| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha5daf4dc99951793ae2315d4795e8146 4427507ca4d3a5632cc8f598afbc85e2195d00bd 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13043
Expires: Tue, 29 Nov 2022 18:52:20 GMT
Date: Tue, 29 Nov 2022 15:14:57 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4ed065cb23b5fca1a179dd73b3c5b7b2 4422eb24688f5e056fc1b18b127c7f63b1dbf5e0 b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3802
Cache-Control: max-age=159576
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:14:57 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:34:33 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 14:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3422
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9fce5679881bf302a8978a0b462f01a9 b699fe030ea13ac73813e655c42ed9b531925e2b a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2849
Expires: Tue, 29 Nov 2022 16:02:26 GMT
Date: Tue, 29 Nov 2022 15:14:57 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y3aqAEtsPrT1R7MJqW5UXML8Q6mqmWb1P6EMhA8ZpTbDfWBZEgckWSSg6djz427im1bJu3MLijo=
x-amz-request-id: KKAYWGDSE0W432T5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 14:42:32 GMT
age: 1945
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:14:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 15:10:05 GMT
cache-control: public,max-age=3600
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 292
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3c8c689bd654417640d85f3da51af313 85123b6d46230a23d03768bf304b386e5d301305 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:14:57 GMT
Last-Modified: Tue, 29 Nov 2022 14:19:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.39.62.124 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.62.124:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L1RfAsxt0L3iytz86X0IPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D+BJZDEY3EhU0GSkZSKuXx4y9Is=
|
|
| www.lfun88.com/cn/mobile/ | 172.65.244.226 | 302 Moved Temporarily | 140 B |
URL HTTP/1.1www.lfun88.com/cn/mobile/ IP172.65.244.226:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash1c19d4aea6551ea8b4e65bad8054428e 89d0f0643aef807f0a8586136e9dfed28086c830 dccf3e46c03e0825f3c3fd218743a276d251e198338b904ee088ff1badcfeb83
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/ HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Tue, 29 Nov 2022 15:14:58 GMT
Content-Type: text/html
Content-Length: 140
Connection: keep-alive
Location: https://www.lfun88.com:443/cn/mobile/
Server: gocache
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Tue, 29 Nov 2022 16:20:46 GMT
Date: Tue, 29 Nov 2022 15:14:59 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcc0a257323f882caff067adb86d906e4 cedf2f21be7cd366bd46055b62b5513db3011dfc c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:43:20 GMT
age: 59499
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash83c1fedec73299637cc7dc47c48af758 2e3f7326aeea6be8a34bf2c39b34862c07bfdc41 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 44022
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg | 34.120.237.76 | 200 OK | 4.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha2a5c8d4113d282600462749315f2c4f e2b4d2e15bb7c086333c0da438873e4c139ba931 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 62691
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1f434933b5bd6377d299ada22d1ae7ef 075531f525e625b117b2497f31139c9824d0e9c5 b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 44367
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcce27a1fe8c0222811a5ce0e7f89e1cb 28c165bac8cf68cd1b0763c311aece00672cb3a5 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 62162
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash03014221d7f49b50ffc2d1b0a0e75457 772d86ad983042a728ee3490630a9cf1134ad0dd 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 37358
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/webp/logo.webp | 172.65.244.226 | 200 OK | 1.6 kB |
URL HTTP/2www.lfun88.com/cn/mobile/webp/logo.webp IP172.65.244.226:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash323b242ac4b9225f1f674676085d45fd 5c4f68a61b949051db41435cb4e735055743ae11 17c744991f525e8894f5040ca38cab1aaed6d1347da723277e37594bc1bcc7e9
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/webp/logo.webp HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: image/webp
content-length: 1564
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: "6383e5cc-61c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
server: gocache
c-type: st
rid: b3d3ade58efe72d495dbfe24c33b15b6
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/js/Piwki.js?v=3.0 | 172.65.244.226 | 200 OK | 6.3 kB |
URL HTTP/2www.lfun88.com/cn/mobile/js/Piwki.js?v=3.0 IP172.65.244.226:0
Hash46aebc32eff2367e8e7249096939cffc c5015bf3a6016783de4aabef24149441ea1b37b5 05bba35968175f358dbff1a4b3baa7f1242ea63e2fa805f2dcb1a16e161ea025
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/js/Piwki.js?v=3.0 HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: W/"6383e5cc-e04"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 7717fdbf13b215726e0fd2f10fdfabd5
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js | 172.65.244.226 | 200 OK | 9.3 kB |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js IP172.65.244.226:0
Hash6fcdb68c052b9b9f8481263f628128a9 213798a84c41b0ef625ec271f0ed0cc277fa771d a8755b9bf4cac1da0055ba621b234dedaf41c7f79a7153b6a0ea527a9e5edf13
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/5152-4b9a82225d7f457d.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-1ec1"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 8ac17e5daec7d649bfcaeb31e5d48527
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js | 172.65.244.226 | 200 OK | 13 kB |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js IP172.65.244.226:0
Hash7ad531086197f703982141b5003a2081 c0f44ec20457f63b6c3fdcd3c149dc1782d8d13b 885c0c86cad0ff835391c99f7439e64589036d8f58b8bf433d2a74dfa7899bbe
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_buildManifest.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-4158"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: c31ed859d6eadbbd82f2ac93e17d96e3
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js | 172.65.244.226 | 200 OK | 22 kB |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js IP172.65.244.226:0
Hash13462e73b036a405f2ddb5fe12f6638d a3554c21fde2bc25b567e601347b287258759d76 d5025fb21ff1a22750a5c2131573d8e0dfc55e1475c45647fc59cfd91a766d38
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_middlewareManifest.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-5c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 5d1522019fb22b7537f491f0615e778d
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/img/usdtm.webp?imwidth=384 | 172.65.244.226 | 200 OK | 67 kB |
URL HTTP/2www.lfun88.com/cn/mobile/img/usdtm.webp?imwidth=384 IP172.65.244.226:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 600x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash9a73a5c5791512d5093eee7f797d0826 8549bfce7171b248ae737fcdc5c70ecaba326f39 a3ba2b8ef619c82c8cf7b3615cf51e01580de4fb046005b355ea9f3550eb8a05
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/img/usdtm.webp?imwidth=384 HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:02 GMT
content-type: image/webp
content-length: 66880
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: "6383e5cc-10540"
expires: Tue, 29 Nov 2022 15:20:02 GMT
cache-control: max-age=300
nginx-location: resource
server: gocache
c-type: st
rid: 0f55bceb08f30ca1813c70a822acbeaa
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js | 172.65.244.226 | 200 OK | 121 kB |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js IP172.65.244.226:0
Size121 kB (120924 bytes) Hash25f4c06b0ab2feaabf55e44c64e01b59 ba7bf215efa1d5406047cb2cf58f2de531b5192a c778274a13123d146f2c8936e91bd4f86021a89a7c40a167db7a06e1002ad001
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/pages/_app-59d7e486df4a7371.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-34ae0"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e541e7cd64bb7153821ddb7a288e053f
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile | 172.65.244.226 | 204 No Content | 0 B |
URL HTTP/2gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile IP172.65.244.226:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token,x-bff-key
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:03 GMT
access-control-allow-headers: content-type,culture,token,x-bff-key
access-control-allow-methods: GET
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 03a817f5d9afb6ee8bd94182d53b2c6d
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/img/P5/FooterMenu/fun-hover.svg | 172.65.244.226 | 200 OK | 712 B |
URL HTTP/2www.lfun88.com/cn/mobile/img/P5/FooterMenu/fun-hover.svg IP172.65.244.226:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (455) Hash714db202458dd625388dd2dc72f7b010 a97af4f8c6109e0f3324941885db989e8583a90a 7ce24580770d088006d7a8d77d15eac9d020b6b295afd12701a1cf151aabb476
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/img/P5/FooterMenu/fun-hover.svg HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:01 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-5ab"
expires: Tue, 29 Nov 2022 15:20:01 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: fe22480b6cce5e7fb5e84aa12b5f42c6
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/css/5c6ab1122b579b7d.css | 172.65.244.226 | 200 OK | 108 kB |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/css/5c6ab1122b579b7d.css IP172.65.244.226:0
File typeUnicode text, UTF-8 text, with very long lines (65516), with no line terminators Size108 kB (107644 bytes) Hash62ec9aa301f75146e45285956511d3f1 ae46aeb3f2724d7b43fa0a48e3b7dd07a0a66094 34558ae54736cda4cb24b56d45e23ff246f9aff670d9ba7df4128166c7d042a3
GET /cn/mobile/_next/static/css/5c6ab1122b579b7d.css HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-7d84c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: f33e209200bdc6e8220d968fdc20d0cb
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js | 172.65.244.226 | 200 OK | 4.3 kB |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js IP172.65.244.226:0
File typeASCII text, with very long lines (13149), with no line terminators Hashd78caf1be3987c8efcc191daf94f66b9 6c4e4ee0d42432f0fa74e38af8a1b31d8bdbb2d9 74d2df92c62978345af8100190e27ac5a57d8d1f79d72b928aa169c400bcc0e7
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/1970-b07adaaaf20c1959.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-335d"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: f88f5ae82b02a6ab21977085a60cf18b
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js | 172.65.244.226 | 200 OK | 5.4 kB |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js IP172.65.244.226:0
File typeASCII text, with very long lines (13838), with no line terminators Hashadba943ff700bc8e5c3e6eb6ac645801 2e84aa15734269b9793ee0d8981a08c9142f47ee 23555dc7a212f7225012b8e5bb1edf59706cc889093c638d1facb2990ed3f6e2
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/6054-0919fd86869e68d0.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-360e"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 141fc2c52a51a2b8910aa3523c44848b
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| cache.f866u.com/zh-hans/api/v1/app/game-category | 172.65.244.226 | 200 OK | 1.0 kB |
URL HTTP/2cache.f866u.com/zh-hans/api/v1/app/game-category IP172.65.244.226:0
File typeJSON data\012- , ASCII text, with very long lines (3608), with no line terminators Hash975d105c12a440b6c9fbdc5c4d712c6b 64715db08e7f6d175a6eabd1ca9620b7deebf759 e2494b4f3ad144401d791c8d67738899603ba8ccf90fe283d077a6c37c77bd93
GET /zh-hans/api/v1/app/game-category HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json
content-length: 1007
germain-cache: HIT
apigw-requestid: cXo-yh57nUYEJcA=
access-control-allow-origin: *
germain-cache-created-expired: 2022-11-29 14:13:33.607434_2022-11-29 15:53:33.607434
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
cache-control: no-cache
x-ua-compatible: IE=edge
content-language: zh-CN
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
access-control-expose-headers: Content-Length,Content-Range
server: gocache
c-type: df
rid: 3dafa3673214bc4775efc07aadf9489d
X-Firefox-Spdy: h2
|
|
| gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile | 172.65.244.226 | 204 No Content | 0 B |
URL HTTP/2gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile IP172.65.244.226:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token,x-bff-key
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:04 GMT
access-control-allow-headers: content-type,culture,token,x-bff-key
access-control-allow-methods: GET
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 0c6343287feb9252235e7b841c0967e5
X-Firefox-Spdy: h2
|
|
| cache.f866u.com/zh-hans/api/v1/app/game/provider/123 | 172.65.244.226 | 204 No Content | 0 B |
URL HTTP/2cache.f866u.com/zh-hans/api/v1/app/game/provider/123 IP172.65.244.226:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /zh-hans/api/v1/app/game/provider/123 HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:04 GMT
germain-cache: HIT
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
apigw-requestid: cXo-1i-jHUYEJGw=
germain-cache-created-expired: 2022-11-29 13:39:05.015078_2022-11-29 15:19:05.015078
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 56ca2b15e5673fe967f9e7411cae2177
X-Firefox-Spdy: h2
|
|
| cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_feature?login=before&displaying_webp | 172.65.244.226 | 200 OK | 150 kB |
URL HTTP/2cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_feature?login=before&displaying_webp IP172.65.244.226:0
File typeJSON data\012- , ASCII text, with very long lines (452), with no line terminators Size150 kB (149723 bytes) Hash4b7b5ab98cbbb4b5225a29c0e5dd1669 8c45feabbfd81de1754759723fe3391c55bf2789 557773174d820931a344fc3780db54d7121686c4c5c4dd5f359f7b01af357d25
GET /zh-hans/api/v1/app/webbanners/position/home_feature?login=before&displaying_webp HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json
vary: Accept-Encoding
x-content-type-options: nosniff
germain-cache: HIT
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
content-language: zh-CN
cache-control: no-cache
x-ua-compatible: IE=edge
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
germain-cache-created-expired: 2022-11-29 15:10:25.645995_2022-11-29 16:50:25.645995
apigw-requestid: cXo-yh7IHUYEJ6A=
server: gocache
c-type: df
rid: 2f6899406dc2ba7f87c101a8df955092
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cache.f866u.com/zh-hans/api/v1/app/game/provider/123 | 172.65.244.226 | 200 OK | 777 B |
URL HTTP/2cache.f866u.com/zh-hans/api/v1/app/game/provider/123 IP172.65.244.226:0
File typeJSON data\012- , ASCII text, with very long lines (3410), with no line terminators Hashd4137989c9b41e39bc0fa4280bd12fb7 4a86fe01ddc21f57c859e7ff87980b90f5b2e3f3 c71ff9fb2872c0b5f1b06a0b148187fc4e4d4d25dd0e375be2a3e2c3100f4c05
GET /zh-hans/api/v1/app/game/provider/123 HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json
content-length: 777
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
germain-cache-created-expired: 2022-11-29 14:12:57.628235_2022-11-29 15:52:57.628235
x-content-type-options: nosniff
content-language: zh-CN
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
germain-cache: HIT
apigw-requestid: cXo-4hsUnUYEJeQ=
x-ua-compatible: IE=edge
cache-control: no-cache
server: gocache
c-type: df
rid: 29db165e865cbef5c02a7e66aa79c8b8
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/img/P5/FooterMenu/userinfo.svg | 172.65.244.226 | 200 OK | 1.9 kB |
URL HTTP/2www.lfun88.com/cn/mobile/img/P5/FooterMenu/userinfo.svg IP172.65.244.226:0
Hash1ebc6b2d03ee905f9e15b781311221d3 72cecdcb6eea1d260b992724821308e9e21db6c1 3eb2e14d586df7d16638709358bab6ec45a93221158eea15f2a553a108e60c33
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/img/P5/FooterMenu/userinfo.svg HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:01 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-d87"
expires: Tue, 29 Nov 2022 15:20:01 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e54b3cacf2fda64dab4969b965fbc8bb
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash49cbf67e110f3829411ebd66e51d3b77 80fb5144a9a6e992be22f1f998d3a7d8125d2447 6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8e8f00b06-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash49cbf67e110f3829411ebd66e51d3b77 80fb5144a9a6e992be22f1f998d3a7d8125d2447 6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8e82bb4f9-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash49cbf67e110f3829411ebd66e51d3b77 80fb5144a9a6e992be22f1f998d3a7d8125d2447 6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8ebb4b50b-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash49cbf67e110f3829411ebd66e51d3b77 80fb5144a9a6e992be22f1f998d3a7d8125d2447 6ea1c2305bd7b4a16bc73d89d162e4d5a193c05a6c5700a8231764818de423a2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:15:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 06:59:09 GMT
Expires: Sat, 03 Dec 2022 06:59:08 GMT
Etag: "80fb5144a9a6e992be22f1f998d3a7d8125d2447"
Cache-Control: max-age=315242,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c4bf8e9df1c0a-OSL
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg | 34.120.237.76 | 200 OK | 3.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash22e7d3e11e78242383e452adb9299016 035a1b4a2a7889787532ec2637d5c21e06daf672 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rb-NFzuOBQEOMHfs7L68ZBeBH_JMqKYfJhxWs4eNYq35L8duYylQdg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:07:34 GMT
age: 47251
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_main?login=before&displaying_webp | 172.65.244.226 | 204 No Content | 0 B |
URL HTTP/2cache.f866u.com/zh-hans/api/v1/app/webbanners/position/home_main?login=before&displaying_webp IP172.65.244.226:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /zh-hans/api/v1/app/webbanners/position/home_main?login=before&displaying_webp HTTP/1.1
Host: cache.f866u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,culture,token
Referer: https://www.lfun88.com/
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:15:06 GMT
apigw-requestid: cXo_FgVWHUYEJ8w=
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Authorization,token,Culture,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Api-ID,X-Service-RateLimit,X-UsagePlan-RateLimit,X-UsagePlan-Quota,Cache-Control,Connection,Content-Disposition,Date,Keep-Alive,Pragma,Via,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cookie,Expect,From,Host,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Range,Origin,Referer,User-Agent,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Proto,Accept-Range,Age,Content-Range,Content-Security-Policy,ETag,Expires,Last-Modified,Location,Server,Set-Cookie,Trailer,Transfer-Encoding,Vary,Allow,Content-Encoding,Content-Language,Content-Length,Content-Location,Content-Type
germain-cache: HIT
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
germain-cache-created-expired: 2022-11-29 13:59:26.002227_2022-11-29 15:39:26.002227
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 63f9e939b109622209e86b0c5edb6c6f
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/186-7437bb7b52e141eb.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-7ea5"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 9e424e38943847edb6cdef5ae8c1192d
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/webpack-305a07863677aea2.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-2555"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 5b2534dd81171faa77cc3f8bd9ecbe4a
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/5974-df8db2b8f3ff43aa.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-9805"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 89b00a0455361b2478f57427b718b239
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/main-589c9679f0d62bf9.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-1952d"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e2fca29a38d66707246d55ee22db2563
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/_G-FUehyaVyxhMY1Pa5Od/_ssgManifest.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-4c"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: a939edeb66757cb1fe7fdef9a4decb8e
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/7637-48fdd7d639eb2b6a.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-2eae"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 75885a17616e67a17c5d637f58f59e63
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/pages/index-63dc0d0a8b6625db.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-96d9"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 830dff76ab1350e85d8c133d5cf3c120
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2gateway-idcf5.lfun88.com/api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile IP172.65.244.226:0
GET /api/Games/Providers/Sequence?api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
x-bff-key: 51EXaTN7NUeCbjnvg95tgA==
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:05 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: f958be60fa882c0fa3576fc16fe0d3f9
content-encoding: br
X-Firefox-Spdy: h2
|
|
| analytics.gavelz.com/containers/86cde5a5-9489-4270-836d-a073944a3de3.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2analytics.gavelz.com/containers/86cde5a5-9489-4270-836d-a073944a3de3.js IP172.65.244.226:0
GET /containers/86cde5a5-9489-4270-836d-a073944a3de3.js HTTP/1.1
Host: analytics.gavelz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
x-robots-tag: none
content-encoding: gzip
server: gocache
expires: Wed, 30 Nov 2022 15:15:02 GMT
c-type: st
rid: bbc0e18f7458cd384c613737263a5211
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/0c428ae2-2d3738ff2bb827b9.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-1933"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: c4b55be4c844677f38ef5babf4bd53af
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/css/140e48911403d898.css | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/css/140e48911403d898.css IP172.65.244.226:0
GET /cn/mobile/_next/static/css/140e48911403d898.css HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-4e8"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: e35da052b5c4b74dcfe354505a8e723c
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/172-08c970430d58e4bd.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-11272"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 92b67bc60b94b9bd5d65753e3686d28a
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/5471-a783d9159189e4c2.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-2984"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: c2b98b605a9f4173f729716e07a0676e
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| gateway-idcf5.lfun88.com/api/Games/Navigation/MaintenanceStatus?providerCode=InstantGames&api-version=2.0&Platform=Mobile | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2gateway-idcf5.lfun88.com/api/Games/Navigation/MaintenanceStatus?providerCode=InstantGames&api-version=2.0&Platform=Mobile IP172.65.244.226:0
GET /api/Games/Navigation/MaintenanceStatus?providerCode=InstantGames&api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
x-bff-key: 51EXaTN7NUeCbjnvg95tgA==
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: b00b76fe2956fbe8e802231cb318ed34
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/ | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/ IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/ HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: text/html
last-modified: Sun, 27 Nov 2022 22:33:48 GMT
etag: W/"6383e5cc-1ab6"
content-encoding: gzip
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 46b15471d5d2740716eb4e6d975ce80b
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/framework-1dc2113806b02e18.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-245e1"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 40cd659f15ea30709f940b8c4db87c4c
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2gateway-idcf5.lfun88.com/api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile IP172.65.244.226:0
GET /api/App/AffiliateLM?domain=https://www.lfun88.com&api-version=2.0&Platform=Mobile HTTP/1.1
Host: gateway-idcf5.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lfun88.com/
Content-Type: application/json; charset=utf-8
Culture: ZH-CN
token: 71b512d06e0ada5e23e7a0f287908ac1
x-bff-key: 51EXaTN7NUeCbjnvg95tgA==
Origin: https://www.lfun88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
server: gocache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
c-type: df
rid: 2fc878cf562f091653bae5caa7cc5b13
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/75fc9c18-ebbd7fd4f01a823b.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-e601"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 5b47c611387ef24064722bd29b3274bf
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.lfun88.com/cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js | 172.65.244.226 | 200 OK | 0 B |
URL HTTP/2www.lfun88.com/cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js IP172.65.244.226:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cn/mobile/_next/static/chunks/6473-ca1327aa396e04fb.js HTTP/1.1
Host: www.lfun88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lfun88.com/cn/mobile/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:15:00 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 22:33:47 GMT
etag: W/"6383e5cb-c795"
expires: Tue, 29 Nov 2022 15:20:00 GMT
cache-control: max-age=300
nginx-location: resource
content-encoding: gzip
server: gocache
c-type: st
rid: 57de097bae75d3638fc8dfceffeed719
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|