r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7755
Expires: Sun, 25 Sep 2022 22:39:25 GMT
Date: Sun, 25 Sep 2022 20:30:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 20:15:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6uTHxlZgAFpTtRoX7kHylNhlq86dtbJHeB6BbOx4FnI8Nq8TTOM2ag==
Age: 904
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1QoyQK0Z7pgVfKjv6nQlD_--sRkAkGLWZXL7K-tngvrvKZ0g51-tRw==
age: 57296
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 20:30:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.24.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:30:11 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6293454
expires: Fri, 15 Sep 2023 20:30:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQryU6wVuJ7iDsZN9vB7%2BPenW0r0b1wuSacboDWJ2CseumN%2FuL%2FGWdUFBb05Y9wTVFveiJPhwGl1YfyGo13CkimOyCfu4I%2BeXvPR%2FL%2Br7pw8FK27CJ9M8hEWYGEujIXOxTfbXZ%2Bu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75068427f9030b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 650b6e71248092b05b7f35e8703da4fb
a675c71ea7c50c6a3576eb9626630b0445016d32
122a0ec921f9b9a6b845d4f75df0a4d950f2ce3c34a79cecc67d80962255c1ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5014
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Last-Modified: Sun, 25 Sep 2022 19:06:37 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4824
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Last-Modified: Sun, 25 Sep 2022 19:09:47 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
i.ibb.co/V9rgBqw/twitter-text.png
51.210.32.103200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 51.210.32.103:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 20:30:11 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 15:43:54 GMT
expires: Sat, 23 Sep 2023 15:43:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 189977
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 20:24:33 GMT
expires: Mon, 25 Sep 2023 20:24:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 650b6e71248092b05b7f35e8703da4fb
a675c71ea7c50c6a3576eb9626630b0445016d32
122a0ec921f9b9a6b845d4f75df0a4d950f2ce3c34a79cecc67d80962255c1ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5014
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Last-Modified: Sun, 25 Sep 2022 19:06:37 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 20:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 20:18:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9AERwFof-hz-LYWeZRcqiAn32Rtkb4iuVdhWt3zqppqoNjOQNrsuZg==
Age: 1554
i.ibb.co/Wg8qQxh/facebook-text.png
51.210.32.103200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 51.210.32.103:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 20:30:11 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/css/style.css
52.230.38.12200 OK 2.4 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/css/style.css
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4f67f00d86540962db9f449f3c3c7042
dfe32d943b2eafe0c1ca545e0070cbf978574e94
98d9cc0062deec805f2053ee935478b115deb622562b3b159aa3ed647e0f0c31
Analyzer Verdict Alert openphish Tencent
GET /css/style.css HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: text/css
last-modified: Tue, 23 Nov 2021 08:53:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2422
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/css/animate.css
52.230.38.12200 OK 4.5 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/css/animate.css
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 7aab472abe7a8f098e88318c6fbfb713
20cfbdef273882f9aea994a3e709acb58086b953
4da0b366b64426bcc72fa58f6c1008cc2c7e5ca7ed5862018e52c91d97886e35
Analyzer Verdict Alert openphish Tencent
GET /css/animate.css HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: text/css
last-modified: Tue, 23 Nov 2021 08:53:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4458
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/css/login/facebook.css
52.230.38.12200 OK 683 B URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/css/login/facebook.css
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash e229b2c6886d95ba933dbef6002d17c0
b938f58bfa1506793ab5d01c7dc6795c8f652190
c52f52a23cd8c7e104de6676cf38ce40e92dfbf7b20c9e8755d3ed2e1f1ce8a4
Analyzer Verdict Alert openphish Tencent
GET /css/login/facebook.css HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: text/css
last-modified: Tue, 23 Nov 2021 08:53:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 683
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/css/login/twitter.css
52.230.38.12200 OK 587 B URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/css/login/twitter.css
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 3d15a45ff55b0d79615bde5120e36aa4
9d7faa748f598ff3db89a34c761293ecc87f971d
e29d212d77e72cc93bac74882ca175b4396803222019d34f8b6510fab664526b
Analyzer Verdict Alert openphish Tencent
GET /css/login/twitter.css HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: text/css
last-modified: Tue, 23 Nov 2021 08:53:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 587
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
i.ibb.co/Wx8wkq1/footer-img.png
51.210.32.103200 OK 23 kB URL HTTP/2 i.ibb.co/Wx8wkq1/footer-img.png
IP 51.210.32.103:0
File type PNG image data, 525 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 5731c4bc8559b7e76f83c40187fac947
5fde367c0bd45727a60c852c950dad9177b48e0c
ff21b5da68b872c36b781dbe5413f52c3ed3c1f9f2e0bbd7c8646270beb37627
GET /Wx8wkq1/footer-img.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 20:30:11 GMT
content-type: image/png
content-length: 22746
last-modified: Fri, 02 Jul 2021 03:16:09 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/DV5fKmN/menu.png
51.210.32.103200 OK 126 B URL HTTP/2 i.ibb.co/DV5fKmN/menu.png
IP 51.210.32.103:0
File type PNG image data, 29 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 811800fb15f23aa1c4914eccbda2e0b4
ac53a92ccb79ac81b8af3a9f6e6287ac203edc1d
0935d302a23d3bf9236aaa827d77a450752b9a5eb74be1712fe24a12a2f50b5b
GET /DV5fKmN/menu.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 20:30:11 GMT
content-type: image/png
content-length: 126
last-modified: Fri, 02 Jul 2021 03:34:15 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 7.4 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (30837)
Hash f07c088c3b26ac3ea3a1318ab459fc86
5d92650ece1b539bcc848dda9eda99648b7b219a
dd16f8e5240e48cd207f0187da8be599ff904e7ebde15799ad1d768da988bc86
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:30:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9584565
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750684284a53fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luckyspinpubg-eventhacks.xlox.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:23:43 GMT
expires: Thu, 21 Sep 2023 20:23:43 GMT
cache-control: public, max-age=31536000
age: 345988
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Hash 5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luckyspinpubg-eventhacks.xlox.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:04:04 GMT
expires: Tue, 19 Sep 2023 20:04:04 GMT
cache-control: public, max-age=31536000
age: 519967
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.240.207.158101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.207.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DfiOdeVHjOg8Kbfj8IC8QQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jpe5WYf/tbSjO5txQC3dasq6zjo=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:30:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.250200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=255
expires: Sun, 25 Sep 2022 20:34:26 GMT
date: Sun, 25 Sep 2022 20:30:11 GMT
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/rewards/1.png
52.230.38.12200 OK 56 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/rewards/1.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash a5472b3134ec2ef4d38b8a1c291d461b
f9e2e591179caafaee3239eb59c2570395edd300
bbd0fb7d5c316f94d9ee11c758a0423ab529a2b635ae19675e541928f8530861
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/1.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:59:38 GMT
accept-ranges: bytes
content-length: 55464
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.250200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=300
expires: Sun, 25 Sep 2022 20:35:11 GMT
date: Sun, 25 Sep 2022 20:30:11 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/link_2.png
23.36.76.250200 OK 827 B URL HTTP/2 www.pubgmobile.com/common/images/link_2.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 96 x 97, 8-bit colormap, non-interlaced\012- data
Hash 5237cbfbbee111383e08cfc45a464042
c540d679fda7b859b08b19635d0cebdedf529b86
e20d0a77af62d8461cc5f464d9463d7eb417452e32ce216cff928b0658a53a52
GET /common/images/link_2.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 827
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
etag: "60534f72-33b"
accept-ranges: bytes
cache-control: max-age=295
expires: Sun, 25 Sep 2022 20:35:06 GMT
date: Sun, 25 Sep 2022 20:30:11 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/link_1.png
23.36.76.250200 OK 412 B URL HTTP/2 www.pubgmobile.com/common/images/link_1.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 97 x 97, 8-bit colormap, non-interlaced\012- data
Hash 82939295be11b12439a76cada0d3b06d
d5ae3f2dbb15970e5f3aae222e08212f020f85d5
99ed54c6d4dbabf849b1b844a548a0ee3f8a8d0bf2c4424d57ee5d8c761f843a
GET /common/images/link_1.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 412
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
etag: "60534f72-19c"
accept-ranges: bytes
cache-control: max-age=300
expires: Sun, 25 Sep 2022 20:35:11 GMT
date: Sun, 25 Sep 2022 20:30:11 GMT
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/js/popup.js
52.230.38.12200 OK 560 B URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/js/popup.js
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2172), with no line terminators
Hash 48bd14257f0d8709af0d9acd40389b20
dfae3fa8cf54ca0c94794d44c5824387ec2c0b4d
c44f87b09553b1c95163aa6542ea574fe60e45174f72c5e02c2701d9e33fc276
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js/popup.js HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: application/javascript
last-modified: Fri, 26 Nov 2021 11:51:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 560
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/js/click.js
52.230.38.12200 OK 154 B URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/js/click.js
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 8a52ed6d3f95485222023ab95ae0291d
0c2818cef38d5d103786ca4db2b2ae76e81c1139
cd72a550b8c4648cb41e1d837e15b6dcbe5df634896a486bcd1a91aacb83bcd6
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js/click.js HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: application/javascript
last-modified: Fri, 26 Nov 2021 17:33:58 GMT
accept-ranges: bytes
content-length: 154
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/js/spinFunction.js
52.230.38.12200 OK 636 B URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/js/spinFunction.js
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c88326c478ae11a6f99d61b5324fd615
3eed72047ccd2af0c8ad595bef03f3869b7d95ee
9f0b2108e1a3478a2ed7e2d7ef0b7a6890f083cc4c9f0a4a99979d0e1344b15f
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js/spinFunction.js HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: application/javascript
last-modified: Fri, 26 Nov 2021 17:36:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 636
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/link_4.png
23.36.76.250200 OK 768 B URL HTTP/2 www.pubgmobile.com/common/images/link_4.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 97 x 97, 8-bit colormap, non-interlaced\012- data
Hash b480c3674a6555319933765cabc6bad1
ebba145f86644ffa0c0fb85482ca6d87977e63da
a61ba6147dc708bcecfb1a2adfdd5ceb9550e06992c5ffb42c3e30d36823e95c
GET /common/images/link_4.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 768
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
etag: "60534f72-300"
accept-ranges: bytes
cache-control: max-age=273
expires: Sun, 25 Sep 2022 20:34:44 GMT
date: Sun, 25 Sep 2022 20:30:11 GMT
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/media/putar.mp3
52.230.38.12206 Partial Content 92 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/media/putar.mp3
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash f0858e0f1bdad4dc4fc5a70b2fdcf2e3
f33fdf0b7762a864aad6b34eb9dbbfae52869dcd
9d75aee8bcc5636d3d2dcd95370a55468121ae7a484509b23160c192a95254aa
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /media/putar.mp3 HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 23 Nov 2021 08:53:20 GMT
content-range: bytes 0-92511/92512
content-length: 92512
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.pubgmobile.com/images/event/royalepassm5/bg_1.jpg
23.36.76.250200 OK 351 kB URL HTTP/2 www.pubgmobile.com/images/event/royalepassm5/bg_1.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x960, components 3\012- data
Size 351 kB (351387 bytes)
Hash 852db6081c17a744c475d85c6de70a0b
98b26bc014f0147eb874ed92efc673820b56a0c2
a28304aa895440c6efcfd4097771141af9a322fa93b036b366938c0f31178375
GET /images/event/royalepassm5/bg_1.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 351387
last-modified: Thu, 18 Nov 2021 06:31:57 GMT
etag: "6195f35d-55c9b"
accept-ranges: bytes
cache-control: max-age=300
expires: Sun, 25 Sep 2022 20:35:11 GMT
date: Sun, 25 Sep 2022 20:30:11 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d9a28833c53afc841a351032effe8b3a
a521a974f508c23b7b32c9ef05eee6036043a1bd
ab0e2b87422a5f1290d713d916e38ace204fe012de778892c8289d1f23481196
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB0E2B87422A5F1290D713D916E38ACE204FE012DE778892C8289D1F23481196"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14820
Expires: Mon, 26 Sep 2022 00:37:11 GMT
Date: Sun, 25 Sep 2022 20:30:11 GMT
Connection: keep-alive
k.top4top.io/m_1807x9v082.mp3
65.21.235.194206 Partial Content 6.8 kB URL HTTP/2 k.top4top.io/m_1807x9v082.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash c7a9f0b4dab23617e33a84ec16db54d2
d2863f409479d463e669087569a01479936bef36
23a4886519b85fc7223039ed57b1452a8b3786230f0a60fd6d4bfaa6a2511f57
Analyzer Verdict Alert fortinet Malware
GET /m_1807x9v082.mp3 HTTP/1.1
Host: k.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Sun, 25 Sep 2022 20:30:11 GMT
content-type: audio/mpeg
content-length: 6824
set-cookie: klj_40d147_downloads=lb4ry; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 26 Sep 2022 20:06:51 GMT
last-modified: Sat, 12 Dec 2020 03:59:49 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5fd44035-1aa8"
expires: Sun, 25 Sep 2022 22:30:11 GMT
cache-control: max-age=7200
x-file-id: x35791342x
content-range: bytes 0-6823/6824
X-Firefox-Spdy: h2
e.top4top.io/m_1839g790y1.mp3
51.159.67.109206 Partial Content 2.6 kB URL HTTP/2 e.top4top.io/m_1839g790y1.mp3
IP 51.159.67.109:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 01f7d3fd02583cdfd99b2062c6cab526
1f5d896475bf9a250a4773f1eab6581333d03cf9
35f3cb88514d9156e754f6274ba418b6cc5202b9a3687bd804021320f9f50559
Analyzer Verdict Alert fortinet Malware
GET /m_1839g790y1.mp3 HTTP/1.1
Host: e.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Sun, 25 Sep 2022 20:30:12 GMT
content-type: audio/mpeg
content-length: 2644
set-cookie: klj_40d147_downloads=lmwbs; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 26 Sep 2022 20:06:52 GMT
last-modified: Thu, 14 Jan 2021 00:11:47 GMT
content-disposition: inline; filename="open_reward_tab%20(1)%20(mp3cut.net).mp3"
etag: "5fff8c43-a54"
expires: Sun, 25 Sep 2022 22:30:12 GMT
cache-control: max-age=7200
x-file-id: x36340264x
content-range: bytes 0-2643/2644
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/season-alert.png
52.230.38.12200 OK 20 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/season-alert.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 93, 8-bit colormap, non-interlaced\012- data
Hash 667b487479a80d9f1db21ec187033baf
1bf688faaf17d64c098ef853a8352b58d7f9f6e3
68a2b2f800decfcbad996e600b6679a0ab081e06c70540b946bbf4c239fb460e
Analyzer Verdict Alert openphish Tencent
GET /img/season-alert.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:58:08 GMT
accept-ranges: bytes
content-length: 20488
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/btn-off.png
52.230.38.12200 OK 5.1 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/btn-off.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 190 x 70, 8-bit colormap, non-interlaced\012- data
Hash 6b94d3ef2816c7e787d101d185f8699c
3ec9ec0ced439dd15358cd0373bc840fe188c120
b057e2ce2b07be7f8e452f78612a8b0137264d186d06cdd5a42672093a008844
Analyzer Verdict Alert openphish Tencent
GET /img/btn-off.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:58:06 GMT
accept-ranges: bytes
content-length: 5079
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/rewards/5.png
52.230.38.12200 OK 31 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/rewards/5.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash 51d36d4ad47f58b3e3a65f8908720b43
87bf1a4540cac5ff01f7cc45ce47df7d82a8aa7e
34af21d5d998c4522a370885cd773f2e3d98e31e8900d14e718dd22e9dca9dda
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/5.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:59:40 GMT
accept-ranges: bytes
content-length: 31100
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/rewards/3.png
52.230.38.12200 OK 25 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/rewards/3.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash eb55c28d7cba2510ed4139dd61d4b5cd
d072fd1a3d5d0b8f04dce389cf8422f4fe495e82
33052231d2bfe5ea2563ee0f50b85e1aaa22bbdac0dd1fc80815b79dedf84cc4
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/3.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:59:40 GMT
accept-ranges: bytes
content-length: 24931
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/rewards/2.png
52.230.38.12200 OK 106 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/rewards/2.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1080 x 1080, 8-bit colormap, non-interlaced\012- data
Size 106 kB (105458 bytes)
Hash 98a00282b09f415a2a38323a39b88148
6a97e5a342babd8393e3b8d94492a4b8393dfcd5
edf34c356c60c88bc5fe8c9bb9785ba1711258fa667788af9200f83ab4b7c304
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/2.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:59:40 GMT
accept-ranges: bytes
content-length: 105458
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/rewards/4.png
52.230.38.12200 OK 99 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/rewards/4.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1080 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 5838f0116f3c1690aa14790720d24838
12b67c42d727eff8a8354d97ce8335980ad58877
de92ba8b7f8ef4531b63081e4b113e81dd8e90bb8a8c9aaf89e184f1c6248ef2
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/4.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:59:40 GMT
accept-ranges: bytes
content-length: 99308
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/putar.png
52.230.38.12200 OK 114 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/putar.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1011 x 1280, 8-bit colormap, non-interlaced\012- data
Size 114 kB (114328 bytes)
Hash ac5ced5c66b234d18666e3b7fadd6e2e
18f0127af200b912a8e3eef75538abae5712ef37
42fd75c98f1a102533f2e8ac25626f8bf4e4844319ae916748edcdafbd48cfc1
Analyzer Verdict Alert openphish Tencent
GET /img/putar.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:58:08 GMT
accept-ranges: bytes
content-length: 114328
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/link_5.png
23.36.76.250200 OK 643 B URL HTTP/2 www.pubgmobile.com/common/images/link_5.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 96 x 97, 8-bit colormap, non-interlaced\012- data
Hash b5e71034e6ad24b6ba8a9e2dd4e9eacf
8764842732f93a3f3bb3a79944163e5a8ef67b9a
ece6fc3bf5e763a1031f5900eea1e88bd8a27bf8a2a9bddf4402301f450f21e4
GET /common/images/link_5.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 643
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
etag: "60534f72-283"
accept-ranges: bytes
cache-control: max-age=293
expires: Sun, 25 Sep 2022 20:35:05 GMT
date: Sun, 25 Sep 2022 20:30:12 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/pay.png
23.36.76.250200 OK 1.3 kB URL HTTP/2 www.pubgmobile.com/en/images/pay.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 0950bb106b9361f850f5181a9acd02eb
87ba05b8bae18d0a747fefe375f128ec1aecf81d
12ecca619edd7636523e6b67f2953ed82326d5b49bcc565bd14e36aedb933325
GET /en/images/pay.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1319
last-modified: Fri, 05 Mar 2021 06:44:57 GMT
etag: "6041d369-527"
accept-ranges: bytes
cache-control: max-age=300
expires: Sun, 25 Sep 2022 20:35:12 GMT
date: Sun, 25 Sep 2022 20:30:12 GMT
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/rewards/6.png
52.230.38.12200 OK 218 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/rewards/6.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1280 x 1280, 8-bit colormap, non-interlaced\012- data
Size 218 kB (217484 bytes)
Hash f7232b1263d7b852a98f899895390aa2
8bb859f92dc65de5d41b321343fd7b8905261c12
1a1a24c7b95fe6f7dd82de62bef2ce51b6eec800502cfbb57b203deb35887bc1
Analyzer Verdict Alert openphish Tencent
GET /img/rewards/6.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:59:40 GMT
accept-ranges: bytes
content-length: 217484
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/img/spin.png
52.230.38.12200 OK 457 kB URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/img/spin.png
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1280 x 1280, 8-bit colormap, non-interlaced\012- data
Size 457 kB (456703 bytes)
Hash 4fdb6f73c01833f3304b3ae18700f23c
41a36415cb0866a98eecf445d5273b84844d0eb1
06450bb63895376ae5c06edccd05dd258d79b26fa40a45de1960a2aaec9e334c
Analyzer Verdict Alert openphish Tencent
GET /img/spin.png HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 20:30:11 GMT
content-type: image/png
last-modified: Tue, 23 Nov 2021 08:58:08 GMT
accept-ranges: bytes
content-length: 456703
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/link_3.png
23.36.76.250200 OK 638 B URL HTTP/2 www.pubgmobile.com/common/images/link_3.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 97 x 97, 8-bit colormap, non-interlaced\012- data
Hash de20417af4a25e0e4b270108101dc88a
cd0d4a6be07ae625ca9137d5594733c8bdce0a8d
65bcb1d2699f8726c0fe67bd01eb5cc8cd682a8eb8b67aeda82739a41f1f5a8d
GET /common/images/link_3.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 638
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
etag: "60534f72-27e"
accept-ranges: bytes
cache-control: max-age=285
expires: Sun, 25 Sep 2022 20:34:57 GMT
date: Sun, 25 Sep 2022 20:30:12 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/images/event/royalepassm5/m_bg_3.jpg
23.36.76.250200 OK 120 kB URL HTTP/2 www.pubgmobile.com/images/event/royalepassm5/m_bg_3.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x1624, components 3\012- data
Size 120 kB (120391 bytes)
Hash 2a4f294c0e824b6b6fded0c511881046
741de418318a3db3b0ebb85f8803b34b2100bf1d
02a0a9c2ec6ffc9fd4764e9f6c07d55f16f27f5e46bcb94bdb6fc585b3cc2297
GET /images/event/royalepassm5/m_bg_3.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 120391
last-modified: Thu, 18 Nov 2021 06:31:59 GMT
etag: "6195f35f-1d647"
accept-ranges: bytes
cache-control: max-age=273
expires: Sun, 25 Sep 2022 20:34:45 GMT
date: Sun, 25 Sep 2022 20:30:12 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/images/event/royalepassm5/kv_logo.png
23.36.76.250200 OK 88 kB URL HTTP/2 www.pubgmobile.com/images/event/royalepassm5/kv_logo.png
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type PNG image data, 460 x 543, 8-bit colormap, non-interlaced\012- data
Hash 16d9c268ce10ceb3b96436fb637c2c03
2c1fd55c3237346eb679762e6311ed26297734ff
4fb413cdb813d9fb0e299b6ac44f0143972dff48e0e626bc4d8b903b365f0af1
GET /images/event/royalepassm5/kv_logo.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 88534
last-modified: Thu, 18 Nov 2021 06:31:59 GMT
etag: "6195f35f-159d6"
accept-ranges: bytes
cache-control: max-age=284
expires: Sun, 25 Sep 2022 20:34:56 GMT
date: Sun, 25 Sep 2022 20:30:12 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19355
Expires: Mon, 26 Sep 2022 01:52:48 GMT
Date: Sun, 25 Sep 2022 20:30:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19355
Expires: Mon, 26 Sep 2022 01:52:48 GMT
Date: Sun, 25 Sep 2022 20:30:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 82374
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 48058
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 80864
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v37Rjs_OtmFd6UKau0Flv_J6GAWTe0UdA8hXaDmmn6SmLXQbEHeBVQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 03:45:44 GMT
age: 60269
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 81535
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 82387
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed165f50993660657ba10cdebdb895b3
0241ca5908ca229c2528a3c84177488cc2c08c13
b13c7b9ce6ae5d4295467977258ab19da8329b0f1db39e38f11d16d905d742cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14237
x-amzn-requestid: ebac6624-ee74-4911-b34d-f12abd8524e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruIG08oAMF6bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-1119098a051db3235b3a0674;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PuRSMM1YJ_03oGNhk2W-FwfPRkhU_TDcvyi-31NspF3s8U7erzx6_A==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:21:10 GMT
age: 79749
etag: "0241ca5908ca229c2528a3c84177488cc2c08c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/media/header.mp4
52.230.38.12206 Partial Content 0 B URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/media/header.mp4
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /media/header.mp4 HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Tue, 23 Nov 2021 08:53:20 GMT
content-range: bytes 0-2640963/2640964
content-length: 2640964
date: Sun, 25 Sep 2022 20:30:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://luckyspinpubg-eventhacks.xlox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 20:30:11 GMT
date: Sun, 25 Sep 2022 20:30:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
luckyspinpubg-eventhacks.xlox.ml/
52.230.38.12200 OK 0 B URL HTTP/2 luckyspinpubg-eventhacks.xlox.ml/
IP 52.230.38.12:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: luckyspinpubg-eventhacks.xlox.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 20:30:10 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2