Report - www.lfun88.com/cn/mobile/

Report Overview

Submitted URL
www.lfun88.com/cn/mobile/
IP
172.65.244.226
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-29 15:15:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.62.124
www.lfun88.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	372 kB	172.65.244.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	54 kB	34.120.237.76
gateway-idcf5.lfun88.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	1.7 kB	172.65.244.226
analytics.gavelz.com	639235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	392 B	172.65.244.226
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
cache.f866u.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	158 kB	172.65.244.226
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.9 kB	172.64.155.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	www.lfun88.com/cn/mobile/	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/webp/logo.webp	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/js/Piwki.js?v=3.0	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/img/usdtm.webp?imwidth=384	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/img/P5/FooterMenu/fun-hover.svg	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/img/P5/FooterMenu/userinfo.svg	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js	Phishing
2022-11-29	medium	www.lfun88.com/cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	www.lfun88.com/cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js	11 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash b476a79e3cbb4da632f1e123167727f2 f9d3e4c6d515559f9cf71a0c8229639646c3a468 ca03cc89e522c33e5c403cd570c8c07a894d4e43f60c8fae45ae19cd26481b44 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js	32 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 1f8912318f07ee2098a53e66db084b0d 40caa02e5a15b5bc694e4d5efd462bf3afee1b06 994cd5e2af5321d498c614404cf9950fe3e8cb04aee02e53c7049f51ef1a9e40 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/6110.c23a6b8088088e9f.js	7.4 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/6110.c23a6b8088088e9f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash b631a29e0b198cfe94b864a09dac8596 b6bd86249cf9f4b4d0efb3509e7d90cad1c2697e 047abe63f34e40edb0fb44a667bf0acede0d4761bf8ea2b880f321d7e4586c5c Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js	104 kB	2023-03-11	2023-06-18
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-06-18 17:58:22 Times Seen5 Hash bc891b16e2b4cdee199accd8da0aaf31 67bcdda4f28cfee056f5689556664b9d942cf802 1e453570618d7afc2a3e52297b4fff94333918f71120e28371eac386336d4574 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js	9.6 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash b01ef1a34b2167085a530f45750ce2bf 85d00d03b93a4fdd7012065a606d62650748d3eb 2eff239f3d6285b95db33576f2f3f5b261df1faaa9c4948e7d1d51b08130df6d Loading...

	www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js	17 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 8c65ad9b28a89dca92bbcc531117248b 1da432055da8dace4dfebb90717c988c48bee0ff a1291260fada3b743179d1e2febe4848f447bb7e505d540179331a5c8cd9bb00 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js	51 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash aafb275a284eb246edd1d289b1ecec3a 1a68d015930d8156a7f498b97c7ad56ecad573a3 c04197500b03c686fe78365690c97cb7bee57f0ef3893373c6f75d429115db1c Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js	14 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 230fbcfbe283503e916ca3eb78cf638e b2db85d1be88b32fe3241ec1e64d9f7b5ad6d544 cd08742f10119b8a42c25549c8866e88d63e0cf20878a598981d934533898990 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js	39 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 90f53092063cdd3c9fa2d37d65bc02da 5e25be0b551846027a70d91f2d413287462cd888 e9e3a204eba4cb9d987e8e365f783ad7a842b724a14736a6079ff9463556f1da Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js	59 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 579098ec204947723b1dbe174003efca bc46460966249ae7127f1c98992d672600d16ff9 443f8ae75faec8f3ad240f1a8e5c55f9cd1dc2fd448b0cb6da7561c5b34fdb84 Loading...

	analytics.gavelz.com/containers/86cde5a5-9489-4270-836d-a073944a3de3.js	216 kB	2023-03-11	2023-03-11
Pretty URL analytics.gavelz.com/containers/86cde5a5-9489-4270-836d-a073944a3de3.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 9881cbd5933739fdee152553377da372 ea090b5b46c5c5b240b21ccfbcc1d25980810cbb 81c41fde0c63f0e7f938d8e6ec872b7b89430423e441aa21385371afbe014780 Loading...

	www.lfun88.com/cn/mobile/	621 B	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/ IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash dbcee3a60722dfe3aeb7922da85791c8 2bd9d8946c86902413a5407ed2aefdcda7ab73af efedc930e1f08981547522f4bcfe8440c6aae5b9378b640f81f9d6826b371fc5 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js	7.9 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 4e66da6028d2636220a572c5472010dd c4f6001b0bdb602c5ba43e36bf1c5f767d274f30 86afe527f9f47b6d0ae54054abcd7a188a487dfbe723600296598dd6d870897d Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js	12 kB	2023-03-11	2023-06-18
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-06-18 17:58:21 Times Seen2 Hash 0ee92ef4bba02cee5a29714a0b5bd79b ba6a8c4662494f8c8c68fb233841f3cec059744e 16c8abc32a13657493a7d1de27545fcc8238bae2712c2fcb92a14ae23db91f92 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/6357.1c757ca24b14779f.js	6.9 kB	2023-03-11	2023-06-18
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/6357.1c757ca24b14779f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-06-18 17:58:21 Times Seen3 Hash e8fcd79eeb3d0bfdf2f75a9ddba4c934 38b214d849431c3ffbf690bbd450b7cdec689519 7d6d3f169692d42cc3b61f507b3a5054716c37119c4a446e13669e1af8979426 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/1392.2d8b36675863f7f7.js	61 kB	2023-03-11	2023-06-18
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/1392.2d8b36675863f7f7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-06-18 17:58:22 Times Seen3 Hash 0d26ed136625a3dcd7b45451b4ac1d25 87299b65f9a930c5e6eb91ef2e5c1ac4d68f0ec0 61597e8342e29612f90eef52397e3fd5a25618255e591827613873c52ca110c7 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js	6.5 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash f3c4b5c6b6aeec6c7151a1b633bdc2ae 1359820aad77f523c7cf476ceebadc23ca9aa768 1c254a7d42b19840a51b64752f29da4822e215967f5bb87b2941d3ba9828b732 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js	39 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 14ccd391c77d592e0678b5dd788c4944 744b2cf477b24cb3de47c5aa55c1df79ca1ff76c 4974abbf37d2013a608763c280b6712aa3d081a2e7392518c7882901b72d0d0a Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js	149 kB	2023-03-11	2023-06-18
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-06-18 17:58:22 Times Seen4 Hash e5938896a848c9f04c0be8773c2b11ed e4a3147599d42cd05f4a7c9fe7e8dced52384567 3dba107e86b8a1064086faac85a01259ee715a2c420cd0be1e8ea8f8b6985512 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js	216 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 4f37bce7191e840f6cb55a6883cff6bf bed3f1be2477fd10f2c409e79db21c762608a029 a3b485e74b56cfa8391b2f6e61866acdfb3841397ca30df37c5840dacf235e4c Loading...

	www.lfun88.com/cn/mobile/js/Piwki.js?v=3.0	3.6 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/js/Piwki.js?v=3.0 IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash d9d5f031e37b0df7b6ed4385f4451a8a e740284931a17c314a8b1d12972a43e7bc7aa3b6 0258493f4c094a4aae1e2a6e780146cd5af3a0eea20b0dcf14fb270461e6b8b0 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js	70 kB	2023-03-11	2023-06-18
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-06-18 17:58:22 Times Seen3 Hash b50511cf9ee7ecd21d54a9cc10d7b445 b7d6d66d31747d00bbaf5d278b552ca97621c9eb f4f943ddc6195de5715942da6e29678837e0d18c465f7adaeb9b4123bd12a733 Loading...

	www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js	92 B	2023-03-07	2024-04-26
Pretty URL www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-26 10:36:37 Times Seen7657 Hash 7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/8943.ed41728530d90167.js	9.3 kB	2023-03-11	2023-06-18
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/8943.ed41728530d90167.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-06-18 17:58:22 Times Seen4 Hash 2d1b586a5ab53eddd05a64d4b725c092 e240f51959a730ded8039c01ecd4622478cc55c0 66134a48bd53a4340c6f80839469d2e6674771a8e9136eb9ecc9de10ee1e8b18 Loading...

	analytics.gavelz.com/ppms.js	71 kB	2023-03-07	2023-09-18
Pretty URL analytics.gavelz.com/ppms.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:44 Last Seen2023-09-18 16:25:14 Times Seen8 Hash d578b5b04d0b3c3bb5df28b3214881a8 e5520561401f17b0140624d74def2afb5e105890 30a36b85d2f698e46249c684712f34ecb6ef7459eea6a8e1b340e464270cb0d9 Loading...

	www.lfun88.com/cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js	13 kB	2023-03-11	2023-03-11
Pretty URL www.lfun88.com/cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:27:27 Last Seen2023-03-11 22:27:27 Times Seen1 Hash 4a944f3a353a2af5c5c1aa9430001d68 f388351a1081adc078d44f5d054d70c6b5a2dbaf eaca923f739e039b546dacaebd8a1509216d5bbf3d47b3a0eb08eea47aa9d603 Loading...

	www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js	76 B	2023-03-07	2024-04-20
Pretty URL www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js IP 172.65.244.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:07 Last Seen2024-04-20 07:19:07 Times Seen777 Hash 5352cb582146311d1540f6075d1f265e cbe5dad683f4f887122db6f6d343aa8ba41dee8b e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960 Loading...

HTTP Transactions (63)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13043
Expires: Tue, 29 Nov 2022 18:52:20 GMT
Date: Tue, 29 Nov 2022 15:14:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3802
Cache-Control: max-age=159576
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:14:57 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:34:33 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 14:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3422
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2849
Expires: Tue, 29 Nov 2022 16:02:26 GMT
Date: Tue, 29 Nov 2022 15:14:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: y3aqAEtsPrT1R7MJqW5UXML8Q6mqmWb1P6EMhA8ZpTbDfWBZEgckWSSg6djz427im1bJu3MLijo=
x-amz-request-id: KKAYWGDSE0W432T5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 14:42:32 GMT
age: 1945
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:14:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 15:10:05 GMT
cache-control: public,max-age=3600
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 292
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:14:57 GMT
Last-Modified: Tue, 29 Nov 2022 14:19:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.39.62.124

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.62.124:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L1RfAsxt0L3iytz86X0IPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D+BJZDEY3EhU0GSkZSKuXx4y9Is=

www.lfun88.com/cn/mobile/

172.65.244.226

302 Moved Temporarily

140 B

URL HTTP/1.1
www.lfun88.com/cn/mobile/
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
1c19d4aea6551ea8b4e65bad8054428e
89d0f0643aef807f0a8586136e9dfed28086c830
dccf3e46c03e0825f3c3fd218743a276d251e198338b904ee088ff1badcfeb83

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/ HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Date: Tue, 29 Nov 2022 15:14:58 GMT
Content-Type: text/html
Content-Length: 140
Connection: keep-alive
Location: https://www.lfun88.com:443/cn/mobile/
Server: gocache

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:43:20 GMT
age: 59499
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 44022
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 62691
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 44367
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 62162
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 37358
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/webp/logo.webp

172.65.244.226

200 OK

1.6 kB

URL HTTP/2
www.lfun88.com/cn/mobile/webp/logo.webp
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1564 bytes)
Hash
323b242ac4b9225f1f674676085d45fd
5c4f68a61b949051db41435cb4e735055743ae11
17c744991f525e8894f5040ca38cab1aaed6d1347da723277e37594bc1bcc7e9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/webp/logo.webp HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: image/webp
content-length: 1564
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: "6383e5cc-61c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
server: gocache
c-type: st
rid: b3d3ade58efe72d495dbfe24c33b15b6
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/js/Piwki.js?v=3.0

172.65.244.226

200 OK

6.3 kB

URL HTTP/2
www.lfun88.com/cn/mobile/js/Piwki.js?v=3.0
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.3 kB (6301 bytes)
Hash
46aebc32eff2367e8e7249096939cffc
c5015bf3a6016783de4aabef24149441ea1b37b5
05bba35968175f358dbff1a4b3baa7f1242ea63e2fa805f2dcb1a16e161ea025

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/js/Piwki.js?v=3.0 HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: W/"6383e5cc-e04"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 7717fdbf13b215726e0fd2f10fdfabd5
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js

172.65.244.226

200 OK

9.3 kB

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
9.3 kB (9295 bytes)
Hash
6fcdb68c052b9b9f8481263f628128a9
213798a84c41b0ef625ec271f0ed0cc277fa771d
a8755b9bf4cac1da0055ba621b234dedaf41c7f79a7153b6a0ea527a9e5edf13

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-1ec1"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 8ac17e5daec7d649bfcaeb31e5d48527
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js

172.65.244.226

200 OK

13 kB

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
13 kB (12879 bytes)
Hash
7ad531086197f703982141b5003a2081
c0f44ec20457f63b6c3fdcd3c149dc1782d8d13b
885c0c86cad0ff835391c99f7439e64589036d8f58b8bf433d2a74dfa7899bbe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-4158"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: c31ed859d6eadbbd82f2ac93e17d96e3
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js

172.65.244.226

200 OK

22 kB

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
22 kB (22131 bytes)
Hash
13462e73b036a405f2ddb5fe12f6638d
a3554c21fde2bc25b567e601347b287258759d76
d5025fb21ff1a22750a5c2131573d8e0dfc55e1475c45647fc59cfd91a766d38

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-5c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 5d1522019fb22b7537f491f0615e778d
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/img/usdtm.webp?imwidth=384

172.65.244.226

200 OK

67 kB

URL HTTP/2
www.lfun88.com/cn/mobile/img/usdtm.webp?imwidth=384
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
67 kB (66880 bytes)
Hash
9a73a5c5791512d5093eee7f797d0826
8549bfce7171b248ae737fcdc5c70ecaba326f39
a3ba2b8ef619c82c8cf7b3615cf51e01580de4fb046005b355ea9f3550eb8a05

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/img/usdtm.webp?imwidth=384 HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:02 GMT
content-type: image/webp
content-length: 66880
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: "6383e5cc-10540"
expires: Tue, 29 Nov 2022 15:20:02 GMT
cache-control: max-age=300
nginx-location: resource
server: gocache
c-type: st
rid: 0f55bceb08f30ca1813c70a822acbeaa
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js

172.65.244.226

200 OK

121 kB

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
121 kB (120924 bytes)
Hash
25f4c06b0ab2feaabf55e44c64e01b59
ba7bf215efa1d5406047cb2cf58f2de531b5192a
c778274a13123d146f2c8936e91bd4f86021a89a7c40a167db7a06e1002ad001

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-34ae0"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e541e7cd64bb7153821ddb7a288e053f
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile

172.65.244.226

204 No Content

0 B

URL HTTP/2
gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token,x-bff-key
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:03 GMT
access-control-allow-headers: content-type,culture,token,x-bff-key
access-control-allow-methods: GET
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 03a817f5d9afb6ee8bd94182d53b2c6d
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/img/P5/FooterMenu/fun-hover.svg

172.65.244.226

200 OK

712 B

URL HTTP/2
www.lfun88.com/cn/mobile/img/P5/FooterMenu/fun-hover.svg
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (455)
Size
712 B (712 bytes)
Hash
714db202458dd625388dd2dc72f7b010
a97af4f8c6109e0f3324941885db989e8583a90a
7ce24580770d088006d7a8d77d15eac9d020b6b295afd12701a1cf151aabb476

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/img/P5/FooterMenu/fun-hover.svg HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:01 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-5ab"
expires: Tue, 29 Nov 2022 15:20:01 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: fe22480b6cce5e7fb5e84aa12b5f42c6
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/css/5c6ab1122b579b7d.css

172.65.244.226

200 OK

108 kB

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/css/5c6ab1122b579b7d.css
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Size
108 kB (107644 bytes)
Hash
62ec9aa301f75146e45285956511d3f1
ae46aeb3f2724d7b43fa0a48e3b7dd07a0a66094
34558ae54736cda4cb24b56d45e23ff246f9aff670d9ba7df4128166c7d042a3

HTTP Headers

GET /cn/mobile/_next/static/css/5c6ab1122b579b7d.css HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-7d84c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: f33e209200bdc6e8220d968fdc20d0cb
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js

172.65.244.226

200 OK

4.3 kB

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13149), with no line terminators
Size
4.3 kB (4261 bytes)
Hash
d78caf1be3987c8efcc191daf94f66b9
6c4e4ee0d42432f0fa74e38af8a1b31d8bdbb2d9
74d2df92c62978345af8100190e27ac5a57d8d1f79d72b928aa169c400bcc0e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-335d"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: f88f5ae82b02a6ab21977085a60cf18b
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js

172.65.244.226

200 OK

5.4 kB

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13838), with no line terminators
Size
5.4 kB (5383 bytes)
Hash
adba943ff700bc8e5c3e6eb6ac645801
2e84aa15734269b9793ee0d8981a08c9142f47ee
23555dc7a212f7225012b8e5bb1edf59706cc889093c638d1facb2990ed3f6e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-360e"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 141fc2c52a51a2b8910aa3523c44848b
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

cache.f866u.com/zh-hans/api/v1/app/game-category

172.65.244.226

200 OK

1.0 kB

URL HTTP/2
cache.f866u.com/zh-hans/api/v1/app/game-category
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (3608), with no line terminators
Size
1.0 kB (1007 bytes)
Hash
975d105c12a440b6c9fbdc5c4d712c6b
64715db08e7f6d175a6eabd1ca9620b7deebf759
e2494b4f3ad144401d791c8d67738899603ba8ccf90fe283d077a6c37c77bd93

HTTP Headers

GET /zh-hans/api/v1/app/game-category HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json
content-length: 1007
germain-cache: HIT
apigw-requestid: cXo-yh57nUYEJcA=
access-control-allow-origin: *
germain-cache-created-expired: 2022-11-29 14:13:33.607434_2022-11-29 15:53:33.607434
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
cache-control: no-cache
x-ua-compatible: IE=edge
content-language: zh-CN
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
access-control-expose-headers: Content-Length,Content-Range
server: gocache
c-type: df
rid: 3dafa3673214bc4775efc07aadf9489d
X-Firefox-Spdy: h2

gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile

172.65.244.226

204 No Content

0 B

URL HTTP/2
gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token,x-bff-key
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:04 GMT
access-control-allow-headers: content-type,culture,token,x-bff-key
access-control-allow-methods: GET
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 0c6343287feb9252235e7b841c0967e5
X-Firefox-Spdy: h2

cache.f866u.com/zh-hans/api/v1/app/game/provider/123

172.65.244.226

204 No Content

0 B

URL HTTP/2
cache.f866u.com/zh-hans/api/v1/app/game/provider/123
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /zh-hans/api/v1/app/game/provider/123 HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:04 GMT
germain-cache: HIT
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
apigw-requestid: cXo-1i-jHUYEJGw=
germain-cache-created-expired: 2022-11-29 13:39:05.015078_2022-11-29 15:19:05.015078
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 56ca2b15e5673fe967f9e7411cae2177
X-Firefox-Spdy: h2

cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_feature?login=before&displaying_webp

172.65.244.226

200 OK

150 kB

URL HTTP/2
cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_feature?login=before&displaying_webp
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (452), with no line terminators
Size
150 kB (149723 bytes)
Hash
4b7b5ab98cbbb4b5225a29c0e5dd1669
8c45feabbfd81de1754759723fe3391c55bf2789
557773174d820931a344fc3780db54d7121686c4c5c4dd5f359f7b01af357d25

HTTP Headers

GET /zh-hans/api/v1/app/webbanners/position/home_feature?login=before&displaying_webp HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json
vary: Accept-Encoding
x-content-type-options: nosniff
germain-cache: HIT
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
content-language: zh-CN
cache-control: no-cache
x-ua-compatible: IE=edge
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
germain-cache-created-expired: 2022-11-29 15:10:25.645995_2022-11-29 16:50:25.645995
apigw-requestid: cXo-yh7IHUYEJ6A=
server: gocache
c-type: df
rid: 2f6899406dc2ba7f87c101a8df955092
content-encoding: br
X-Firefox-Spdy: h2

cache.f866u.com/zh-hans/api/v1/app/game/provider/123

172.65.244.226

200 OK

777 B

URL HTTP/2
cache.f866u.com/zh-hans/api/v1/app/game/provider/123
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (3410), with no line terminators
Size
777 B (777 bytes)
Hash
d4137989c9b41e39bc0fa4280bd12fb7
4a86fe01ddc21f57c859e7ff87980b90f5b2e3f3
c71ff9fb2872c0b5f1b06a0b148187fc4e4d4d25dd0e375be2a3e2c3100f4c05

HTTP Headers

GET /zh-hans/api/v1/app/game/provider/123 HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json
content-length: 777
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
germain-cache-created-expired: 2022-11-29 14:12:57.628235_2022-11-29 15:52:57.628235
x-content-type-options: nosniff
content-language: zh-CN
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
germain-cache: HIT
apigw-requestid: cXo-4hsUnUYEJeQ=
x-ua-compatible: IE=edge
cache-control: no-cache
server: gocache
c-type: df
rid: 29db165e865cbef5c02a7e66aa79c8b8
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/img/P5/FooterMenu/userinfo.svg

172.65.244.226

200 OK

1.9 kB

URL HTTP/2
www.lfun88.com/cn/mobile/img/P5/FooterMenu/userinfo.svg
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.9 kB (1889 bytes)
Hash
1ebc6b2d03ee905f9e15b781311221d3
72cecdcb6eea1d260b992724821308e9e21db6c1
3eb2e14d586df7d16638709358bab6ec45a93221158eea15f2a553a108e60c33

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/img/P5/FooterMenu/userinfo.svg HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:01 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-d87"
expires: Tue, 29 Nov 2022 15:20:01 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e54b3cacf2fda64dab4969b965fbc8bb
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
49cbf67e110f3829411ebd66e51d3b77
80fb5144a9a6e992be22f1f998d3a7d8125d2447
6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8e8f00b06-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
49cbf67e110f3829411ebd66e51d3b77
80fb5144a9a6e992be22f1f998d3a7d8125d2447
6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8e82bb4f9-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
49cbf67e110f3829411ebd66e51d3b77
80fb5144a9a6e992be22f1f998d3a7d8125d2447
6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8ebb4b50b-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
49cbf67e110f3829411ebd66e51d3b77
80fb5144a9a6e992be22f1f998d3a7d8125d2447
6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8e9df1c0a-OSL

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3004 bytes)
Hash
22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rb-NFzuOBQEOMHfs7L68ZBeBH_JMqKYfJhxWs4eNYq35L8duYylQdg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:07:34 GMT
age: 47251
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_main?login=before&displaying_webp

172.65.244.226

204 No Content

0 B

URL HTTP/2
cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_main?login=before&displaying_webp
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /zh-hans/api/v1/app/webbanners/position/home_main?login=before&displaying_webp HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:06 GMT
apigw-requestid: cXo_FgVWHUYEJ8w=
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
germain-cache: HIT
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
germain-cache-created-expired: 2022-11-29 13:59:26.002227_2022-11-29 15:39:26.002227
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 63f9e939b109622209e86b0c5edb6c6f
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-7ea5"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 9e424e38943847edb6cdef5ae8c1192d
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-2555"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 5b2534dd81171faa77cc3f8bd9ecbe4a
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-9805"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 89b00a0455361b2478f57427b718b239
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-1952d"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e2fca29a38d66707246d55ee22db2563
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-4c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: a939edeb66757cb1fe7fdef9a4decb8e
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-2eae"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 75885a17616e67a17c5d637f58f59e63
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-96d9"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 830dff76ab1350e85d8c133d5cf3c120
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile

172.65.244.226

200 OK

0 B

URL HTTP/2
gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
x-bff-key: 51EXaTN7NUeCbjnvg95tgA==
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:05 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: f958be60fa882c0fa3576fc16fe0d3f9
content-encoding: br
X-Firefox-Spdy: h2

analytics.gavelz.com/containers/86cde5a5-9489-4270-836d-a073944a3de3.js

172.65.244.226

200 OK

0 B

URL HTTP/2
analytics.gavelz.com/containers/86cde5a5-9489-4270-836d-a073944a3de3.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /containers/86cde5a5-9489-4270-836d-a073944a3de3.js HTTP/1.1
Host: analytics.gavelz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
x-robots-tag: none
content-encoding: gzip
server: gocache
expires: Wed, 30 Nov 2022 15:15:02 GMT
c-type: st
rid: bbc0e18f7458cd384c613737263a5211
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-1933"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: c4b55be4c844677f38ef5babf4bd53af
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/css/140e48911403d898.css

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/css/140e48911403d898.css
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cn/mobile/_next/static/css/140e48911403d898.css HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-4e8"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e35da052b5c4b74dcfe354505a8e723c
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-11272"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 92b67bc60b94b9bd5d65753e3686d28a
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-2984"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: c2b98b605a9f4173f729716e07a0676e
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

gateway-idcf5.lfun88.com/api/Games/Navigation/MaintenanceStatus?providerCode=InstantGames&api-version=2.0&Platform=Mobile

172.65.244.226

200 OK

0 B

URL HTTP/2
gateway-idcf5.lfun88.com/api/Games/Navigation/MaintenanceStatus?providerCode=InstantGames&api-version=2.0&Platform=Mobile
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/Games/Navigation/MaintenanceStatus?providerCode=InstantGames&api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
x-bff-key: 51EXaTN7NUeCbjnvg95tgA==
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: b00b76fe2956fbe8e802231cb318ed34
content-encoding: br
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/ HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: text/html
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: W/"6383e5cc-1ab6"
content-encoding: gzip
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 46b15471d5d2740716eb4e6d975ce80b
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-245e1"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 40cd659f15ea30709f940b8c4db87c4c
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile

172.65.244.226

200 OK

0 B

URL HTTP/2
gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
x-bff-key: 51EXaTN7NUeCbjnvg95tgA==
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 2fc878cf562f091653bae5caa7cc5b13
content-encoding: br
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-e601"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 5b47c611387ef24064722bd29b3274bf
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

www.lfun88.com/cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js

172.65.244.226

200 OK

0 B

URL HTTP/2
www.lfun88.com/cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js
IP
172.65.244.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-c795"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 57de097bae75d3638fc8dfceffeed719
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations