 141.94.200.42:0
File type JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Hash 27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
GET /DZYQm0Gm/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 13 Apr 2022 14:17:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
104.17.25.14200 OK 38 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Hash a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pubg-claim-2022.duckdns.org
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2155768
expires: Fri, 18 Aug 2023 19:37:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjJr8WV%2BVfq8txluZMWO0%2Bu%2FeG8PBTBf9ra3wOjNf5LJ4rz3FuuqPj8ZlCIB8mWONb2hl7HaUrd4yDnkXOCB7SirTKxom0JnGA0sBJe9cQQ6psn2C%2FqyTa94SNguHkzeb6udHYsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 741f8131df2eb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5ab82d0d153255175b1c3c600842227d
a6c6d3bd5479cc2977dd6cf320ad80572f54c1e0
0423daa554124197ae0b9184e4d38dcebeb41906b300fd4d7c2d05eabb9fb90f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5ab82d0d153255175b1c3c600842227d
a6c6d3bd5479cc2977dd6cf320ad80572f54c1e0
0423daa554124197ae0b9184e4d38dcebeb41906b300fd4d7c2d05eabb9fb90f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Hash 5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pubg-claim-2022.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Aug 2022 20:03:01 GMT
expires: Tue, 22 Aug 2023 20:03:01 GMT
cache-control: public, max-age=31536000
age: 516898
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ibb.co/JFdHX4V/image-76-1.png
51.210.32.106200 OK 50 kB URL HTTP/2 i.ibb.co/JFdHX4V/image-76-1.png
IP 51.210.32.106:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 648b649c67b8edc4a6894a4969bd85eb
fc80a4331961605198cb658cd95d828c02fa69ca
b965c4ef303c587bc3ee12976a43614f006369ab8875227c9693f84d6bd4a1c2
GET /JFdHX4V/image-76-1.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 50506
last-modified: Wed, 18 May 2022 21:28:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pubg-claim-2022.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 20:23:33 GMT
expires: Thu, 24 Aug 2023 20:23:33 GMT
cache-control: public, max-age=31536000
age: 342866
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 5eb7c118eef91fe22eef7bc3240005f3
08b38e7c41b8b768f843b852e115ad1457214782
a8b29486dccc90250db5d7001703d7fec94914ecd6952e0d7c5d424bf3afce7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8B29486DCCC90250DB5D7001703D7FEC94914ECD6952E0D7C5D424BF3AFCE7D"
Last-Modified: Sun, 28 Aug 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2641
Expires: Sun, 28 Aug 2022 20:22:00 GMT
Date: Sun, 28 Aug 2022 19:37:59 GMT
Connection: keep-alive
i.ibb.co/wzvvStV/grozaNew.png
51.210.32.106200 OK 63 kB URL HTTP/2 i.ibb.co/wzvvStV/grozaNew.png
IP 51.210.32.106:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 27da5ec6e2a9e8f5512581ca04e7ea74
6e61fa887fa9b22ee4215c55e58379ab7d50aded
782af9b9f518e0b32809fa163a30ac68afb535c2a9a8ae7bf9abc2a74dc1dc9d
GET /wzvvStV/grozaNew.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 62708
last-modified: Wed, 20 Jul 2022 18:11:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 29 Aug 2022 19:14:39 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Sun, 28 Aug 2022 21:37:59 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5ab82d0d153255175b1c3c600842227d
a6c6d3bd5479cc2977dd6cf320ad80572f54c1e0
0423daa554124197ae0b9184e4d38dcebeb41906b300fd4d7c2d05eabb9fb90f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 19:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/tKnVNF1/8.png
51.210.32.106200 OK 51 kB IP 51.210.32.106:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 742d41afca510b1a14cb9c938cb2113f
798dcd1999508cf32c6d805408a5b74a70aa6513
5e204eb0349c0f0360a0be3b45d85419b311c5226d731b8892642a1f90398ae9
GET /tKnVNF1/8.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 50570
last-modified: Fri, 15 Apr 2022 01:21:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/VMrskWj/awmNew.png
51.210.32.106200 OK 49 kB URL HTTP/2 i.ibb.co/VMrskWj/awmNew.png
IP 51.210.32.106:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash f65c87b62280a2834391ae87122e3dcb
0af064678505e4eb7113dc0e4170e627d16e177d
189a14b50b0eb6cea30d1e49d5faa015bd7847abbc035a9714d9fa741374f968
GET /VMrskWj/awmNew.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 48714
last-modified: Wed, 20 Jul 2022 18:13:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/Wg93jRK/image-77-1.png
51.210.32.106200 OK 62 kB URL HTTP/2 i.ibb.co/Wg93jRK/image-77-1.png
IP 51.210.32.106:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 97c1e3eff80c6d61d01542595a0d22d8
4e4d993e4f0aef5e4040f6d4984fd83c222f8453
10d5b2c3eb2c23d0008541d08afb42eb0ed9a6e69b029624c0f69a36f6f649d9
GET /Wg93jRK/image-77-1.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 61931
last-modified: Wed, 18 May 2022 21:28:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/x3fJgmc/skorpion-New.png
51.210.32.106200 OK 76 kB URL HTTP/2 i.ibb.co/x3fJgmc/skorpion-New.png
IP 51.210.32.106:0
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 232c69eacdb31b3a92859b5e150c66b1
fba58752be2a3196998e1e66b04a71ce42ebf07a
06f451e2dbbb9826d4009a57b44b2c169afc808df299242951353f90a0b3a06b
GET /x3fJgmc/skorpion-New.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: image/png
content-length: 75723
last-modified: Wed, 20 Jul 2022 18:11:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
pubg-claim-2022.duckdns.org/img/rewards/7.png
20.92.243.201200 OK 43 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/7.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash e5180149f3673bfc57b3466b6812db0c
42222511d009109d3fb6e6597d6f0bd2fd34f85f
6fb3b245fd49c64511a7d4ba088d61b648f17d9bc30e61ac56a883aea99488f6
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/7.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 42929
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.pubgmobile.com/images/event/Iridescencex_suit/bg1.jpg
23.36.76.250200 OK 404 kB URL HTTP/2 www.pubgmobile.com/images/event/Iridescencex_suit/bg1.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x960, components 3\012- data
Size 404 kB (403762 bytes)
Hash be3790e36fe50b56d89fb8273574d7e1
59f2507d463c59a68e0590ba0b73a8cadaac3e59
5c4f4fb8eacc88b8897b932046dd54607304eda10d37342c4e8d5ab95b3bd1f1
GET /images/event/Iridescencex_suit/bg1.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 403762
last-modified: Tue, 19 Jul 2022 10:39:34 GMT
etag: "62d689e6-62932"
accept-ranges: bytes
cache-control: max-age=300
expires: Sun, 28 Aug 2022 19:42:59 GMT
date: Sun, 28 Aug 2022 19:37:59 GMT
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Sun, 28 Aug 2022 19:37:59 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 29 Aug 2022 19:14:39 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Sun, 28 Aug 2022 21:37:59 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
pubg-claim-2022.duckdns.org/img/rewards/5.png
20.92.243.201200 OK 48 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/5.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 7afba64c5b2bf8b310725a35665aad06
0a70ae376d464a7ffbfa17eb889aa5e7536d5b56
b04e52225adff7597200c7986b0f4e0a9a99e67f687197ff66291aa61831f6bd
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/5.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 47847
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/rewards/3.png
20.92.243.201200 OK 56 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/3.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash f321d00829e1622da254971d64b2eea5
76b0a7fb8d89884612a387a469ac5170650b8a45
55a4d4a16b843e122b944d6cf50254649faff55f7820cff36a3d68f127f89613
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/3.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 55715
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/rewards/2.png
20.92.243.201200 OK 98 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/2.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 68e280953bc06a09c500337f92b5b0c7
99c94ee862154a8cd2be88f01df0e90250a335e7
4c664b9b545718905fc5ae165f8133d7f835fb59b0ea21b5dc036fc884c4c27c
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/2.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 97609
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/rewards/4.png
20.92.243.201200 OK 57 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/4.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash ba3c663afef6e1aaa3b97bcd62607b65
5580e17e81ff68dd3e199556b3b69df0519c2ac0
07c99fdf99d3fc3ee79d19251a69b02de137745a2a04d9d5d3bee370f29e0433
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/4.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 56712
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/container.jpg
20.92.243.201200 OK 78 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/container.jpg
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 617x960, components 3\012- data
Hash b1aec04b66b503986d1ddef7ae7671de
45fb758a5c3c30b23584944d046cd3ac56611bff
b6eaac7ff955ab0191ed2ac2e94f9e431d5c2d1c0c92a24ce09b18ec4213dab6
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/container.jpg HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 78177
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
pubg-claim-2022.duckdns.org/img/btn-off.png
20.92.243.201200 OK 10 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/btn-off.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Hash 2e09d03f4f375948d94c3d1b0f09e545
1ced072f209a0b4d732372ee6886b686af24a6c9
d1c394718be9565c7959ff182c4eda2e1cb5473adda6daf71356bbfc4d669f13
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/btn-off.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 10127
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/btn-item.png
20.92.243.201200 OK 9.7 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/btn-item.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 203 x 72, 8-bit colormap, non-interlaced\012- data
Hash 76d0b6823004c888e72a711d65533667
54a8ef539dd23ba58251a0be9284390f76124436
b5534877294c67fc528ac2ebfdbdc291d47e3a6529fad8c8b14aaa03acf35d4c
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/btn-item.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 9723
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/rewards/6.png
20.92.243.201200 OK 59 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/6.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 55ee43b65409b2a87d10fafedd353f95
71fa72741282d050a755fb4fe5aa2037a5d6fcb0
489b2845a0e8e2cb111062d8c314b2c4868cccc92978a391bae391e2629841fe
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/6.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 58761
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/event-title.png
20.92.243.201200 OK 55 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/event-title.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 632 x 186, 8-bit colormap, non-interlaced\012- data
Hash 29331d1ec7a39499404484c8aab400bb
96f40b89f0ba20b3a22fcc08c6c4dfd69247fbc8
e8edabcd6925f2bc85cabaccd4967ce8b32ebe12492b525df41d789d96cd6896
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/event-title.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 55405
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/event-notification-icon.png
20.92.243.201200 OK 75 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/event-notification-icon.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 825 x 877, 8-bit colormap, non-interlaced\012- data
Hash 3eccbc9590e6d537250cea12c71d2f15
7d77027f056da10caea0c0eb761427a52fb7a0f1
f3d9a7daa276d41fb98a4c936589a0ac72e676664721e8935462550343f5e4c4
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/event-notification-icon.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 74705
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/rewards/9.png
20.92.243.201200 OK 49 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/9.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 9b415b1c7f4b4c092fad508faf38e3c4
36aed795932f8883c46ea755d30e8ecac0119b91
4b7c7ad8916af8ba876e1112f7db0ed7f87a10fc1cbd7729d3474c4b696f706b
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/9.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 49192
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/rewards/8.png
20.92.243.201200 OK 42 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/8.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 4aafddf7cc90a334e1e57a62a8cb536a
6821966b02f3b5c8c4f5d2c2d259a0d8bdd231aa
cb22bc0bcea21d8c8b4e89b4e445663f241df00f7d14f9bb78c178844c06c13f
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/8.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 41719
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/btn-on.png
20.92.243.201200 OK 11 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/btn-on.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Hash 47b5981fe1e6139a4e5b2c9960143740
b6ed0c5c1bd07d0006770141972799e163a4aae0
3bc271d6a3d7ee4df7a4aa8ffe694c8ac720fb70cf5c9f235bf755cb6343dfef
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/btn-on.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/css/style.css
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 11056
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/socmedBtn1.png
20.92.243.201200 OK 6.7 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/socmedBtn1.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 147 x 156, 8-bit colormap, non-interlaced\012- data
Hash 6e1d5e4fb549432547ee49fb334254bb
7d908212d6a1b2148dc44a0aba7903d8293e1173
7313c48d93649d144bbdfc4adebf8d302adf075883fe37a5d74a3ba4d0bd9d1c
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/socmedBtn1.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 6678
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/socmedBtn2.png
20.92.243.201200 OK 6.2 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/socmedBtn2.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 147 x 156, 8-bit colormap, non-interlaced\012- data
Hash 66487b3b76f532a442fefe59c0f9f136
804d5c2a49842a7695adf3068a6135c77d76c5cf
28cf56f6e2b7a366ad36dc948d6140be4bc7ccc926327c3c27b9ea0017c6dde1
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/socmedBtn2.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 6238
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
pubg-claim-2022.duckdns.org/img/rewards/1.png
20.92.243.201200 OK 296 kB URL HTTP/1.1 pubg-claim-2022.duckdns.org/img/rewards/1.png
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1280 x 1280, 8-bit colormap, non-interlaced\012- data
Size 296 kB (296197 bytes)
Hash c4f988be726e7d0648c9f47238275394
89219841b0255e0d2848ff056ccdda2de9c8e549
a8594a35e07899735a9555369bf943e0c04b8738dec42b9da34083a61026678b
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
quad9 Sinkholed
GET /img/rewards/1.png HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 200 OK
Date: Sun, 28 Aug 2022 19:38:00 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 296197
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.250200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=19
expires: Sun, 28 Aug 2022 19:38:19 GMT
date: Sun, 28 Aug 2022 19:38:00 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F933e0e21-c280-4b74-a8f8-65fce6314d41.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F933e0e21-c280-4b74-a8f8-65fce6314d41.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3dc873af5fc2b0ca028c7cfef840ab59
48f405786f10c0ec70fd69cf63c44fa6b8a164f4
d48a9846a6a470b7d88bfe521b3adae3f9827419b4ae09c78e22f0d8a4c0e0f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F933e0e21-c280-4b74-a8f8-65fce6314d41.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6305
x-amzn-requestid: c8e3d17b-c4fe-474b-aaf4-14fa94606200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xita3EUZoAMFqiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f78-42546a656b9222f12893ddf9;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:41:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: H6vVCulD-zli69M5-qvPjeNmwhRlRmcsA8iDXJDcKSgCXsLDD5lHsg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:48:01 GMT
age: 78604
etag: "48f405786f10c0ec70fd69cf63c44fa6b8a164f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pubg-claim-2022.duckdns.org/media/header.mp4
20.92.243.201206 Partial Content 0 B URL HTTP/1.1 pubg-claim-2022.duckdns.org/media/header.mp4
IP 20.92.243.201:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Tencent
fortinet Phishing
quad9 Sinkholed
GET /media/header.mp4 HTTP/1.1
Host: pubg-claim-2022.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
HTTP/1.1 206 Partial Content
Date: Sun, 28 Aug 2022 19:37:59 GMT
Server: Apache
Last-Modified: Fri, 05 Aug 2022 21:03:10 GMT
Accept-Ranges: bytes
Content-Length: 3548215
Content-Range: bytes 0-3548214/3548215
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: video/mp4
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pubg-claim-2022.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Aug 2022 19:37:58 GMT
date: Sun, 28 Aug 2022 19:37:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2