one88.top/khuyen-mai/
104.18.0.104301 Moved Permanently 0 B IP 104.18.0.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /khuyen-mai/ HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 19:14:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 Dec 2022 20:14:51 GMT
Location: https://one88.top/khuyen-mai/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ea0b25f33b505-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4759
Expires: Sat, 03 Dec 2022 20:34:11 GMT
Date: Sat, 03 Dec 2022 19:14:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2576
Cache-Control: max-age=143956
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:52 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:14:08 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10884
Expires: Sat, 03 Dec 2022 22:16:16 GMT
Date: Sat, 03 Dec 2022 19:14:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 18:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3292
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fAPOpt7XTFN4I0EZA2zb0ezkRPwYfRLdtYTqyELA/5bKuaQCEahzquDFwaJXu7L9B88Ai/3uU3aajUKqnzItFg==
x-amz-request-id: Z67327NH3TDFVPJ9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 18:46:40 GMT
age: 1692
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 19:14:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QhlQ9XPCYz8
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QhlQ9XPCYz8
IP 142.250.74.131:0
Hash 43d3e2b1ba2321c1e5d48eac4d2d670b
2217ed12fc0c8de5472cf25033f5559ba4051799
5ba919afbc3a70919ed0163f0de1db793e021d616494519c658e9bc52002f74b
POST /s/gts1p5/QhlQ9XPCYz8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
one88.top/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=773ea0b4fe89b511
104.18.0.104200 OK 42 B URL HTTP/2 one88.top/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=773ea0b4fe89b511
IP 104.18.0.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=773ea0b4fe89b511 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:52 GMT
content-type: image/gif
content-length: 42
last-modified: Wed, 30 Nov 2022 18:31:22 GMT
etag: "6387a17a-2a"
server: cloudflare
cf-ray: 773ea0b71987b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 03 Dec 2022 21:14:52 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 19:08:58 GMT
cache-control: public,max-age=3600
age: 355
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2564
Cache-Control: max-age=138882
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:53 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:49:35 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i4e+EELF56I1E9JQrbIyJw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MOyVXnSTIixl0zWpjIljlkCPuTc=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5875
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 19:14:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5875
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 19:14:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5875
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 19:14:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5875
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 19:14:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 29630
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 77127
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 51166
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 77028
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
one88.top/cdn-cgi/challenge-platform/h/g/pat/773ea0b4fe89b511/1670094892982/14e5d2bfa3c86f816c41c337f4061b218ea680f71c0b36e541c761f185b2d5ea/AgybPo1YESYxrZp
104.18.0.104401 Unauthorized 4.3 kB URL HTTP/2 one88.top/cdn-cgi/challenge-platform/h/g/pat/773ea0b4fe89b511/1670094892982/14e5d2bfa3c86f816c41c337f4061b218ea680f71c0b36e541c761f185b2d5ea/AgybPo1YESYxrZp
IP 104.18.0.104:0
Hash 95afaf800bc5d058fb6762d49a295acf
434bff06f9b059176bb65996c0b700a4eb493a4e
829014207ed97d948708953dbae571ac5e9961785bd49af5191d37d42115b72b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/g/pat/773ea0b4fe89b511/1670094892982/14e5d2bfa3c86f816c41c337f4061b218ea680f71c0b36e541c761f185b2d5ea/AgybPo1YESYxrZp HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/
Connection: keep-alive
Cookie: cf_chl_2=f39efe499dca782
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 401 Unauthorized
date: Sat, 03 Dec 2022 19:14:54 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gFOXSv6PIb4FsQcM39AYbIY6mgPccCzblQcdh8YWy1eoACW9uZTg4LnRvcA==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAuD23Zj8CdrYvjI6ZP1RoMzaefvxeLuCD4vxsciXjMMqMNAuVkVcuzq0WAKvCsmv16wQhCxLWL4D29iuuqo0c6wWuUHRx3-P7Q4bu-HXev_4uMDFPcxu0eyzlDUXkegAmThCfMelYJ5tX5-pmFaXMRCc6MkdnOc6QJrFvRDISpXwGWalkLjSKRBA8C0iOtbae98noxqam73zGvbz-deyotLJoIFGzHLvM4mtH7oyUEDj6jtvV9PhxrjlB4TM7yIw6JXR04A0rGBBlft0R9TGr_o8fnS0UPpa_rlp9czj8a8ktX0jaAFXLNK1cvNXT2A20APPCQrog4KgK2GrNGcMpewIDAQAB, max-age=15
server: cloudflare
cf-ray: 773ea0c32a1bb511-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 65850
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
one88.top/_nuxt/fonts/icomoon.600f6ad.woff
104.18.0.104200 OK 79 kB URL HTTP/2 one88.top/_nuxt/fonts/icomoon.600f6ad.woff
IP 104.18.0.104:0
File type Web Open Font Format, TrueType, length 79368, version 0.0\012- data
Hash 479462c1b99b89641ef47c79a12ee6d2
6652bc3caf4d2295e87976cbfccdab30088d4f96
fa3b63a993f8b7bae01abe5e6f62e2a2b02d6cc0c6d3d55d99a129c6e950e661
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/fonts/icomoon.600f6ad.woff HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: font/woff
content-length: 79368
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"13608-184c6906767"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0c8a887b511-OSL
X-Firefox-Spdy: h2
one88.top/khuyen-mai/
104.18.0.104200 OK 89 kB IP 104.18.0.104:0
Hash f6cff9337a8cf1a4ca2d7b9dec3a6191
9897c3841c06e42bb56e939e3a9ba3d1ed84ae42
378242ddfef0dd4d623bde9b31a20dfd125f74a342d2a20322d7242afd810d30
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /khuyen-mai/ HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/?__cf_chl_tk=YpRz4Grqo4HHMGosggePZmL9OyiojYiDaO3VsTzxXQc-1670094892-0-gaNycGzNCCU
Content-Type: application/x-www-form-urlencoded
Content-Length: 2868
Origin: https://one88.top
Connection: keep-alive
Cookie: cf_chl_2=f39efe499dca782
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: text/html; charset=utf-8
set-cookie: cf_chl_2=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.one88.top; Secure
cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; path=/; expires=Sun, 03-Dec-23 19:14:54 GMT; domain=.one88.top; HttpOnly; Secure; SameSite=None
isShowReferralAlert=; Path=/
device=desktop; Path=/
os=desktop; Path=/
domain=https%3A%2F%2Fone88.top; Path=/
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 773ea0c48ba0b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.vendors/app.css
104.18.0.104200 OK 28 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.vendors/app.css
IP 104.18.0.104:0
Hash f2d79b29b953a0e423fcd589630f382d
e8b3e33a9fc5f87e4b3b56fb71200708393cd5ba
f3dc474f6e790e0ad5d5423b414de899fdea625733728647552ffabaf10eda46
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.vendors/app.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"28756-184c690678d"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8a874b511-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-57LQ8NW
142.250.74.40200 OK 59 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-57LQ8NW
IP 142.250.74.40:0
File type ASCII text, with very long lines (2916)
Hash cf13aa6e78bbc1897698720e90bfc6ef
8c0fb44cb616552dafcc0fa8c4e9b27ef8f2fac2
2e56d59060a74df2de0e72eb02eb1fe0ea27d90a318b9cc8fced07277760807d
GET /gtm.js?id=GTM-57LQ8NW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 19:14:55 GMT
expires: Sat, 03 Dec 2022 19:14:55 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
one88.top/_nuxt/907185f.js
104.18.0.104200 OK 483 kB URL HTTP/2 one88.top/_nuxt/907185f.js
IP 104.18.0.104:0
Size 483 kB (483438 bytes)
Hash b7c9ea06f9896a86a9f31d57bff38a32
ded33e83667214057aadfccf1263f97fbbb9a985
9c93ea61b5e7bd8b67a4d9f5588d37f8f40d72bb69e9f06c3ffac74da1b49640
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/907185f.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"1af2f9-184c690678c"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8a87fb511-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@700&family=Montserrat:wght@600&display=swap
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@700&family=Montserrat:wght@600&display=swap
IP 142.250.74.106:0
Hash dd1d5fec5e2455379b98f3f9f734256c
1da47343193506ce37a988c511559ae46e301605
7f65ceb1f40ab95804711096a05eb6bd12320111d19e2e76daea24924c63ddb1
GET /css2?family=Inter:wght@700&family=Montserrat:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 19:14:55 GMT
date: Sat, 03 Dec 2022 19:14:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
one88.top/_nuxt/447acd7.js
104.18.0.104200 OK 26 kB URL HTTP/2 one88.top/_nuxt/447acd7.js
IP 104.18.0.104:0
Hash ac4b8bdbe7df1f13c5a1582237c54acc
436feffaba479451ad3b89092d3a1693a57558f7
5320e3c7bc8872c4007132c32aa624542f322d73c9d87248c0c6a6f65928d822
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/447acd7.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"390-184c6906780"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8a889b511-OSL
X-Firefox-Spdy: h2
one88.top/assets/fonts/Montserrat-Medium.woff2
104.18.0.104200 OK 89 kB URL HTTP/2 one88.top/assets/fonts/Montserrat-Medium.woff2
IP 104.18.0.104:0
File type Web Open Font Format (Version 2), TrueType, length 88596, version 1.0\012- data
Hash 4193cb373574474bd262f0cada40c68e
269bf2b2b7bd609246c6c6a5cea1f8859ab4db9b
58b7c61e1b6d4cba2e3ccd1bd081481f7d48a1da5b35e47ef029cb6d28ec52b4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /assets/fonts/Montserrat-Medium.woff2 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://one88.top/_nuxt/6a121a4040d9f64add46.app.css
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: font/woff2
content-length: 88596
cache-control: public, max-age=14400
last-modified: Tue, 08 Jun 2021 05:42:48 GMT
etag: W/"15a14-179ea25128a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sat, 03 Dec 2022 23:14:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0c9b9d8b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.527.css
104.18.0.104200 OK 90 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.527.css
IP 104.18.0.104:0
Hash 55ae89d4bdd1b9d02fd0f24a364a6aa4
8e5e2dabd66d57c43bb98be4fe3cda80a958d4c1
84ce42cfcb3d3849573cc36e2253456d862ef77e97b98a4640ee288c430548ea
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.527.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"1e7b-184c69067b2"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8a88db511-OSL
X-Firefox-Spdy: h2
one88.top/assets/fonts/Montserrat-Bold.woff2
104.18.0.104200 OK 89 kB URL HTTP/2 one88.top/assets/fonts/Montserrat-Bold.woff2
IP 104.18.0.104:0
File type Web Open Font Format (Version 2), TrueType, length 88708, version 1.0\012- data
Hash 1eaf59537a9c317acaa4b2c144cd89d6
c974c955950d5522a66abd7d2e388e03c177dd85
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /assets/fonts/Montserrat-Bold.woff2 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://one88.top/_nuxt/6a121a4040d9f64add46.app.css
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: font/woff2
content-length: 88708
cache-control: public, max-age=14400
last-modified: Tue, 08 Jun 2021 05:42:48 GMT
etag: W/"15a84-179ea25127c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sat, 03 Dec 2022 23:14:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0c9c9e8b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6339121.js
104.18.0.104200 OK 158 kB URL HTTP/2 one88.top/_nuxt/6339121.js
IP 104.18.0.104:0
Size 158 kB (158539 bytes)
Hash 0eafbdab8a0e6aa4a6cf7471de271810
94ce6dd3c3370732f70a0b41b6e8f6fbe17b9441
4923a7ce163c3d0fa05d3f3cd884d7e27ffc6b8e5144311e863da3919bf59854
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/6339121.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"49df6-184c690677d"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8a881b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.108.css
104.18.0.104200 OK 1.8 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.108.css
IP 104.18.0.104:0
Hash e7bfcebca4ec95df15017180e0bb90ac
54ed0aa9f0653fc98f4c534142eb1c480d6a3827
963a9267802aec4b1b4dd444efac5154e149727c29211692b0d915979b4539ba
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.108.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"2655-184c6906775"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130085
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0cb67b511-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=10325227&version=1607.2.2.2171.854.33.2.3.1.1.1.79.0&group_id=0&jsonp=__lc_static_config
95.101.10.171200 OK 1.4 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=10325227&version=1607.2.2.2171.854.33.2.3.1.1.1.79.0&group_id=0&jsonp=__lc_static_config
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (3843), with no line terminators
Hash 801afbc52cc220d5169547c08cffdeee
1bc8cb22d47c690163f5fe0ba880fc953b42ee76
f4b2f8a29450b5f2e1a9ad881f08fb442ec60ab2500fec0d86012f9015d654ed
GET /v3.3/customer/action/get_configuration?license_id=10325227&version=1607.2.2.2171.854.33.2.3.1.1.1.79.0&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1377
cache-control: public, max-age=600
expires: Sat, 03 Dec 2022 19:24:57 GMT
date: Sat, 03 Dec 2022 19:14:57 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=10325227&version=d4234139f0f2a5e50173b124f65938ca_5b6cf8f62656f1dcf1797eb8bf81b810&language=vi&group_id=0&jsonp=__lc_localization
95.101.10.171200 OK 4.7 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=10325227&version=d4234139f0f2a5e50173b124f65938ca_5b6cf8f62656f1dcf1797eb8bf81b810&language=vi&group_id=0&jsonp=__lc_localization
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11933), with no line terminators
Hash 695581649a1c98f7428bd487db61b21b
88cbb90bb111cdefe376bb9f35a8726e624326bf
8a39acc8146a5775f047038700472dcd4b546bfe66dedac0dcc8a14b092d04dc
GET /v3.3/customer/action/get_localization?license_id=10325227&version=d4234139f0f2a5e50173b124f65938ca_5b6cf8f62656f1dcf1797eb8bf81b810&language=vi&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Sat, 03 Dec 2022 19:24:57 GMT
date: Sat, 03 Dec 2022 19:14:57 GMT
content-length: 4747
X-Firefox-Spdy: h2
one88.top/api/v1/home/evopromotion
104.18.0.104200 OK 39 B URL HTTP/2 one88.top/api/v1/home/evopromotion
IP 104.18.0.104:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 75ec504095cb0351a4dfe5a42ddaf857
227559b503ac62149b5de1f0eeb32f432ab78992
277bf5e67aa422755f0391c1196354cf36bd164d2976bdd328e46581f75c5b72
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api/v1/home/evopromotion HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9997
x-ratelimit-reset: 1670095113
etag: W/"27-InVZtQOsYhSbXeHw7rMvQyq3iZI"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 773ea0d38ee6b511-OSL
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=10325227&group=0&embedded=1&widget_version=3&unique_groups=0
95.101.10.171200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=10325227&group=0&embedded=1&widget_version=3&unique_groups=0
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=10325227&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sat, 03 Dec 2022 19:14:57 GMT
content-length: 2558
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.60.css
104.18.0.104200 OK 20 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.60.css
IP 104.18.0.104:0
Hash 0aace9b6a5f2ff61ab93e53688e0cd3b
c2a0d0573df44ff946635392f9c9c6eb221c8d3a
528980140fab4158aa6c2bde5617c73853e2821c3ed4732280aa93724a71fb23
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.60.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"7dcd-184c690676f"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:57 GMT
server: cloudflare
cf-ray: 773ea0d0bb46b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.123.css
104.18.0.104200 OK 69 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.123.css
IP 104.18.0.104:0
Hash dcc38d17a167c6aad40d526c8e661592
b780278b108a9ba333f113916e66b7748129259d
ad0cf6dce6539bf4bdd6b80395331874885b00c2287146f37245b57a72269496
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.123.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"28b7-184c6906776"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0bb58b511-OSL
X-Firefox-Spdy: h2
one88.top/api/v1/home/maintenance
104.18.0.104200 OK 207 kB URL HTTP/2 one88.top/api/v1/home/maintenance
IP 104.18.0.104:0
Size 207 kB (206924 bytes)
Hash ea001de46583b4414cc8a619aa9f4ccc
2423c54dd3b62f0df9cb3424d9b7435d621ecff6
cc1a85958de8893f33036ab320fbc3ead0568d5f0d45ac6d383fac3b79eb2b56
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api/v1/home/maintenance HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-powered-by: Express
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9999
x-ratelimit-reset: 1670094972
etag: W/"113-AAHKY4PadEZR/669g6L9RREzl5I"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 773ea0d38ee4b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-light.gif
104.18.0.104200 OK 53 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-light.gif
IP 104.18.0.104:0
File type gzip compressed data, max compression\012- data
Hash bcaf60ddb26030df4651ff0920460eb3
dff98ac82a7b610d8123c9ad80cf4c38cecbc8ae
38456d229ce8f6dab73fb8499d3198f16f476d8bbb1786c75b9a07774a240c1c
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-light.gif HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/gif
content-length: 52296
last-modified: Fri, 03 Jun 2022 04:06:11 GMT
etag: "629988b3-cc48"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d2edfbb511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.68.css
104.18.0.104200 OK 6.0 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.68.css
IP 104.18.0.104:0
Hash 72d02181ecda2fc07513bca6c4779e87
a47637afa78f30f3cfae0270d3e9c2bb5523f191
68834004dbcd910e77485d877e122129f1e3dc2025ed2a1e605731daf8295a3c
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.68.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"2ce0-184c6906770"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0cb70b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/29cd9b6.js
104.18.0.104200 OK 14 kB URL HTTP/2 one88.top/_nuxt/29cd9b6.js
IP 104.18.0.104:0
Hash c172f4dca3d1e109432c890e189f939e
343c68d8d1a371a50b907439b2430d9dcb2f9d5c
4f2a2db9bda67d27fd8919b18057226e980fcc14a39cba6dbda2b0a78e0e3471
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/29cd9b6.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 07:50:15 GMT
etag: W/"1486-184bd371773"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130085
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0cfa9d1b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-gamebai.png
104.18.0.104200 OK 2.0 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-gamebai.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash c40ac4a2eb93129c426e4ab50e072b4f
2193a26b87de3f77b710a3f23dce0bed951857ec
e281eeffe6f94f36e5b4a04337d4d2a97117dc1d6e4d0c3d207ae874d845fcfa
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-gamebai.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 2028
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-7ec"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d31e3ab511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/fonts/icomoon.b76d673.ttf
104.18.0.104200 OK 54 kB URL HTTP/2 one88.top/_nuxt/fonts/icomoon.b76d673.ttf
IP 104.18.0.104:0
Hash 3941802361742a7d65252b5bd97d4fc6
0c812ee3faf8a0da8e7224c4c080d61a072e4a4d
64970e19c9402e69e6cfe43b6ecf23a13cf157bf0ade2ef7fe03028304b2beba
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/fonts/icomoon.b76d673.ttf HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"135bc-184c6906767"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0c8a884b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-cuocnhanh.png
104.18.0.104200 OK 3.9 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-cuocnhanh.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 8adf7432f45bdf51f22dab531ad42db1
c5993bf7546dc27ae1797c22c3878e4821c0e227
cc74c719cc0318c0f2d709bd46c06cd94a0a4dee248f117802b7415560235506
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-cuocnhanh.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 3859
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-f13"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d31e3bb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-nohu.png
104.18.0.104200 OK 3.4 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-nohu.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e2bded27d44d2eca9f0c8c874deddca
984ebc4fb5c025cb629ac0be3b6120cab3fa6bad
389b56ac6751f628007fa9ba1b93a277488b485c9df30852c2ca882f68675390
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-nohu.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 3422
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-d5e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d33e59b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-table.png
104.18.0.104200 OK 3.4 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-table.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 453f421aff89f5a2cae6ab197ce2eeca
0234a00e2be333e1b7fe9c3ab1b6ec3719db72b2
c88dad957f1cca94bc6809430856e14130987097d5a23c16e8f65ccb58e1f095
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-table.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 3388
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-d3c"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e79b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/hot.svg
104.18.0.104200 OK 14 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/hot.svg
IP 104.18.0.104:0
Hash f3de1e4f146f7d499ae9b13f1fcae000
a5c5060f701463477284c061162129489963a143
08fbc9d0a27b476b319bfa185f96279e5f080c131b898c497205a15d6acf6b66
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/hot.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jun 2021 05:42:49 GMT
etag: W/"60bf0359-628"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e7fb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
95.101.10.171200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 19:14:57 GMT
date: Sat, 03 Dec 2022 19:14:57 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-lode.png
104.18.0.104200 OK 5.5 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-lode.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash d076e29265042bf8c6c7815a82561d29
e645299cd3ede1c9d46cfdfc678086b06c25aae2
5cfe7039972660e5d8a310081b3c5345edaca79faf3fde753d813c349b507a04
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-lode.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 5484
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-156c"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e72b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-ingame.png
104.18.0.104200 OK 5.1 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-ingame.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 40c85b60d2d445130417871724363912
948a152ec2a912e0ad37d1fcca49416d8da11737
04c92da8d8fc20c2a51daa64d8c34dfae809c8e3eb33cdbf2a974d4c12c79c10
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-ingame.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 5147
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-141b"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e6bb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_vietcom.png
104.18.0.104200 OK 6.8 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_vietcom.png
IP 104.18.0.104:0
File type PNG image data, 198 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 677e228b67a6137995a9ded21acb1a74
93c37a778c18d722114db0f01079267b6921a00e
dcb1a2023c365d3455ebe8116f0d1ae112e9aaa39b4f12d5d7b8ce5ce61cc9e9
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_vietcom.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 6779
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-1a7b"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e92b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-instant.png
104.18.0.104200 OK 2.3 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-instant.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f5cea9859d1ba0bea95aab7a6071ed5
f19362da3e7cd5346da1b42a1e3c1975281a1abc
b9fc10f95fd967c0c815a4c73ce64a4bb0a54a9dc5754e18aac3e0a5cd9ef294
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-instant.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 2303
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-8ff"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e75b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-casino.png
104.18.0.104200 OK 6.6 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-casino.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash fb35006a0fba2c88af634db726fb4829
e64600a668ebd1eda54ac51cc55e774eee0f1142
120c054d4878b617bb08f2ccc5ec4e879548f360d5dc4d0c5a73f18c54419301
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-casino.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 6607
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-19cf"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e76b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-slot.png
104.18.0.104200 OK 3.6 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-slot.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 4bae2499344f19eca96350757db8f3d3
5ef83e8f653c40ee000dd8f9c776b729fb3f220d
61fc1c7c14d590277039e6ff869bef611f4af30cb47c6b60c978abbdeb46b172
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-slot.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 3564
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-dec"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d33e5eb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-fish.png
104.18.0.104200 OK 3.9 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-fish.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 36142ea213babb26eac2be12157bd165
23998c5c1f481c43973caf443055d170bf96cb17
d0ecaf3c696d3d8a8de9b2ee0694f97d56a3e5fd7cc92a03d71ea3e81e675efe
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-fish.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 3886
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-f2e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e6fb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-esport.png
104.18.0.104200 OK 2.8 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-esport.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash eba965ca841efe57b3f65f71ac9247f2
0c8d8bc22a6c882de43a1699e505fad99fd55143
b74f44799d16ca8bb174abf696e4cda2be11a9c6f04aef1e83c4fccf676cb9cd
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-esport.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 2828
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-b0c"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e7eb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_acb.png
104.18.0.104200 OK 2.5 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_acb.png
IP 104.18.0.104:0
File type PNG image data, 96 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fec4b665fedc6ea49825cb6a0dfdbd1
5d8cdce5a039a1d7c75366ec476658d1c74e0f51
e9fcdd66e712b72b7c8c9aad350e200749c8f486d57dc9aa2bbbfc26a49a9197
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_acb.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 2541
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-9ed"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e89b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_donga.png
104.18.0.104200 OK 7.0 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_donga.png
IP 104.18.0.104:0
File type PNG image data, 220 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c7ad2a9575e0d2e6a7b6a34d88441cf
c73c069b43bacf9ec3c604b24f69bd3c37aab575
542bb158c653f4eee675af1cdda8aa1deb113c1112acf6ca18df886baa6ed523
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_donga.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 7048
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-1b88"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e83b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_exim.webp
104.18.0.104200 OK 4.5 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_exim.webp
IP 104.18.0.104:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2a3bca8a7eeddba806fd76c8af555d64
7e7733e7a51103602bc62fd004a1e786fd3b1517
b380c9478862b9dc4a97f4ddb6593af51e7f42fffa7b7ae7796ff5da6d498a6e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_exim.webp HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/webp
content-length: 4450
last-modified: Wed, 06 Apr 2022 01:48:54 GMT
etag: "624cf186-1162"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35ea7b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_bidv.png
104.18.0.104200 OK 5.0 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_bidv.png
IP 104.18.0.104:0
File type PNG image data, 154 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d3fbd7e5eac92293a31c4b652e5ed894
d6d3ee3408efe7a13129c6127099165408d469a5
4fc52a71a713f106678a277b3e67a6e251095b39625a580a7bf3150507dca14f
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_bidv.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 4994
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-1382"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e8cb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_techcom.png
104.18.0.104200 OK 4.4 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_techcom.png
IP 104.18.0.104:0
File type PNG image data, 128 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 21bfecf962a9ab359692846aebaf4a4f
46042fded6e42336bd0b51fb54ed76ab6999c341
3403186d919bb71177240515d8f9f90cec68670e3c7920a343c9b1a1f5551e3e
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_techcom.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 4438
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-1156"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e9bb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/logo18.png
104.18.0.104200 OK 2.9 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/logo18.png
IP 104.18.0.104:0
File type PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 66191b6a6bb5c33b3d165a277d7e45f0
8d401ae53d8cc220a2ed48103ca84565d7e00e62
561e82a2de7280031cc6b8d55d327b5b0ad478fb0753334e3b8cf6b18a1acb11
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/partner/logo18.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 2851
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-b23"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36ebbb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/mga.png
104.18.0.104200 OK 6.5 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/mga.png
IP 104.18.0.104:0
File type PNG image data, 138 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 0691eeb8ffe5ca24ecfedd8e5346e0d6
4dfb947d9c0090dcf2a4bc2ba896231edcd32135
e14897bdee1e4f476085c3b6b710360254134b8735af41150e7a6b4cabfd2816
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/partner/mga.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 6506
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-196a"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36ebfb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_vietin.png
104.18.0.104200 OK 5.0 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_vietin.png
IP 104.18.0.104:0
File type PNG image data, 188 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ab14d99bf7eeace368405f03f3ee432
891869d16a33ac11041a0ac5fdc5c07c67f78d1d
1791cc62c0badbfa81b9ecc313e183ea9458505ff4f3f1130766cccc7568a6b5
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_vietin.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 5022
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-139e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e9cb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_sacom.png
104.18.0.104200 OK 4.2 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_sacom.png
IP 104.18.0.104:0
File type PNG image data, 204 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa066585e775dcce528b93e03e4c875
fb2c313ae7f2a5c80859582c21cd14f196781630
7e9d190e44ac25f89ed70ad3613c9e5d482aabe59922e3056e283c20590e30d9
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_sacom.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 4245
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-1095"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e85b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank-mb.png
104.18.0.104200 OK 1.7 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank-mb.png
IP 104.18.0.104:0
File type PNG image data, 71 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 4d69438c9796d379cd3655e8fa203791
5d04e6a65fed02ccac9d917b4eded616c092ba15
e8c37480c4544d0406246869b477d13bc7018582d5c7b07511a022f0a528e280
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/bank/bank-mb.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 1705
last-modified: Tue, 21 Dec 2021 03:15:47 GMT
etag: "61c146e3-6a9"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e8ab511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_tp.webp
104.18.0.104200 OK 4.3 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_tp.webp
IP 104.18.0.104:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 910300579ba29064862986f524b450f7
4d1cccf6d8e6faed9daf64f7cb8b4272411122bb
0ae983a94722dd197c36aa7f666b8f303371e9aca3f459242519b72096425311
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_tp.webp HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/webp
content-length: 4266
last-modified: Wed, 06 Apr 2022 01:48:54 GMT
etag: "624cf186-10aa"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35ea9b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/curacao.png
104.18.0.104200 OK 7.8 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/curacao.png
IP 104.18.0.104:0
File type PNG image data, 70 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash b110f67aa10c38896f050395bbe1ce58
41f71f7ceaa09824c1efa8fc910d7f8748c69b78
bf9f2527b4a1842c6be980ec3568782beee2de5d2b496d80b9e9506c95f0e153
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/footer/partner/curacao.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 7822
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: "60fe7973-1e8e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36ebcb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/components/desktop/common/contact/icon-float.png
104.18.0.104200 OK 13 kB URL HTTP/2 f1.one88.top/static/assets/images/components/desktop/common/contact/icon-float.png
IP 104.18.0.104:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 106597fbdb42dda3fe09b887b4cf9a4a
ac9594b48f685e1fcdba41576f41dc8fca84aa60
eebdb17d05815159ddd0ab35e5c211bec9ee502aa0745223882e99a5d905e6bb
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/components/desktop/common/contact/icon-float.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/png
content-length: 13329
last-modified: Tue, 22 Nov 2022 04:47:39 GMT
etag: "637c546b-3411"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d37ed0b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/components/desktop/pages/home/minigame.webp
104.18.0.104200 OK 17 kB URL HTTP/2 f1.one88.top/static/assets/images/components/desktop/pages/home/minigame.webp
IP 104.18.0.104:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0e4c641a47a3d9671b8431c2473980ec
44dc691b66277ef9de26fe43a604ac087ecf3329
1a80d807cc2c53863fbcfb86720edfa32e667bd828632a2264fed9c0da1f6aea
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/components/desktop/pages/home/minigame.webp HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: image/webp
content-length: 16942
last-modified: Wed, 15 Jun 2022 03:25:00 GMT
etag: "62a9510c-422e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:58 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d3ef5db511-OSL
X-Firefox-Spdy: h2
f1.one88.top/bet-img/2022/11/09/popup-promote-pc.webp
104.18.0.104200 OK 151 kB URL HTTP/2 f1.one88.top/bet-img/2022/11/09/popup-promote-pc.webp
IP 104.18.0.104:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1124x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 151 kB (151026 bytes)
Hash 07ab2a126cabc5d17024d9ab80995e03
3a78ab33605eb8136096e0941846ab6a437ababb
7017f76207f7d282707b32eb0c0a0c3385c22435ef30d4fe4558f425f5186e08
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /bet-img/2022/11/09/popup-promote-pc.webp HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: image/webp
content-length: 151026
last-modified: Wed, 09 Nov 2022 03:58:59 GMT
etag: "636b2583-24df2"
access-control-allow-origin: *
cf-cache-status: HIT
expires: Sat, 03 Dec 2022 23:14:58 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d84d72b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/icon-slide-ao.png
104.18.0.104200 OK 3.9 kB URL HTTP/2 f1.one88.top/static/assets/images/icon/icon-slide-ao.png
IP 104.18.0.104:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash d9d20a832cf3286306c87db8cdb70e6c
73c9b87a87b524848e020533b08e76ea461c2117
57ed7e469147429266009edc333f9cbaf23e1a956bf2494ff964eb91e6c5edb8
Analyzer Verdict Alert quad9 Sinkholed
GET /static/assets/images/icon/icon-slide-ao.png HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: image/png
content-length: 3852
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: "62b56799-f0c"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:58 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e7bb511-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=10325227
95.101.10.202101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=10325227
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=10325227 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rvhYhwCbLhSSW1K2T7fPUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: tvuLhTu9C/vXn0sWYYJo7qyZODc=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Sat, 03 Dec 2022 19:14:58 GMT
Upgrade: websocket
Connection: Upgrade
accounts.livechatinc.com/customer/token
95.101.10.171200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 32d47ed431cae9ee88175ad147bef436
94b649a367d47e074c03c11a1e25033fb6714c7e
8e927277a822375db1f982de4c79c3bb152d53ba800720e52865d8ad59834fc6
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Sat, 03 Dec 2022 19:14:58 GMT
set-cookie: __lc_cid=94bea2a9-42e4-4c53-73e6-0908dc821f51; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 03 Dec 2024 19:14:58 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=b8bc25ec952e0a42e62ccb433f35de5780610c7fdf239239b721c9091058767f57e1ee557ed313d46745953a31fda09f8294fa996d7f24a86a438d43ed5a; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 03 Dec 2024 19:14:58 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=94bea2a9-42e4-4c53-73e6-0908dc821f51; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 03 Dec 2024 19:14:58 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=b8bc25ec952e0a42e62ccb433f35de5780610c7fdf239239b721c9091058767f57e1ee557ed313d46745953a31fda09f8294fa996d7f24a86a438d43ed5a; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 03 Dec 2024 19:14:58 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1670094928&tag=27f1f608dde988390e20440b221b765674f0d589; Path=/; Expires=Sat, 03 Dec 2022 19:15:28 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
one88.top/_nuxt/icons/icon_512x512.cb5e90.png
104.18.0.104200 OK 64 kB URL HTTP/2 one88.top/_nuxt/icons/icon_512x512.cb5e90.png
IP 104.18.0.104:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash ac2aaff5cea7013663d9bc41d44570b4
196e35611cae5331bbf33f3bd840fdd1746facfe
178e8786390ead4c4120e5357a3922bc4c43f54462107c159ce0f4193e09b765
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/icons/icon_512x512.cb5e90.png HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: image/png
content-length: 64369
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 09:48:19 GMT
etag: W/"fb71-184ae301c28"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130085
expires: Sun, 03 Dec 2023 19:14:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0daf8d9b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/icons/icon_64x64.cb5e90.png
104.18.0.104200 OK 2.7 kB URL HTTP/2 one88.top/_nuxt/icons/icon_64x64.cb5e90.png
IP 104.18.0.104:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d7c4afc686669554df134ffb702d54d
68bc84031ef070b3da65792ba9276f4a5ef5537c
835f7c5ec827bab5a9a73ad3f1f0bb24df4b0bcd0b0b96d9303a80da6a0aa15f
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/icons/icon_64x64.cb5e90.png HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: image/png
content-length: 2718
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 09:48:19 GMT
etag: W/"a9e-184ae301c27"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 442082
expires: Sun, 03 Dec 2023 19:14:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0daf8dbb511-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 18:41:08 GMT
expires: Sat, 03 Dec 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 2030
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
one88.top/_nuxt/05a3c4f.js
104.18.0.104200 OK 90 kB URL HTTP/2 one88.top/_nuxt/05a3c4f.js
IP 104.18.0.104:0
Hash 8a92d93b260a627f12a8359e7fd7c5fc
4c87a154c14eabde5e235756f35520b0e9b447f5
d7c1a2fd620f91963e8abff672f4de84ebca3a33cbb667a993e0c70a17c62eb2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/05a3c4f.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"d5f-184c6906777"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130085
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0cb6eb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/common/khuyen-mai/chiasebanbe.webp
104.18.0.104200 OK 19 kB URL HTTP/2 f1.one88.top/static/assets/images/common/khuyen-mai/chiasebanbe.webp
IP 104.18.0.104:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 41306b62d83b4275979eac945f4473cd
cf65aa48376aad79d474052eaf92a2493cb5066b
8594a992251d608d5633fe57e3588c12f82bf860bb74131d41048223d768fc77
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/common/khuyen-mai/chiasebanbe.webp HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:59 GMT
content-type: image/webp
content-length: 18666
last-modified: Tue, 21 Dec 2021 03:15:47 GMT
etag: "61c146e3-48ea"
access-control-allow-origin: *
cf-cache-status: MISS
expires: Sat, 03 Dec 2022 23:14:59 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0dc8acab511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/common/khuyen-mai/thuong150.webp
104.18.0.104200 OK 18 kB URL HTTP/2 f1.one88.top/static/assets/images/common/khuyen-mai/thuong150.webp
IP 104.18.0.104:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ad59a9d2896e58bf2c7d88fed15df112
2fd5bbf29d40f79dc50d93b10d3395975bb8f22e
932e1736c07f88b14a4f78023c6d2c793196db2eb19d4274ddccaba9725069e6
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/common/khuyen-mai/thuong150.webp HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:59 GMT
content-type: image/webp
content-length: 17796
last-modified: Tue, 21 Dec 2021 03:15:47 GMT
etag: "61c146e3-4584"
access-control-allow-origin: *
cf-cache-status: MISS
expires: Sat, 03 Dec 2022 23:14:59 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0dc9ae2b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.117.css
104.18.0.104200 OK 19 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.117.css
IP 104.18.0.104:0
Hash d32a9f3776ba1097211b10d63fef47a0
f12c4bf590b975fa2ec74b3d95ffe10d9b7fdc20
8bb298e24bab8036ebac752e8f7a41930a61ae8adfaf1065b0b09c5f919185d8
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.117.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"2875-184c6906776"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0bb4cb511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.50.css
104.18.0.104200 OK 17 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.50.css
IP 104.18.0.104:0
Hash f458dfc2504ebb9939ed1e7f883a1c07
0fda4da30fc19e1d001b26ad662e764f9057d67d
8c06bff97d7eb59913d5e69ab85cfc3bbde20a844e98aedcbb8c7dbb21e1445e
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.50.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"352d-184c690676d"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0bb64b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.524.css
104.18.0.104200 OK 25 kB URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.524.css
IP 104.18.0.104:0
Hash a3cfdf5cce32055e9573ea94fe8ad903
e8eba77285faa10c66e5485c728eec52bd42563d
6c5818943856faa12b2902726c39f48e4d01e331db062a387b3cc7ff6d6d08ea
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.524.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"2317-184c69067b2"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:58 GMT
server: cloudflare
cf-ray: 773ea0dbe9fdb511-OSL
X-Firefox-Spdy: h2
script.hotjar.com/modules.90de377b639fd5b933d2.js
143.204.55.46200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.90de377b639fd5b933d2.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 8766036825574dfbddbfc197bd098f6b
3c6087743e1b23d7f071f66d65bec1fdb143a2c2
89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CRnsSTZHwCePQ8f1i5XtlbCICkALVfd_PVSyPlO0PKi8__a_zoDt1w==
age: 193073
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/logo-footer.svg
104.18.0.104200 OK 15 kB URL HTTP/2 f1.one88.top/static/assets/images/footer/logo-footer.svg
IP 104.18.0.104:0
Hash f93ab3ce3847b63345f6d4f9e46bab84
a4ff034581828d89b6c1c45e7d22e54d90c68dfb
e33ec7500ca3eeb58b70a451899a1ea6b980b4c58883c6c5f22352805192b5d9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/logo-footer.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-52cc"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d34e80b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/0e57053.js
104.18.0.104200 OK 1.3 kB URL HTTP/2 one88.top/_nuxt/0e57053.js
IP 104.18.0.104:0
Hash 2afc76f2bdb557c557b7bba36e42254e
37a36f1a90b1c122745d0d1c0f8520208ccd7454
b0ed15a4775195c5ae0294a5176be08c16450671421a1884cc5bffcd04b145e3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/0e57053.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"585-184c69067b2"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:59 GMT
server: cloudflare
cf-ray: 773ea0dbd9eab511-OSL
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2502819.js?sv=7
143.204.55.54200 OK 5.8 kB URL HTTP/2 static.hotjar.com/c/hotjar-2502819.js?sv=7
IP 143.204.55.54:0
File type ASCII text, with very long lines (5909)
Hash c20c483fc316123807ad5e4c73674892
c1b44a168ab74f2d108e975c258c8e25823a7d72
bd7cc872baecef2222f920ca48d9076ac6075bf9105121c46d6396983ba5f34d
GET /c/hotjar-2502819.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 19:14:57 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/941cf54978f051788203ae2cc881e93e
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v_Kc4l2QRfs_KjCOU2it7j8XtJieyx_da1_Nj4PoHlr-EIGGqvG72Q==
age: 1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-190837119-1&cid=2016304686.1670094896&jid=341493350&_u=YEBAAEAAAAAAACAAI~&z=1217516698
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-190837119-1&cid=2016304686.1670094896&jid=341493350&_u=YEBAAEAAAAAAACAAI~&z=1217516698
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-190837119-1&cid=2016304686.1670094896&jid=341493350&_u=YEBAAEAAAAAAACAAI~&z=1217516698 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 19:14:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/components/desktop/notification/icon-ring.svg
104.18.0.104200 OK 733 B URL HTTP/2 f1.one88.top/static/assets/images/components/desktop/notification/icon-ring.svg
IP 104.18.0.104:0
Hash 990bbe8f51be8c052d69196beb87dfa1
f6984307aa1d755ea7605a0c727eb6425c356003
cb6558ebb1005c3200fb86fbb5021f01a629a5418792aa4c9296559a366b176f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/components/desktop/notification/icon-ring.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Wed, 11 May 2022 02:46:31 GMT
etag: W/"627b2387-58e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d2fe21b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 19:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
one88.top/sw.js
104.18.0.104200 OK 2.0 kB IP 104.18.0.104:0
File type ASCII text, with very long lines (1282)
Hash 2421a58c488c30b9c1d7e20995a68baf
57942efafcb0f910c8a7f1d10a03b87813575d52
daea91f43feb4824a86c4c9ea08aaa75c67742e61d5836b86179c458e80feb75
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /sw.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:15:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
last-modified: Wed, 30 Nov 2022 03:22:32 GMT
etag: W/"e6e-184c68eb7ab"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sat, 03 Dec 2022 23:15:00 GMT
server: cloudflare
cf-ray: 773ea0e2daebb511-OSL
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/workbox-cdn@5.1.4/workbox/workbox-core.prod.js
151.101.65.229200 OK 2.8 kB URL HTTP/2 cdn.jsdelivr.net/npm/workbox-cdn@5.1.4/workbox/workbox-core.prod.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (6830)
Hash 290b00ca1bf508fff6c0bbdcc5106143
d372312a21a49b6bf2bca6ccf5799152a2700a9c
279b550f87c21ba380c4cdd9816510964f70aa956cc7f2a5bf72ed57c56b39f0
GET /npm/workbox-cdn@5.1.4/workbox/workbox-core.prod.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.4
x-jsd-version-type: version
etag: W/"1ab0-9tty1kVd5UTQZVQ2qr62tfvejs4"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 19:15:00 GMT
age: 22618016
x-served-by: cache-fra19178-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2808
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 5310711406a520c33f23cd8bf4047e06
56a9722a1dcb7e55f85d96ca7b9ff655aee391cd
2c2df5a50619489e0d6864373fdd4929478242c86a8c3db51013c5077cfc7766
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 19:15:00 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "DEDFA2917C3ADBB9F83E4D7FEC516DB8D56C3C10"
Expires: Sun, 04 Dec 2022 06:00:00 GMT
Last-Modified: Sat, 03 Dec 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1242
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ea0e6e91f1c0e-OSL
one88.top/_nuxt/6a121a4040d9f64add46.57.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.57.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.57.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"7d87-184c690676e"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:57 GMT
server: cloudflare
cf-ray: 773ea0d0bb3db511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.58.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.58.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.58.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"86a8-184c690676f"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:57 GMT
server: cloudflare
cf-ray: 773ea0d0bb43b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.519.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.519.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.519.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:59 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"28eb-184c69067b1"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:59 GMT
server: cloudflare
cf-ray: 773ea0dbd9d6b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6faeafe.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6faeafe.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/6faeafe.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"533f-184c690678b"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8986ab511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/fonts/icomoon.1805a53.eot
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/fonts/icomoon.1805a53.eot
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/fonts/icomoon.1805a53.eot HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: application/vnd.ms-fontobject
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"13660-184c6906767"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8a882b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/components/desktop/common/contact/icon-phone.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/components/desktop/common/contact/icon-phone.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/components/desktop/common/contact/icon-phone.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Apr 2022 06:58:36 GMT
etag: W/"6247f41c-99e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d37ec9b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/d4cf3c2.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/d4cf3c2.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/d4cf3c2.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"473-184c6906770"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0cb73b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/hogaming.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/hogaming.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/partner/hogaming.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-1fbd"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36eb9b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/techplay.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/techplay.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/partner/techplay.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-23a0"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35eb0b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/fb.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/fb.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/partner/fb.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-230"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36ec2b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39721372820460343:1670091677:oiE7ijP9jIxZ_MhAzqEWmQl4SlmdOChUcCCjTCyxc2A/773ea0b4fe89b511/f39efe499dca782
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39721372820460343:1670091677:oiE7ijP9jIxZ_MhAzqEWmQl4SlmdOChUcCCjTCyxc2A/773ea0b4fe89b511/f39efe499dca782
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.39721372820460343:1670091677:oiE7ijP9jIxZ_MhAzqEWmQl4SlmdOChUcCCjTCyxc2A/773ea0b4fe89b511/f39efe499dca782 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/
Content-type: application/x-www-form-urlencoded
CF-Challenge: f39efe499dca782
Content-Length: 1599
Origin: https://one88.top
Connection: keep-alive
Cookie: cf_chl_2=f39efe499dca782
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:53 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: F7Fwo4ItrpnVetp4y0xBUrG4+3jhiE2CMvt2XrO+m42hgEuyuuUODuA/DqrtK0g7cwKFXnOtqWaF4ZC38TnFE/q4BASPg35MVbn4I6feaF0GxfRkHtWAEhbWcQpLHkXBMKWK++hhUt/r8YIB7OBwfVIFmTYpMP1mY412MO7EJJGXc6n0TWVdexd5ZNRTy754KA3Ka41yrjXaSqXTAo7wHs45F6y4b4rkpguNdXO7CYUm/4Ye8Xrb18vwT8+cS04y7phdk816tFwtBfGm6M3u2RTxo63PX8sxjQhWyfdsgeghGCS9crLlyxaZG6ON46XUkLbxhjdfw0dbxljnHh0iUA==$8Qzpxx9e7Vx4Vvr2zUtyCQ==
server: cloudflare
cf-ray: 773ea0b90c00b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/vp-bank.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/vp-bank.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/bank/vp-bank.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Tue, 21 Dec 2021 03:15:47 GMT
etag: W/"61c146e3-2a30"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35e8fb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.124.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.124.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.124.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"1fc7-184c6906777"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0cb6cb511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/cfcb6f4.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/cfcb6f4.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/cfcb6f4.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"915-184c6906777"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0bb61b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/ee2f524.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/ee2f524.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/ee2f524.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"5a08-184c6906767"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:57 GMT
server: cloudflare
cf-ray: 773ea0d0ab37b511-OSL
X-Firefox-Spdy: h2
one88.top/cdn-cgi/styles/challenges.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/cdn-cgi/styles/challenges.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:52 GMT
content-type: text/css
last-modified: Wed, 30 Nov 2022 18:31:22 GMT
etag: W/"6387a17a-1896"
server: cloudflare
cf-ray: 773ea0b6c91eb511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 03 Dec 2022 21:14:52 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/eabffc1.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/eabffc1.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/eabffc1.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"4b6-184c69067b2"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0c8a890b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/a2ba5c4.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/a2ba5c4.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/a2ba5c4.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"c98-184c690676e"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130085
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0cb66b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6bdf918.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6bdf918.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/6bdf918.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"269f-184c690676f"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:58 GMT
server: cloudflare
cf-ray: 773ea0d0bb48b511-OSL
X-Firefox-Spdy: h2
one88.top/?standalone=true
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/?standalone=true
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /?standalone=true HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/sw.js
Connection: keep-alive
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1; _hjSessionUser_2502819=eyJpZCI6IjBlOGZkYTQ0LTliZDktNTYzMi1hMWViLTUyYjg5MTg0OGVlMCIsImNyZWF0ZWQiOjE2NzAwOTQ4OTc1MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2502819=eyJpZCI6IjI1MDllZWUyLTYxMjAtNGIxOS1hMzIwLWM3NzYzMGY2OWMzMyIsImNyZWF0ZWQiOjE2NzAwOTQ4OTc1MzMsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:15:00 GMT
content-type: text/html; charset=utf-8
set-cookie: isShowReferralAlert=; Path=/
device=desktop; Path=/
os=desktop; Path=/
domain=https%3A%2F%2Fone88.top; Path=/
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 773ea0e7fa5eb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.526.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.526.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.526.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"2317-184c69067b2"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:58 GMT
server: cloudflare
cf-ray: 773ea0dbd9e8b511-OSL
X-Firefox-Spdy: h2
one88.top/cdn-cgi/challenge-platform/h/g/img/773ea0b4fe89b511/1670094892984/8LmPwarGvCDbCm1
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/cdn-cgi/challenge-platform/h/g/img/773ea0b4fe89b511/1670094892984/8LmPwarGvCDbCm1
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/g/img/773ea0b4fe89b511/1670094892984/8LmPwarGvCDbCm1 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/
Connection: keep-alive
Cookie: cf_chl_2=f39efe499dca782
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:54 GMT
content-type: image/png
server: cloudflare
cf-ray: 773ea0c35a36b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.app.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.app.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.app.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"c285b-184c690677d"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130087
expires: Sun, 03 Dec 2023 19:14:55 GMT
server: cloudflare
cf-ray: 773ea0c8a880b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/750304f.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/750304f.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/750304f.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 04:50:37 GMT
etag: W/"576a-1849dac7c3a"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 803828
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0ab30b511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/97c0967.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/97c0967.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/97c0967.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"3e17-184c690676f"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130085
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0bb3fb511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/59cbaa4.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/59cbaa4.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/59cbaa4.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 07:50:15 GMT
etag: W/"6e7-184bd371737"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0bb4fb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/components/desktop/common/contact/icon-promotion.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/components/desktop/common/contact/icon-promotion.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/components/desktop/common/contact/icon-promotion.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Apr 2022 06:58:36 GMT
etag: W/"6247f41c-998"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d37ec7b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/4d9d310.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/4d9d310.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/4d9d310.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top; notify_541=true; _ga=GA1.2.2016304686.1670094896; _gid=GA1.2.1505246145.1670094896; _gat_UA-190837119-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"585-184c69067b2"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 03 Dec 2023 19:14:59 GMT
server: cloudflare
cf-ray: 773ea0dbe9f8b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/icon/label-jackpot.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/icon/label-jackpot.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/icon/label-jackpot.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Fri, 24 Jun 2022 07:28:25 GMT
etag: W/"62b56799-23ec"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d33e5cb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/api/v1/game?display_type=22
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/api/v1/game?display_type=22
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api/v1/game?display_type=22 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-powered-by: Express
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9996
x-ratelimit-reset: 1670095113
etag: W/"294-tU9oRUP+kehmIYUHxB7ttvRryIA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 773ea0d3df4bb511-OSL
X-Firefox-Spdy: h2
one88.top/_nuxt/6a121a4040d9f64add46.2.css
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/6a121a4040d9f64add46.2.css
IP 104.18.0.104:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/6a121a4040d9f64add46.2.css HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"30a9-184c6906767"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0ab35b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/bank/bank_shb.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/bank/bank_shb.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/bank/bank_shb.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 03:22:08 GMT
etag: W/"6386cc60-26ce"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d35eaeb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/abd5faa.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/abd5faa.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/abd5faa.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"f1c-184c6906775"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0cb6bb511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/ezugi.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/ezugi.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/partner/ezugi.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-2407"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36eb7b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/components/desktop/common/contact/icon-tele.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/components/desktop/common/contact/icon-tele.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/components/desktop/common/contact/icon-tele.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Apr 2022 06:58:36 GMT
etag: W/"6247f41c-6fd"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d37ecab511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/components/desktop/common/contact/icon-chat.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/components/desktop/common/contact/icon-chat.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/components/desktop/common/contact/icon-chat.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Apr 2022 06:58:36 GMT
etag: W/"6247f41c-517"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d37ecfb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=773ea0b4fe89b511
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=773ea0b4fe89b511
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=773ea0b4fe89b511 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/?__cf_chl_rt_tk=YpRz4Grqo4HHMGosggePZmL9OyiojYiDaO3VsTzxXQc-1670094892-0-gaNycGzNCCU
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:52 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 773ea0b749beb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:55 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0c8b891b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 05 Dec 2022 19:14:55 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/evolution-gaming.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/evolution-gaming.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/partner/evolution-gaming.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-4637"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36eb3b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/ag.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/ag.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/partner/ag.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-4ff"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36eb5b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/khuyen-mai/
104.18.0.104503 Service Unavailable 0 B IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /khuyen-mai/ HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 503 Service Unavailable
date: Sat, 03 Dec 2022 19:14:52 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0b4fe89b511-OSL
X-Firefox-Spdy: h2
one88.top/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39721372820460343:1670091677:oiE7ijP9jIxZ_MhAzqEWmQl4SlmdOChUcCCjTCyxc2A/773ea0b4fe89b511/f39efe499dca782
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39721372820460343:1670091677:oiE7ijP9jIxZ_MhAzqEWmQl4SlmdOChUcCCjTCyxc2A/773ea0b4fe89b511/f39efe499dca782
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.39721372820460343:1670091677:oiE7ijP9jIxZ_MhAzqEWmQl4SlmdOChUcCCjTCyxc2A/773ea0b4fe89b511/f39efe499dca782 HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://one88.top/khuyen-mai/
Content-type: application/x-www-form-urlencoded
CF-Challenge: f39efe499dca782
Content-Length: 16571
Origin: https://one88.top
Connection: keep-alive
Cookie: cf_chl_2=f39efe499dca782
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_ni=;Expires=Fri, 02 Dec 2022 19:14:54 GMT;SameSite=Strict
cf_chl_out: olWSi7Mki+pRQxd3p+7VXyVUdA4IyC9I2F0RXuDsGwU2a/J8uxBlaVDoX7zlRsc+IdCc8AuPI2o4e98f/v+k/g==$6bvKSmTugYS+J9AzCnDmow==
cf_chl_out_s: NnoALU/p9v81FLbwbIuztvtFnKFAwXJi9FiZ4WEaenBIQxinOuI4AA4oKk64wSfCV5cwNUgr3WPXT79ca1uwU+AUkNA4eHWqbukQtr6EHspZa7l/HW1DKz+JIpbMQ308H7Tc8Ze8YtzJvYPVL+JWRg==$wbQRf0xrOCDZKRyKFBJM+Q==
server: cloudflare
cf-ray: 773ea0c42b2cb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
one88.top/_nuxt/fd7e007.js
104.18.0.104200 OK 0 B URL HTTP/2 one88.top/_nuxt/fd7e007.js
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /_nuxt/fd7e007.js HTTP/1.1
Host: one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/khuyen-mai/
Cookie: cf_chl_2=f39efe499dca782; cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150; isShowReferralAlert=; device=desktop; os=desktop; domain=https%3A%2F%2Fone88.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 03:24:23 GMT
etag: W/"33c3-184c690676f"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130086
expires: Sun, 03 Dec 2023 19:14:56 GMT
server: cloudflare
cf-ray: 773ea0d0bb44b511-OSL
X-Firefox-Spdy: h2
f1.one88.top/static/assets/images/footer/partner/youtube.svg
104.18.0.104200 OK 0 B URL HTTP/2 f1.one88.top/static/assets/images/footer/partner/youtube.svg
IP 104.18.0.104:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/assets/images/footer/partner/youtube.svg HTTP/1.1
Host: f1.one88.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://one88.top/
Cookie: cf_clearance=VtpUBNI6vBNW_Hai8oI1V.npSa5anWjqFcaBtCMRb8Q-1670094894-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 19:14:57 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jul 2021 08:59:31 GMT
etag: W/"60fe7973-66e"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 03 Dec 2022 23:14:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ea0d36ec4b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2