Report - dd7.xyz/

Report Overview

Submitted URL
dd7.xyz/
IP
104.18.30.232
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-02 20:06:32
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	13.33.243.109
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.217.237.91
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	59 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	13.224.222.85
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.dd7.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	2.6 MB	104.18.31.232
csi.20icipp.com	514282	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	39 kB	4.6 MB	104.26.1.241
api.dd7.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	109 kB	104.18.30.232
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	393 B	172.64.156.26
dd7.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	752 B	1.1 kB	104.18.30.232

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	dd7.xyz/	Phishing
2022-10-02	medium	www.dd7.xyz/	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/3151.b912e2d0.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/6655.a5341bfc.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/3303.ecd18c23.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/9361.9814c206.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/7379.f1ca523e.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/3140.266c37f5.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/9758.12328a50.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/8920.f4fde0e4.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/media/iconmps.7e0baaff..ttf	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/3283.6bbf191b.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/6548.de9cc734.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/8955.47aaf980.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/2576.b6ebc9e0.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/739.fca1fba5.js	Phishing
2022-10-02	medium	www.dd7.xyz/	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/7283.7d590fa8.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/125.20fe76ed.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/4726.255522fb.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/3562.87afb9b2.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/2593.9924de69.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/8820.b838a408.js	Phishing
2022-10-02	medium	www.dd7.xyz/favicons/dd7.ico	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/8000.27be1a00.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/d-AppContainer.196d41e7.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/media/Tahoma.4e507db3..woff	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/i18n-en-US.3c4c8dd6.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/3129.d0e75e99.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/6448.e30f7703.js	Phishing
2022-10-02	medium	www.dd7.xyz/static/js/runtimechunk~main.0de96554.js	Phishing
2022-10-02	medium	dd7.xyz/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	www.dd7.xyz/	630 B	2023-03-07	2023-03-08
Pretty URL www.dd7.xyz/ IP 104.18.31.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:05:40 Last Seen2023-03-08 12:52:39 Times Seen1 Hash 11f2ced53ab705f3a4715873b3eba07a bbc809008836bae1e6862fce3d6b7e7898807a9f 123eb2329db40de39f909a675bbab18641811dc37aa1ca098b1c1497a5a71708 Loading...

	www.dd7.xyz/static/js/831.c351da50.js	38 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/831.c351da50.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 19fb5fe5a5390c0c2d6a9a27be8803fe ef9ed980b495bda75aee08c5324bf161b4b347fb 0a027aa9b19cd38fb049a38d5a6cdef1efe7a8fbbfe42621b1bb777f52e4fa72 Loading...

	www.dd7.xyz/static/js/7283.7d590fa8.js	46 kB	2023-03-07	2023-11-16
Pretty URL www.dd7.xyz/static/js/7283.7d590fa8.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-11-16 03:29:19 Times Seen7 Hash 5c0312a36e03d1a1ebddb7f346a7a793 ec4f4be4ac8a18568f59d3bab853d948adb47741 5351e148d30e26fbb549254e73221c02ed0e5c340c52b75eac1870280972234a Loading...

	www.dd7.xyz/static/js/4726.255522fb.js	44 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/4726.255522fb.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:54 Times Seen1 Hash 0f66d86062cde0e6daf8d63a375f6079 6f95f33b9f126855d31e96441360f54ac30837b4 0be795900f81b311471ab42a82a491b9b41c16c02ad3ed700cd35ff9237ec642 Loading...

	www.dd7.xyz/static/js/1071.ca0e2840.js	15 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/1071.ca0e2840.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:53 Times Seen1 Hash c9c2f94a5e4cb236529415e3401c9ff8 7273ea2891626eb167bd6ca7ef90fe1e5ad36b7e 9edb764812e496e440f642e3b453e294a07a95dc1807913acb6991af849cabe2 Loading...

	www.dd7.xyz/static/js/d-Home.f1e92d80.js	21 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/d-Home.f1e92d80.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash b068941e062bfed3e041832e72783b0f 41a55908e48355fae37f6d7ebcfc8d6c9340d13f 8c41dde6add3065ddcc9869a1599b1b52488f92ab9ec14b0e38c47a17fc954d1 Loading...

	www.dd7.xyz/static/js/8920.f4fde0e4.js	147 B	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/8920.f4fde0e4.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 3393b2e797ab259de074d8e9f2b3fcd0 c2d131db87a503c5e24ce39306124746331f362d 56131a98341e5a5bfdef30bbfcf65e494d114d6ba5f9307e2cc499773b0821fd Loading...

	www.dd7.xyz/static/js/runtimechunk~main.0de96554.js	16 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/runtimechunk~main.0de96554.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash 4555d5c5b541fc48642ce66a2d2c98c3 684c9b717dc75c79980972b8089d43c6520b7988 954905cd63c36b13a93321929b94bbbfcf621fb75e5d41186369a8fdd3363431 Loading...

	www.dd7.xyz/static/js/6548.de9cc734.js	176 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/6548.de9cc734.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash 968bb88bf6057b8235cf5ad98a1cd688 8194bb58b05d422c168e34ed25042273ca19558c 9473295c5cf6a28e01323adcf10696697142f187bfeab89b9a5b6fe6d6b55ab9 Loading...

	www.dd7.xyz/static/js/3562.87afb9b2.js	12 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/3562.87afb9b2.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 3515c6a32b84ba4d7d144d6ac02f7d03 bc2181d4b99ae4039ea5654d9753b1db6e6ee293 0a86e28ea61a996e247bf4d3cfc90dba7675a76758b4472d0166e0b1512abcb0 Loading...

	www.dd7.xyz/static/js/8000.27be1a00.js	27 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/8000.27be1a00.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash 2c74a9810c075608a7d2dc58178fa7a8 3010c11d9c89098c9469cd1c2df6d6a7e75c7414 9f7fbde6a5b51884c5b72503fbe3cb7afef4a3fb28f7ff78493a302cca96bc47 Loading...

	www.dd7.xyz/static/js/9361.9814c206.js	21 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/9361.9814c206.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 8d5c8fb99180af16213c6e80db70ce1c b68d2e0427a76ab036f016e38f2c276f2a441933 0aaa886e850a8954bdb5db55f75690c44b1f751c5a87d52bafba8582697b056d Loading...

	www.dd7.xyz/static/js/main.8b288181.js	641 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/main.8b288181.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash d4432130e6834dc36f22bc53c3bb19d1 ea29f7e8cc1e8e925e7935bbb71855dea0b64fec a24c8369d8c619eefe175e7daa68ec647e0e0a2dbabd4ca97cef24547b13b677 Loading...

	www.dd7.xyz/static/js/i18n-en-US.3c4c8dd6.js	150 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/i18n-en-US.3c4c8dd6.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash 5c6c5aec82b54427cb8e70dd33fe21b3 912f07cc5616f1ccad3686e2f3f109700893e0b8 94e6c1c8ff7bcca29f0d5b55f44b97be7cba46bc1b842f59ba18701e0f80f339 Loading...

	www.dd7.xyz/static/js/3140.266c37f5.js	14 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/3140.266c37f5.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash 561be22d5189ad4a40d2e282aa336168 86f12557834e0491d52993a3e0b5d280866e3fc8 dbd1c1831b174ce9e74230f0d2ab62c076fa2c65e2724469c564944137c3132f Loading...

	www.dd7.xyz/static/js/2576.b6ebc9e0.js	10 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/2576.b6ebc9e0.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash afca4fde967e35cad261041b9478889e 50afdd55a7149ef94f42bb1e66b2d7348376d88a df9d7a5c3e141ea84e43c49bd8fddb0e2eaf2e76c84441f4da97213806cbf651 Loading...

	www.dd7.xyz/static/js/d-AppContainer.196d41e7.js	128 kB	2023-03-08	2023-03-08
Pretty URL www.dd7.xyz/static/js/d-AppContainer.196d41e7.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:49 Last Seen2023-03-08 04:46:49 Times Seen1 Hash e02029cf87ee98f8a86bfb7a4efd52bf a773656ff8a0df4fd5014ae3df0d1e38857bac7a c0cf3f9136fcf6124d245fffa043cf9bab7bea878da1ab5a9cab32d54f46dd09 Loading...

	www.dd7.xyz/static/js/3129.d0e75e99.js	52 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/3129.d0e75e99.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:54 Times Seen1 Hash a84f8694e3b3df28205d5d649b236d5e 99f5c5f854e4780c84d7160452e151a4e36c8148 9861fb67493ae2fc701d35c3182ab00d10589349079a9cc15512529fd3a85732 Loading...

	www.dd7.xyz/static/js/7379.f1ca523e.js	64 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/7379.f1ca523e.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:54 Times Seen1 Hash 5992db72ad4f3a0b140a3d6656f48ac8 87823e53281b47821c754436288cb40ffb5b7e78 71662aa5a5aeeb17a3485de9ea3a8ccff2fea5acceb9ba245bcbfe3a2cf82b7c Loading...

	www.dd7.xyz/static/js/3283.6bbf191b.js	147 B	2023-03-07	2024-03-16
Pretty URL www.dd7.xyz/static/js/3283.6bbf191b.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-03-16 20:13:46 Times Seen75 Hash 1d3e2289aa4ad2e7826cec825723a62d 8201fc3d8799ef328c2b0aaa1d31036bd991f44f 46e0fee29d21fac7699def7ee85a9dbacd3ad90ba38769f88c422ed8069cf6c9 Loading...

	www.dd7.xyz/static/js/8955.47aaf980.js	625 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/8955.47aaf980.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:51:37 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 463f0e4f21a266c71c0791661862be37 cf6aed50470f9eeaaa6eec7ce194f105cf13d506 bd8f78e9093a3405000998953974afe367e048bb40b00ec5dd0c181b95a6d7ad Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-05-10
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-10 03:15:28 Times Seen1662 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	www.dd7.xyz/	43 B	2023-03-07	2024-03-16
Pretty URL www.dd7.xyz/ IP 104.18.31.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-03-16 20:13:46 Times Seen24 Hash 93ccb008ccbf2a8155c4abadbe5e03ee 9b394c896060435866cab3f48cf81881d7ca2b3e 8ffa5be59587ef2790295eb0f4dd8a64055207dd09edc71dd0feaccfd9ce02f9 Loading...

	www.dd7.xyz/static/js/6655.a5341bfc.js	29 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/6655.a5341bfc.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 7674564f502aa57d2be77ff697a8555b 64a278a10e23c83eeb6967f0fcb80bb0e2c1fa51 b4ee0477dc00215c4dace7a5c8687aa895c9ef6ee355a03d348b5fdb4a1276fd Loading...

	www.dd7.xyz/static/js/3151.b912e2d0.js	10 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/3151.b912e2d0.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 0a3b33d7efa525495bd1d7135a80426c c321b53a123d7a89a2586bf52699e8688401199f 50c6e172a7e508d4b5de70bd17caf420c44f08c6acf0aa95e9380e5821eafb0d Loading...

	www.dd7.xyz/static/js/125.20fe76ed.js	83 kB	2023-03-07	2023-11-16
Pretty URL www.dd7.xyz/static/js/125.20fe76ed.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-11-16 03:29:25 Times Seen16 Hash fd8469190c508c070d9c61e954fa3040 87c5ae332eb802bd8f76640920a0a743bad376d9 3a16b5b7dc69ce9730a400891020261f0ebf0b0395c3988d1fadaff80a5b0f84 Loading...

	www.dd7.xyz/static/js/3303.ecd18c23.js	148 B	2023-03-07	2024-03-16
Pretty URL www.dd7.xyz/static/js/3303.ecd18c23.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2024-03-16 20:13:47 Times Seen76 Hash f3df730bc23acac84c42024d1a5aac0a e30f12683494a2c447eb6000098ef1af9b0f54d3 68a6e7214a33c23629113e8fa3eca2863da6d39c9d2b2d8b5cb56bb905e9de3d Loading...

	www.dd7.xyz/static/js/739.fca1fba5.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/739.fca1fba5.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2023-03-17 12:38:53 Times Seen1 Hash 6c66578e2c7fd9b9ad5eeee6cba5be44 5b31415b2d1bee4e39660c17568f3af175714de2 9157ae9d137d1b95b2b893d3436395fa92a5f37d0946e48094454b778a2b4c67 Loading...

	www.dd7.xyz/static/js/9758.12328a50.js	15 kB	2023-03-07	2023-03-17
Pretty URL www.dd7.xyz/static/js/9758.12328a50.js IP 104.18.30.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:50 Last Seen2023-03-17 12:38:53 Times Seen1 Hash d98103c038a3ccc984d3b213cc10f9f1 16d5eee1bd37079e30c1ed9fc46cedcd60616e21 e6e87a2bf849bd3adca2ee844bab792f9d577f7b0c2179af483e3113722c7a27 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f0ffd3b7c2574ac324603ed00488c850	7 B	2023-03-07	2024-05-10
Pretty Observations First Seen2023-03-07 01:03:35 Last Seen2024-05-10 10:51:30 Times Seen20694 Hash f0ffd3b7c2574ac324603ed00488c850 623e76c36aa2a886542011e28412cc761d7ceb01 c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154 Loading...

HTTP Transactions (159)

URL IP Response Size

dd7.xyz/

104.18.30.232

301 Moved Permanently

0 B

URL HTTP/1.1
dd7.xyz/
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 20:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 21:06:20 GMT
Location: https://dd7.xyz/
Set-Cookie: __cf_bm=ifN33FmNbpOkVAQ3ZY1IRbzqIyeeWoQ9cIJdYIwnEYM-1664741180-0-Aaf229w1cE34eraUDWcMlDVMg0Lze4rblB/Hde6z/sj/7I7kDthp20OC75g0vTrWdUD8Wh9iSi0oVECB0snSK1k=; path=/; expires=Sun, 02-Oct-22 20:36:20 GMT; domain=.dd7.xyz; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75400ed9f885b4f9-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5417
Expires: Sun, 02 Oct 2022 21:36:37 GMT
Date: Sun, 02 Oct 2022 20:06:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

13.33.243.109

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
13.33.243.109:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 19:24:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1af5cf4385642d0f2bca9faac179c6e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL50-C1
X-Amz-Cf-Id: rt7R1gfcbcvajYiFR6H5NsdEVNLmb2nEFNo5TsV0csaQ9A3pdu0_eA==
Age: 2495

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

13.224.222.85

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
13.224.222.85:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: RaB8xwjr_PsPPOKQvyFeJ7WEhBzrlSaKOhDvigjmUTOrFXovonGSIg==
age: 59584
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 20:06:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.dd7.xyz/

104.18.31.232

301 Moved Permanently

0 B

URL HTTP/1.1
www.dd7.xyz/
IP
104.18.31.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 20:06:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 21:06:21 GMT
Location: https://www.dd7.xyz/
Set-Cookie: __cf_bm=zewj0oOfvN36_6as0CJsfJDQRXSII06TnmyUOq.9kJ8-1664741181-0-AdBvLVbZ5C+wBn4EAOV+MyY5K59VLJARFNeL8d5HL17gpQH1/va3HyLUedruPkbNU/c6U1CdX2mdqHFMGiJ18WA=; path=/; expires=Sun, 02-Oct-22 20:36:21 GMT; domain=.www.dd7.xyz; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75400edd4ebbfac4-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

13.33.243.109

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
13.33.243.109:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 19:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 19:36:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9f6a623c512f1a1b6fd6b2d4bd697472.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL50-C1
X-Amz-Cf-Id: iJY9g1jSWxQkg10X_FHuH8rt9CCLNfmgMho6tUD5do81kvGHa79tIA==
Age: 2208

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:06:21 GMT
Last-Modified: Sun, 02 Oct 2022 18:18:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.217.237.91

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.217.237.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fFJM4eXZGoSkO4OjgAyzLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FAmFXE8a6HIQUNYPAx+rVZLawTs=

www.dd7.xyz/icon_256x256.58ab39cce1f0cfb215b7a1fa8b68ae98.png

104.18.30.232

200 OK

25 kB

URL HTTP/2
www.dd7.xyz/icon_256x256.58ab39cce1f0cfb215b7a1fa8b68ae98.png
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (25109 bytes)
Hash
58ab39cce1f0cfb215b7a1fa8b68ae98
d84159b4f1d3645d28e4ee1f8c18fa3efdf6fd23
49c2687c504fae89d5951f7ca6d717e52d93fc4f1dfdd9aae24f4750f24b631e

HTTP Headers

GET /icon_256x256.58ab39cce1f0cfb215b7a1fa8b68ae98.png HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:22 GMT
content-type: image/png
content-length: 25109
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: "632adee9-6215"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:22 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ee60e1e0b59-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 20:06:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 20:06:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7314 bytes)
Hash
ef85af3ef63e35a54bc15fbca5d7236b
e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ss4zz6K56bzf1oFauX5_GUyy77r5gwLUcEy2GHrxSbBlwaYNjPZuYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:58:03 GMT
age: 79699
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11083 bytes)
Hash
edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 80266
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6101 bytes)
Hash
e711c6bf0d0808f0b5c57b80916eba4d
36c8dcdfdc2c59246ba9d999ddffd5387f68155e
e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6101
x-amzn-requestid: 0edbc5d1-324f-4b4f-a55c-b9333f2bb6a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnFumIAMFoEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-1422f70670e89174415c1aba;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hG5L6pTNHLcM-nBovmH6kFuFK5oXJuxVWsnaffj6L8bDlGnpFVJFKg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
age: 78505
etag: "36c8dcdfdc2c59246ba9d999ddffd5387f68155e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4987 bytes)
Hash
463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 80265
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 80269
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 55522
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/game/en-US/AE_GAMING/mini-game-logo.png

104.26.1.241

200 OK

172 kB

URL HTTP/2
csi.20icipp.com/img/static/game/en-US/AE_GAMING/mini-game-logo.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
172 kB (171719 bytes)
Hash
932765724bcd42d88914e7a2eb0939f1
fd69237b7a8493756dd498260856e5467ce220c0
b7817203a1553cadb6e72a16ed45f37f6b83943037a3cf2e16a5be912f736664

HTTP Headers

GET /img/static/game/en-US/AE_GAMING/mini-game-logo.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: image/png
content-length: 171719
last-modified: Thu, 16 Dec 2021 04:49:33 GMT
etag: "61bac55d-29ec7"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 904631
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrVpvkbp95xoX6fNiYuP0UHCP5%2BMHsTDz4YHlUTV5JxOamHc1ZYQIya0csJC0O4JTZo5j378KNmCZAJFpfsfU5ZT7p5Nd8HCOx8DVtpjLubLVQ3kZLiModZdPqODt9PlZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eed6b13b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_56.png

104.26.1.241

200 OK

107 kB

URL HTTP/2
csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_56.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
107 kB (107437 bytes)
Hash
67845aa04fb3117900e3564dc4418892
5bf7db63c5e8b01163a0c2c9cd7ebb88976ced7b
48e435043523e38e0cdfecb4cb7f9b3e4a8ef19ebbd824f460295d3772771876

HTTP Headers

GET /img/static/game/en-US/AE_GAMING/aws_56.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: image/png
content-length: 107437
last-modified: Thu, 16 Dec 2021 04:49:33 GMT
etag: "61bac55d-1a3ad"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 904631
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YXuPhvvjylq%2BKa0FttAYz6xJUymFcWUREhLHlKGG6NbQNUmWjvxCrqFmBkFDgucmeELFVvpmMphZwMQgHwwzh%2Fip9Lb5nZMSudaWCfykCN1yK35GWPMZcRMEuOAzrjWSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eed8b40b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_57.png

104.26.1.241

200 OK

122 kB

URL HTTP/2
csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_57.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
122 kB (121887 bytes)
Hash
4ec895f83977b88a565e68c0979c25bd
4cb3f4cd7a4fbae90f0acd6b4a3b54dc13cf9988
b8fb34cc01183db744db27557333cdded55e6a1def0529784bd2ae4d30b4e0bd

HTTP Headers

GET /img/static/game/en-US/AE_GAMING/aws_57.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: image/png
content-length: 121887
last-modified: Thu, 16 Dec 2021 04:49:33 GMT
etag: "61bac55d-1dc1f"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 890279
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDh33Kh9NmkmPKbzI1fGyTo4mqOyBR8ODuEghKOQ0TduOW39MNcCfMGDF%2FqRBfCAtvUZ3D27ToseKnb45Q8OByUfimizTAEUvaUOc%2BzKL5r6DuG1CbiBDeKuy6%2FmPemu4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eed9b4eb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_71.png

104.26.1.241

200 OK

129 kB

URL HTTP/2
csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_71.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
129 kB (128595 bytes)
Hash
02af2dc979b98c13d9ef30c20dbef6df
d95e93b02de017a3a65af0a565e9012a0aab5360
6e544333033d2d73eb0ecd9b0c20546e6e6d698d31114e8c2a19c36561c2c5b9

HTTP Headers

GET /img/static/game/en-US/AE_GAMING/aws_71.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: image/png
content-length: 128595
last-modified: Thu, 16 Dec 2021 04:49:33 GMT
etag: "61bac55d-1f653"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 890279
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxb8AAbryy22M2ga%2FryVWtvujnT%2Fksh7Up8UjscG6LQOkxo7x2eK37y%2BFcnxKdd5nUgLRpZi3kG1gxNdwBGrvTNDZNepjDoVr5YwEKPPROcm%2Fz5nyPEA0RvDIsV6uYTHRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eedab5db506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/3151.b912e2d0.js

104.18.30.232

200 OK

36 kB

URL HTTP/2
www.dd7.xyz/static/js/3151.b912e2d0.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
36 kB (35720 bytes)
Hash
6a037ba9806d3f9ee033b4ecc683044f
d8047001f30194664a7fda32e601cb6855ea53e3
14e8fd05bac4dc83ad77c14ac27f5bc55893daa2ddf8df1c2859e140705edfd7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/3151.b912e2d0.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-28a3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e8950b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_82.png

104.26.1.241

200 OK

149 kB

URL HTTP/2
csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_82.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
149 kB (149068 bytes)
Hash
e5a3ad756096f391aa5d2e050ad5c45b
f4dcbaad8b86b0b08df1e1730be7950cd7611d33
aff37d29cf450919ccaa82344360f26052fedbbb496551a5a93c3ad431fe31d1

HTTP Headers

GET /img/static/game/en-US/AE_GAMING/aws_82.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: image/png
content-length: 149068
last-modified: Mon, 16 May 2022 02:49:18 GMT
etag: "6281bbae-2464c"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 890279
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zd3vfTlbfsa2ucSI%2BlU2QT4RXwjEHDMzGUheyN%2Fgfqyjx9TT3diwvINtv0QptZFU4pp%2B3%2FPA18WU2U8hsIqwC5WwkdDkKXzK7YQC7aEg8%2FfqEgr7m5mY0LIpH40CAmf5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eedbb83b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/6655.a5341bfc.js

104.18.30.232

200 OK

17 kB

URL HTTP/2
www.dd7.xyz/static/js/6655.a5341bfc.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
17 kB (17421 bytes)
Hash
3e88cf7ea99d0c7460e9efffbc44b02d
b3d5f04b6d65d50906fdd07ba15d0b8984d631c3
6a6318b10a5fd4246a8adfd107d2b77711c1a8f35d76a87d84784a766f2de9e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/6655.a5341bfc.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-7235"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e8920b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/1272.56fdbeb7.css

104.18.30.232

200 OK

36 kB

URL HTTP/2
www.dd7.xyz/static/stylesheets/1272.56fdbeb7.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
36 kB (35661 bytes)
Hash
00f18cf537712452007593a2547e42bd
ab4b8d4a0e62861ef7735f8f83d4bcbec8afc9bb
7c8d1c9c8dd49dff849c103236fb050008dd5d659fbf41ccac5cdcb0ffbc9a23

HTTP Headers

GET /static/stylesheets/1272.56fdbeb7.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-84fa"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7d87a0b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/shortcut/d1280afa-d0ea-4895-8083-4aca45b35ef6.png

104.26.1.241

200 OK

1.7 kB

URL HTTP/2
csi.20icipp.com/img/dd7/shortcut/d1280afa-d0ea-4895-8083-4aca45b35ef6.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1709 bytes)
Hash
9e9cc6bfee40345eab762fc129f1427d
e701f5d69310752b215042d0aae16a230f7eaa4b
a8a0510c577864665bfd6701e8ed804144cbc9008134aee8d76ad6cfe7fd0564

HTTP Headers

GET /img/dd7/shortcut/d1280afa-d0ea-4895-8083-4aca45b35ef6.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 1709
last-modified: Sun, 25 Oct 2020 09:57:58 GMT
etag: "5f954c26-6ad"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cm%2BO1I1JMcss%2FIWLCT0NCeMCEjVbR8SpZR4FsUnlcvsE7xq8yh6v2OHWUUUb1tsfU51h1ao%2FApM4WaOgdZ57Fq8ENDS6xER9SqS%2FlDYiT8%2BeQT6T9Gbfl2K3d4i8jSkqOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eefcdf5b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/shortcut/1cac00c3-bd36-483b-aea4-3c7c0079913e.jpg

104.26.1.241

200 OK

1.8 kB

URL HTTP/2
csi.20icipp.com/img/dd7/shortcut/1cac00c3-bd36-483b-aea4-3c7c0079913e.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1840 bytes)
Hash
3c6dba52b3ce5e083e57f570b2a820be
8b54eef5814e43b4d606f4015b7ce114a0a8201c
8f3439ace73e0ae222a43b2f529f554cb1d38af8e091665acf734280ac21a884

HTTP Headers

GET /img/dd7/shortcut/1cac00c3-bd36-483b-aea4-3c7c0079913e.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/jpeg
content-length: 1840
last-modified: Sat, 04 Dec 2021 05:17:14 GMT
etag: "61aaf9da-730"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbDQbGPqsyPSd8fAB7TKOpDRg%2F%2FTJ9X%2B5h2E9mxLK6MoiQPcPUcf2RGvZbPboVriobtEUwj2ZQkSXYFh2DJbgFSyz6nPACauOlaBcxaqBGy7tuaUMCSGL90yVm6DMgKJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eefcdfeb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/shortcut/c5ddac9e-140c-45fa-8092-f44f500ded1e.png

104.26.1.241

200 OK

1.7 kB

URL HTTP/2
csi.20icipp.com/img/dd7/shortcut/c5ddac9e-140c-45fa-8092-f44f500ded1e.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1732 bytes)
Hash
e01debb5cafbd5b66dd13e37e95e7e47
ed290b2f46cc3ca49bcef9d32bf6f62b39a52fe2
10146a6f5e4b31fb74b19d0bdcb0b2b20f9fdc65743fb283f3e2d6608ed71fb8

HTTP Headers

GET /img/dd7/shortcut/c5ddac9e-140c-45fa-8092-f44f500ded1e.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 1732
last-modified: Sat, 23 Oct 2021 02:35:41 GMT
etag: "617374fd-6c4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHlUR154Pvy9XOYG2gTelV6I%2B3%2FWE4BtCKrv8cL%2BOgNF%2FHwr5sYJsM4VVqGjoI6znhHSz51R63B21%2FQfhrO%2FKxMFWNIEJGa8HNlwG7u9YZkm5aiJPw%2BOVsRHzOwIl8wbRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eefce03b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/shortcut/73ebc3cf-7256-4a1e-afae-d1edc2c6c268.png

104.26.1.241

200 OK

1.7 kB

URL HTTP/2
csi.20icipp.com/img/dd7/shortcut/73ebc3cf-7256-4a1e-afae-d1edc2c6c268.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1732 bytes)
Hash
e01debb5cafbd5b66dd13e37e95e7e47
ed290b2f46cc3ca49bcef9d32bf6f62b39a52fe2
10146a6f5e4b31fb74b19d0bdcb0b2b20f9fdc65743fb283f3e2d6608ed71fb8

HTTP Headers

GET /img/dd7/shortcut/73ebc3cf-7256-4a1e-afae-d1edc2c6c268.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 1732
last-modified: Sat, 23 Oct 2021 21:15:37 GMT
etag: "61747b79-6c4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YcA31QUC7lFnyhPV3lUuWFBkzKajNfu9Nb%2BGRC5v7V6wLWsLYq90QazOW6vW72%2BmFkEwQZl2g2bJbx620P5GNySBdN5NLE9fLnWRJXmp6UGB0QnY5VQuFFAlCrOE2eXGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eefde08b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/shortcut/28829fbc-452a-4af0-9aff-7933f94a67bb.png

104.26.1.241

200 OK

1.7 kB

URL HTTP/2
csi.20icipp.com/img/dd7/shortcut/28829fbc-452a-4af0-9aff-7933f94a67bb.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1741 bytes)
Hash
8c3463e747ecacf9a3712c37e8818e8f
ae600f0fc0a480e7343e454dad158e1a79b2c2a6
09853e0a049e977fbb661175d360f5960b23e32150b3c77d80ec89427982ca18

HTTP Headers

GET /img/dd7/shortcut/28829fbc-452a-4af0-9aff-7933f94a67bb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 1741
last-modified: Fri, 16 Apr 2021 13:38:35 GMT
etag: "6079935b-6cd"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BbQ99r%2F0gDyeY9Thux2PbF2sQsYTljTsRAC6IKgt2K9cdpnVQIjzHidYJhlLQuZc8rAyGXK8mHDw7JVQ51AI8IoLfMlAIX%2Ffy9TX5%2B35ZPCfgUKOdM0n7HRPFSZ8Vg3wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eefde12b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/shortcut/a6ef8ac9-4b8c-445f-9ab4-51bc7b237f60.png

104.26.1.241

200 OK

1.4 kB

URL HTTP/2
csi.20icipp.com/img/dd7/shortcut/a6ef8ac9-4b8c-445f-9ab4-51bc7b237f60.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1416 bytes)
Hash
fc8fd7e7fa7164c05820f5ff21086a85
95a0dd6a0d489b4a40446e1d282b3b022edfb204
d8149e412a27447cd0431e0c69cfb3a479b6eb7efaeeeb49ec0c690fac293aeb

HTTP Headers

GET /img/dd7/shortcut/a6ef8ac9-4b8c-445f-9ab4-51bc7b237f60.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 1416
last-modified: Sun, 25 Oct 2020 10:06:52 GMT
etag: "5f954e3c-588"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVPqWxSzKr1jJX%2BK8Dd%2Bfue52wbmU%2Fge%2FaRT6GdLxbnwTzLyfTyowQBJ5UOOZtb8yYRDUcDH05YPvYMkNqJeuhbXd4KB0zQXM4wvxGCEqDwj1ygLrBWkkdfUBXZM3xJJbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eefde0bb506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/3283.6bbf191b.css

104.18.30.232

200 OK

5.8 kB

URL HTTP/2
www.dd7.xyz/static/stylesheets/3283.6bbf191b.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.8 kB (5803 bytes)
Hash
52c5f9005750963e6b096842a08bd1b3
4fa0fa3f40507a35c64a42d96f4d13eadbd8bc4d
d63d5a33a494cf05504ca6eb9d9e57825d22ce8d10b7aafdadc8258cfc68a710

HTTP Headers

GET /static/stylesheets/3283.6bbf191b.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-386e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400eecfe750b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/home-cate-icon-01.png

104.26.1.241

200 OK

1.3 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/home-cate-icon-01.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1336 bytes)
Hash
4276d0e15a93c7ba7d5ea9f4fc785199
ceec38515f9ced8a4b071d64bdeb6e46a8d1e003
900166c132569f33f90e6fb2973535ca93f4ac658ba608a4653a8c0334902b33

HTTP Headers

GET /img/static/desktop/home-cate-icon-01.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 1336
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-538"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1MHAamZfaRImwYOKGec4W5r9ocXSV%2BGsk2nA2H7NA6AgwUY93ipHpjdEEvGZrvXLhhxnBhl%2FmzOsIHjd4lmV%2FgEeSJuAtk0XflPdZbgM%2Bz2itxW%2Fx9cVOX%2BKsFcZI1e%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef04eb5b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/banner-mask.png

104.26.1.241

200 OK

8.4 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/banner-mask.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 3000 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8441 bytes)
Hash
6eaa24568f34102c5e3c9d833ed4432c
fde8c7c425aac653d4b3b89389773aaa342b717f
9acead89d34763f218ad11afee35e63c5acc18090b584bb0a752b70e73b9572d

HTTP Headers

GET /img/static/desktop/banner-mask.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 8441
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-20f9"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ypdWACbqXh8vzmDUoda4ToTL4g%2BjBjAenAhheRsXpoKlizL2ZfKx%2B5PNfjSZDWvVqeV7fZEZWoV3%2BFxXn4lbQqihCk8d9Wg%2F37mt%2BolI5pKexKH7QL3BRU1yVGPrWMmeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef04eb4b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/home-cate-icon-04.png

104.26.1.241

200 OK

3.0 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/home-cate-icon-04.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3038 bytes)
Hash
1cabc1afa5646034ffaed2b252b456ed
ed734e12801234ea6c38558fb3d8cd430a0ebf00
3adf4e923ca84961060babda54c1add9dab0762a39d8b1ff8ce836db00d824bd

HTTP Headers

GET /img/static/desktop/home-cate-icon-04.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/png
content-length: 3038
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-bde"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tj38orQOg%2B6rkUlxO0x8h3YpF4jY%2BbscLygVvABcMCa1pGeiM7zY1gaf%2Fshrs2FLS%2BM3R9qaHBLTp%2BqnvvIF2KhWv3h%2Fqfv9G4awLzvW7JdT%2BFHUDtLLhcDSiYZWnTiGFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef04eb9b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/8920.f4fde0e4.css

104.18.30.232

200 OK

11 kB

URL HTTP/2
www.dd7.xyz/static/stylesheets/8920.f4fde0e4.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
11 kB (10572 bytes)
Hash
c2ec4c8dbffb96aff94cb46395314900
75c7a39946907c8c55948101d4e30516f989e592
d0d83b8c548979d83d9966445b4188f8ad0504da48432551135dbb81a62dd3c4

HTTP Headers

GET /static/stylesheets/8920.f4fde0e4.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-3e09"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400eec9e0d0b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/bottom-bg.jpg

104.26.1.241

200 OK

35 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/bottom-bg.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1768x458, components 3\012- data
Size
35 kB (35352 bytes)
Hash
23d7ab5b8aa2c81f17845d913076ca4d
a9478dc4075631062beb04c661ddac054aa880bd
9c98d9851a0ff6752e092cab82773b6250c0392b45d3e2dcfc638ec84b70da4f

HTTP Headers

GET /img/static/desktop/bottom-bg.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/jpeg
content-length: 35352
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-8a18"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKurz5UWuTFzfjre5iGfgkq5Z3XFJ%2BTBy%2BSyAHv7W5YcYFi1e3zh%2BBAHFC1%2B4hqIN%2BF%2FWEhfVnCKJXuvDwI3CBp6QuK5LGmtpG7oelTht%2Bvsz7aWdTOB%2FE7ZWxsy%2Fd3pkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef04ebab506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/quick-gp-en.gif

104.26.1.241

200 OK

86 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/quick-gp-en.gif
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1920 x 275\012- data
Size
86 kB (85464 bytes)
Hash
b808eb428678ad20eb7d6e5d6e0a6f05
647a6146b6f29292aa4ae773812a857491d1b754
1447e9ff99d3098d01ced8841f231eba954613a58127e64e8abc6cfe5b2fcb27

HTTP Headers

GET /img/static/desktop/quick-gp-en.gif HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd7.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/gif
content-length: 85464
last-modified: Thu, 16 Dec 2021 04:49:31 GMT
etag: "61bac55b-14dd8"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XW3HJt6IvizgsqLed4wpzLo89Dkt4t1t5wFdvoqBuHDtBxcko2c9B5WHYg6069jXcHYYpHCB6CiziiI7gg40o%2F5H4G%2F%2BxI%2B16yG7QzDcePfcEyuLOrlJrtGjZtyNE9mYPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef0cf6bb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-ugaming.png

104.26.1.241

200 OK

38 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-ugaming.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
38 kB (37810 bytes)
Hash
65605136144c7458561ab0304a709f95
222b266721f59eb625409894fc07c901a04feb3a
4691e6cfeca35f195e51695d4f62c907cd51d9969300910e9f2ffa8fe997f918

HTTP Headers

GET /img/static/desktop/sub-menu/sub-sports-ugaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 37810
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-93b2"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYh2STpJl8WWodrnSK%2FGQN6wME%2FJZv5mgWfAnT%2FY%2B6ejM5eUEwxoo2oxiWs1FiQyFM6hNe9QQ%2Fs9bnySVYGubNOBMa2nam%2FjH%2BWCgOGqQijC%2BqYtoKdcI2KgxuW%2BB6ADdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef65f9db506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-saba.png

104.26.1.241

200 OK

39 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-saba.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
39 kB (38757 bytes)
Hash
cf561c58bf26d48ec2586524f8234d69
07306e9307701fd9ceb0b8a2bcdb07da87951067
d8576f0e2c410ec07dc9cb255e99d5d66dba644d9ac57e0f4abfa217615ab5e0

HTTP Headers

GET /img/static/desktop/sub-menu/sub-sports-saba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 38757
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-9765"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJzsA9oK65KnmcE0G3QYLG4ogHjFKMWQi8nyIn5tjTNe1W3Gs9SkgslQG8%2B0pZMn7T%2Bq0PYb%2BKepULrWqRtyPlE%2FUbYFQncYAJpND5iki8Kn0urVhLSoC6or51yxTR%2B08Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef65fa7b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-sbobet.png

104.26.1.241

200 OK

36 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-sbobet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
36 kB (35836 bytes)
Hash
9b9843d55d093f303b8e36bd699e934e
1cdd20237da0b16b6b3547a7ec151e80deb125b4
7d6365265125269f843c6c3824805a5e87fc2e12a3725025a37ed06373b78de1

HTTP Headers

GET /img/static/desktop/sub-menu/sub-sports-sbobet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 35836
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8bfc"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdq7un1J%2FxxkUuRCJRr9DJ721OYbVQkEUIfxJrLwNVGtT%2Fz4pCqgt6SZBf5ZKvN6yeMh%2FJCSZ3kQvIU9w1X6NFPTUH8VYZISfL0PYa7t%2BOae1b%2BDnN9JL%2F7FsCLDf4YU9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef65facb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-ae_lotto.png

104.26.1.241

200 OK

31 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-ae_lotto.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30634 bytes)
Hash
beef160e01f17b526177f820b9c39291
a240373a1fae5190508b15be2d8494751133ebaf
0c8eac2e67a93624ec3ac0c4cb578f4d91733e24c02b942c973ee6217b0d5ec3

HTTP Headers

GET /img/static/desktop/sub-menu/sub-lottery-ae_lotto.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 30634
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-77aa"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9S6wa9qFbcPd8OPixRd6jEQHyd%2FWt9szTnzV7wCeRhnYd9NxgW3vGuwOsO3EN2%2FoobIzMEXHlV7Kdf2H8L8XxD2xSaMqNDLzoEYXbbor8dBHnvVYhy9Z0nYf%2FgbsghpFoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef66fc1b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-gw.png

104.26.1.241

200 OK

32 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-gw.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
32 kB (32344 bytes)
Hash
d1fd1772028ce9d38121a3078c061bd4
16c4028524c2e7e5715b94f961037a32bba9239a
4b00fb736fa8295fd758c2dccdd81758cdaea0fcd51d533900a59cae5ec8f632

HTTP Headers

GET /img/static/desktop/sub-menu/sub-lottery-gw.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 32344
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-7e58"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwikqjpvXjc9QgG%2FCEjuCLrQbqatX%2BP9iiS0YBQFij7qmJ30juou%2BB0SlQ1TKLyQRRHrPk2pEA7zGj2US773huJ7RSBVGoBNW0KUXg2MmXJbNNCWEyTk9Itd5TpCNuJlbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef67ff9b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ae_seven.png

104.26.1.241

200 OK

23 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ae_seven.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
23 kB (22685 bytes)
Hash
1bfe0ee6b04ab6dcef2d497bf9e52323
dc3de4fd114d7318997860e524a518755f9a4faf
216fa5d4b0102d85ae2b0ab6ca6f525d71d57d449dae00f87ac4be70a21e9906

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-ae_seven.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 22685
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-589d"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc1Y7t5Tn3OEidTzjHu2SDXHuxQHcCSvqkdODRfHbuq2ETeiULpIzGmGPWR%2FC8ikAdmpJN5S7VEbWVQCrtPYZDowYBQ3NjjQ7PW2N4Jtf67zxe1YavG%2Bf%2Bp58dyZALnlXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef68805b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-allbet.png

104.26.1.241

200 OK

26 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-allbet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
26 kB (25688 bytes)
Hash
47aae815db345b9ca22a87027e55a43c
88a8465ebfbbfdd90874d134e8181131c7059ade
2ad74a925bb73db8e747f49b368d7b9b6d69f3ee925917415ba7b9c60058d8a9

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-allbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 25688
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-6458"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIABmz0kpVhZoSp0aQCll6kgcjUg46P6NAViy1hDKAqOKfHe%2FDQFt2qy7fEe0LAjUbA5xac5UuGHb6dXpL22wHzCQRd4XFn1cXdb01ny%2FAyWBJWpRWLnf9h8naKAdhH1Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6984bb506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/3303.ecd18c23.js

104.18.30.232

200 OK

24 kB

URL HTTP/2
www.dd7.xyz/static/js/3303.ecd18c23.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
24 kB (24024 bytes)
Hash
b51815a16e097e4b2bea3ade2aa5ba54
5100230df7616ca4875f33641a33982dc800e9af
ca60afa9cbaed4b82fd86189cbf1cc59b451cecd6c403882df1c7aa3b869249a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/3303.ecd18c23.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-94"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eed0e7b0b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/9361.9814c206.js

104.18.30.232

200 OK

46 kB

URL HTTP/2
www.dd7.xyz/static/js/9361.9814c206.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
46 kB (46116 bytes)
Hash
957f9e16788460e35d409b4a4f74f884
151b4339de9c66e5f05c33964b999298b51a23a8
7f36adc6f655a9b0b8b8525f223c632a8964d1d19a77484607ec4b3560b0fb95

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/9361.9814c206.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-51f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7d88a0b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/7379.f1ca523e.js

104.18.30.232

200 OK

61 kB

URL HTTP/2
www.dd7.xyz/static/js/7379.f1ca523e.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
61 kB (61124 bytes)
Hash
736aab4af37d26492110f7b9304b523a
9041d0f7aeb6719f3195b04adf7a36dc99902257
7533a151ebdeb511b5f4d1d80920f85ca5c11f744e8e4ea9ac23b2547beb5517

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/7379.f1ca523e.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-faa6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7c8600b59-OSL
X-Firefox-Spdy: h2

api.dd7.xyz/dd7-ecp/api/v1/floatingads?lang=en-US

104.18.30.232

200 OK

31 kB

URL HTTP/2
api.dd7.xyz/dd7-ecp/api/v1/floatingads?lang=en-US
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
31 kB (30552 bytes)
Hash
8d68de0bad73688537cf0f1b91432fe6
3ff194137802a261c93c1eb1c3dd0422ec74f633
7ef043284aef715917fd62a7d6675c18edb7871dc9aaf1bdfff9b88a9d4be927

HTTP Headers

GET /dd7-ecp/api/v1/floatingads?lang=en-US HTTP/1.1
Host: api.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Origin: https://www.dd7.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew, X-Live-Site, X-Live-Agent
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=SMQJWqK8Nim6eejZyOR31FcPqHK7LX7S0suXdn9J6U0-1664741183-0-AUv7Ejq2uwDEuD0uop9LhTHIRhdyWTtKeVBuNd5oqQxcOvMQv/PGKGOfmYItfhFkVYHa/48Kr3yITmU/8Lm3Fas=; path=/; expires=Sun, 02-Oct-22 20:36:23 GMT; domain=.api.dd7.xyz; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75400eedcc5e0af6-OSL
X-Firefox-Spdy: h2

api.dd7.xyz/dd7-ecp/api/v1/staticpagesettings/SignUp/orders

104.18.30.232

200 OK

39 kB

URL HTTP/2
api.dd7.xyz/dd7-ecp/api/v1/staticpagesettings/SignUp/orders
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
39 kB (38874 bytes)
Hash
5c6beee8719c5d25bb967e72a15d5960
816722e936fab861c8c4e7f152fc79d220a1047b
8a613e94ce8ec6a65118682f3132ab4b08d833e3b305d33b57be02a4cd70874e

HTTP Headers

GET /dd7-ecp/api/v1/staticpagesettings/SignUp/orders HTTP/1.1
Host: api.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Origin: https://www.dd7.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew, X-Live-Site, X-Live-Agent
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=zkYc6.nPuchoUx3tdxONTDzNaimPJez9fRpZ1Uoh12A-1664741183-0-AerkQd5vYJNhU4Vyv4Stuca5anDrgDtrIMPI1lQLJffiHy3J8R2fj6ALyjikcv0KuzBt0OZ00r1kNopunGeAngA=; path=/; expires=Sun, 02-Oct-22 20:36:23 GMT; domain=.api.dd7.xyz; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75400eedcc690af6-OSL
X-Firefox-Spdy: h2

api.dd7.xyz/dd7-ecp/api/v1/ads?language=1&platform=2

104.18.30.232

200 OK

37 kB

URL HTTP/2
api.dd7.xyz/dd7-ecp/api/v1/ads?language=1&platform=2
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
37 kB (36634 bytes)
Hash
72822b0f01406997e679fe58503fe6d0
6682ad8ac4d24135ea459e806a8df983dc46dc70
c6c7844885369c00d1b9723e6815fd690c23100f72d5e708126a173d1b6969e6

HTTP Headers

GET /dd7-ecp/api/v1/ads?language=1&platform=2 HTTP/1.1
Host: api.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Origin: https://www.dd7.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew, X-Live-Site, X-Live-Agent
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=fAr8F3dqKYgJy1yf8J0pgQ.uoog4XaE3P2A.jIQ8v4Y-1664741183-0-AQhqYuPNBsdoE+xAGjqJsHBd5oGjQorjK9WmElp1mdLa1YAzC/s8Yjq7+UHZ+3RdQoSYadhJajQoCR44oaqqfIk=; path=/; expires=Sun, 02-Oct-22 20:36:23 GMT; domain=.api.dd7.xyz; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75400eedcc600af6-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/icon-dark/cq9.png

104.26.1.241

200 OK

7.1 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/icon-dark/cq9.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7103 bytes)
Hash
b983a2b91e4849cd688c2f12841aced5
c40d04e16a21c3119bea5319aae268ef4c7fdd98
9c5b7e047743ea7c4a90bf45c222c37f3c5979146dde644a3320df6ebe9b6640

HTTP Headers

GET /img/static/gplogo/icon-dark/cq9.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 7103
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-1bbf"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th2ikk9LQGlvFjT19kilu6aLJ8XU6reWM1rC18Ez6U8kGaGuZ6iTtUyyebTDZ9e5zy8PBzLR3jzXah1s68V9N%2F2CWRiDNveDIm2N6ISblPRweGI%2BSNEQueDhyqPPYRn%2BYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef79a87b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/icon-dark/ae_play.png

104.26.1.241

200 OK

8.6 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/icon-dark/ae_play.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
8.6 kB (8611 bytes)
Hash
2cc034a377bf5963fbcb4d50714679f4
819271b15acbb108df7526de6c60010359256192
2f86263bc82b0790452e50b387a480a1e69f5b1ac69ed9c9e0dffe3413bb243e

HTTP Headers

GET /img/static/gplogo/icon-dark/ae_play.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 8611
last-modified: Wed, 07 Sep 2022 08:08:36 GMT
etag: "63185184-21a3"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5429
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wjVVcltev7arKPWapvkdccBLt6gwm6nwWbCpqvf%2FDIWB7OM1Z3u97D8%2BBORaf71Xlslu0b09VgUSia3bOJ7007oi%2F9D8OAiYhVeGA%2B3MDmp0PpZBOMasL88ZPW8SMHCLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef79a75b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/3140.266c37f5.js

104.18.30.232

200 OK

49 kB

URL HTTP/2
www.dd7.xyz/static/js/3140.266c37f5.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
49 kB (48566 bytes)
Hash
097d047e32dfe0d8cc80d88917f58b4b
d24ea7aeebf04c7cfb31665287b15ebb2f8f82f6
f69a78b4f7d45d047be01ed333390e279587794745979030907674db6cd822bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/3140.266c37f5.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-36bb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e8a00b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-cq9.png

104.26.1.241

200 OK

43 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-cq9.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Size
43 kB (43167 bytes)
Hash
878c28c70f1ac0d8531177265f0562a7
cf1c5be6063b71dc800ebfd8cdfc8b65160a0696
b9a6b2224283fa784605103bdf17f59447dea93ee0108de3358dfcc884b9ae6e

HTTP Headers

GET /img/static/desktop/sub-menu/sub-egame-cq9.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 43167
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-a89f"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5Riw644opRKFBb6Kl2pDQzvaC0tvQPbZjdW1f8LF%2B%2B15KaKuwLa5HJrYOrz8Rhnl%2Bv%2F7VWcq7ImW7Bx3pWbdKvlh3C1IVilXSJ9n%2BOwA95FEyY5DVtmMPDSVZQnL6K8Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6b892b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-pp.png

104.26.1.241

200 OK

40 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-pp.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 399, 8-bit colormap, non-interlaced\012- data
Size
40 kB (39678 bytes)
Hash
aee45434dc8dead9c9131c0d562969a3
9825c536bd796dd0ce0b7b65a47995b7ff86fe10
35959bb1b2bca3e113dc486c2dc7afc58252d1aeb1e1f5341adc0d87dbc2af13

HTTP Headers

GET /img/static/desktop/sub-menu/sub-egame-pp.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 39678
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-9afe"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FLxHInaeM07QzxiIaWtylqOdDSN8xWNoBWT5ay45hy2C%2BVvqQTbKEUN%2F7tKZcdHmK%2ByNMn6fBsEJ5k%2FaoLLGCEA7bZBZ5waz432VjtC9nbMKWkMsIvDbZBJDlXxplogPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6b8a8b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-pt.png

104.26.1.241

200 OK

35 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-pt.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
35 kB (34578 bytes)
Hash
d1360dcb04449eb5166f10f4a347c096
b7aeecccda8d95c35bee191043a00fe8e02476b6
e50ca71ceac05f69a332feaae7064f9c70d3e6eb08f206e037fc829c6bf2def6

HTTP Headers

GET /img/static/desktop/sub-menu/sub-chess-pt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 34578
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8712"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhSsjkpccKleXgf4Ade5v0F%2BBvQiMTL5khUGxnNXftrEH908%2FHAsrDNIBHQtHM1lHbPkc%2FNxbTA%2F%2FkpUG7BauM491SApY8fM%2BKrfPZCYJ3pKAD946jDlQV%2BkxMkZq2rxqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6f937b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/9758.12328a50.js

104.18.30.232

200 OK

43 kB

URL HTTP/2
www.dd7.xyz/static/js/9758.12328a50.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
43 kB (43043 bytes)
Hash
1b95d38751f45eb7feb80b7d5170b4a9
1b25e522be507d5200f75f176bd1c9f48f086d23
6238d0068ee63cc26dcac0272a0d6f529280e2930c5e983f385579c9d4efca1f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/9758.12328a50.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-3ab7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7d88b0b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/home-cate-game-cont.png

104.26.1.241

200 OK

2.2 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/home-cate-game-cont.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 340 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2182 bytes)
Hash
c58be89753b8ac19568a955785d2375d
0551429ed4e9626fb1998ea54591124c093ca91a
9b0a1f25015d23a88af5f89fa8ae041ee5217307da881bdc0f46919c07ac9d91

HTTP Headers

GET /img/static/desktop/home-cate-game-cont.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd7.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 2182
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-886"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZfqVhmnPJ8XWLOn5CztUt0Qpga03g%2F%2BWoMGHIFbhg1y4Yd6mwQdmt6lKEYK57UdOD3CaDTd9%2FbkX51Hq8HZmnl1WlVHdAlkVhwMSyq6OJqZuovedURBFTEfqElAnm80TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef79a91b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-cmdbet.png

104.26.1.241

200 OK

36 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-cmdbet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
36 kB (35750 bytes)
Hash
998a9e09b30e1dd4320505b72c1b97d0
9dfd6adf7e3d69994b668524be343f9384d23d17
020f31a8ef716af2073dab7d4d38699461c1c403900e89dfccebffcfb0902519

HTTP Headers

GET /img/static/desktop/sub-menu/sub-sports-cmdbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 35750
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8ba6"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rjQxehHI4n7RjMBfxPUd62a3s24%2FyeDq%2BAQ6gOSCpaa2GxI0pBzqRxIYAsnjyXBJr9NJF801LXVVJBbAwtRqy8SGfK8T4a0FDpPJClwKwAsCysuUe0WmM4g4V3FViryHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef65fafb506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/8920.f4fde0e4.js

104.18.30.232

200 OK

264 kB

URL HTTP/2
www.dd7.xyz/static/js/8920.f4fde0e4.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
264 kB (263849 bytes)
Hash
0fe56b6725f34d3daefac7e672e6e170
8210da2c86f813d8b27188d91484b331e108fd1e
42ca05fcfc7eec5ff1c657bcad4b31440b0f825252465f28d9190174dac0f013

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/8920.f4fde0e4.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-93"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eec9e120b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-bti.png

104.26.1.241

200 OK

38 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-bti.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
38 kB (38439 bytes)
Hash
b77a32fbb0c6839624375361801ad86a
8d10af0bdbf840ded30c5f5ab9874692207ec882
1c7606556e9b34f6299e7eab2e0660efceb97c053e12733f4efbd5ecbae4fe5c

HTTP Headers

GET /img/static/desktop/sub-menu/sub-sports-bti.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 38439
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-9627"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYgJVdVq3H2MBwLhqbkt2wwC1uzLPHTC6zA7wWoA81ncBD01k789Nkt5j1awcC5QUU6eAl1bfbmUfTg1fbvIJHvO8oNiP8cf%2BqU6OO%2B%2FdWbMijg4K5MbeucUtO%2B9MmXVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef65fb0b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-animal-sv.png

104.26.1.241

200 OK

42 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-animal-sv.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
42 kB (42054 bytes)
Hash
abc99693ad4cf5d05e88714e94402e36
0019832dd91ae4d631c5e72d9e28a0e7ba15c5e6
7d101eb6cddcf0295f0aa1bc7167205194fa1929a669a7d2854a109e94ec5e24

HTTP Headers

GET /img/static/desktop/sub-menu/sub-animal-sv.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 42054
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-a446"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFJ6rEztJsi%2FPxtSeY4iWPANnCOABw%2F4m7R8%2Fayd7cBJ0AYCn%2FtnTvVQiceHrrHWRQFA2xgaJwANYTb9CD7EHsIey8bM%2F7P0TK3KXy78XLLkIILnAGx78PxGUlsCilEopQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef66fbbb506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/media/iconmps.7e0baaff..ttf

104.18.30.232

200 OK

116 kB

URL HTTP/2
www.dd7.xyz/static/media/iconmps.7e0baaff..ttf
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
116 kB (115600 bytes)
Hash
55d15f3da204a7bf21bb32703f0f9f76
583f6ee0cb7dab1bed74d54d46be04b3e051986f
ef8fc73703bcc6fdf3729144bb3b40b9b2d6ca63a9e8dfeb3431414643c2aaa1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/media/iconmps.7e0baaff..ttf HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd7.xyz/static/stylesheets/3283.6bbf191b.css
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-22480"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:24 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400eee78220b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-sexybcrt.png

104.26.1.241

200 OK

24 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-sexybcrt.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
24 kB (24466 bytes)
Hash
f3b16911d036d060d5eb6447df5c016a
1c4254718bb425d6b08778bc4fa7b32a69c33f28
269c68a84c2b28b0abff02a59521c0e69a854ba779de8b0ee337fd63b275edfb

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-sexybcrt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 24466
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-5f92"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SpiVhMTAeT1gzWo3byCoTkYBom%2FeMhgpYg7rYu2x2Oi37jcwM6LLD7iBAeccJlQ0hsU%2Fg6ICS5IhBR8uMGdCV5pXkGvrYEak6YR3jUm6t%2F1%2BFrKUSv%2FaOvOfBR7%2FAQpnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef68801b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-saba.png

104.26.1.241

200 OK

31 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-saba.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30822 bytes)
Hash
ec00e1e095da65d9ac6c806b2b0d082a
a8c5146aa09cc16f8ca982b6bb98455bece18b96
1958ca5cd30bf1a92949fb35dc06e82c03fcebc9aa6ea4c3ba8451145cdf8049

HTTP Headers

GET /img/static/desktop/sub-menu/sub-lottery-saba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 30822
last-modified: Tue, 23 Aug 2022 06:37:02 GMT
etag: "6304758e-7866"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiwB6l8z%2Ftji493MzPcTHGdOSNtBPx58I22i3wO%2Fi4RWE8467IPlf%2FiNsq8XUs7%2FTKNUZSUcYlgQJOhrLhLH5057lnnqLKHpINRBWmPxUHaHiFtY301IPLbC3M3pmAhHbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef67800b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-wm.png

104.26.1.241

200 OK

24 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-wm.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
24 kB (23912 bytes)
Hash
30f93550078409a89c0efe49bdfcd1fd
cedfd41615ac8700559eefb7669fea25ca4815c2
90c3a4960e3047c2010db8ebdb8c31b422436267ddafd5c298625efe4e14bbf8

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-wm.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 23912
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-5d68"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQjGnFWgjrwJbJeI1JymWWeIgF70N13W4dgrACAovxa2jICTJMVEwR%2FhVkn2Pgsv6PdQIVZ5X%2BEfb1C%2FBEp4tfT%2F0tNyfbxlSAYjmR06sqjGpqpPE5iwfiH6ACiBTXnC4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef69825b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-dg.png

104.26.1.241

200 OK

24 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-dg.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
24 kB (23743 bytes)
Hash
754db772c36013143a8bff8974ccbb1f
eacfafd7e56026a7ddce5390b97063374b893257
469e85dd69b0e847ebc8399e9590a6d47810f30d2a2688b1f021d35248b34dc6

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-dg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 23743
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-5cbf"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52FxFJiD%2FRlOYafe5sKqvc8hJAjA7jnCMsECGfGrS5mnOkLEn48OYxYd4DOsioFbnQ7sFvHVxqoL0OSSF69YozFC2RHX%2Fvz%2F3YvG5jdr7DHU1dKF2uNtCa8mV%2BAc3Weqmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef68819b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-sa.png

104.26.1.241

200 OK

25 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-sa.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25015 bytes)
Hash
66901453b4a1d05f287894d4ae687530
07c37d280b39866fcb7e0a775688cc3e899c2cf2
0328fe9415617abcf581deaabd2a59e82d564585eba2f1b7f44f08de34811d5d

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-sa.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 25015
last-modified: Fri, 29 Jul 2022 02:53:20 GMT
etag: "62e34ba0-61b7"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoCyci6GQPHORuGQKstEqH79Nth9rVjNUh%2B0haJTs7BVYG5axAwWF7epou5pnbE%2B5lqO4jv%2BDUgv2Oy3k45kHGKRNJ9jmyGBpYqqrRjGUt8XAlVlABdybDP5nbQxq5z7Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6982fb506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/3283.6bbf191b.js

104.18.30.232

200 OK

23 kB

URL HTTP/2
www.dd7.xyz/static/js/3283.6bbf191b.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
23 kB (23139 bytes)
Hash
40fca27a7a94d38723a5d2cb102f0598
246de69b2210fa663a2d5c6c011b89f4f5e3880b
d3cae6f83155d98a08950bd532ed8642aeb4bb201b2266af3d23000dbea23f2b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/3283.6bbf191b.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-93"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400eecfe770b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-venus.png

104.26.1.241

200 OK

105 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-venus.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
105 kB (105100 bytes)
Hash
526259ad6db9e9f0c8878ad006435df1
0afa2cd06da26e1a56e2abccc570d472ccbcf499
625c9bfab068d55e2d79c60af806fcf48fe728d13b3250abd011ba2131e09353

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-venus.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 105100
last-modified: Wed, 15 Jun 2022 07:51:32 GMT
etag: "62a98f84-19a8c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi1yjnw6cOhQNhjzl%2FGfXqoSTVnHmBqyabcHFiKRaV4Q6gep2D4vPAa0R0FFt6aaCzaLQ%2BRwBUKFUAmD%2BeaX%2FsLcLdFH65mZG0m5X7s4vaTUrpFuN%2F75Y3yWsIkEHXMtgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6a86bb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ag.png

104.26.1.241

200 OK

25 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ag.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25418 bytes)
Hash
78d6c56ab3726e8f64550b436994364e
82e235e89fc58c8fde93c7999e730aff29ddc2eb
b8b6161ddc7525558901d67abe70bcf77429443aeb6603eb8db4e1283d42f653

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-ag.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 25418
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-634a"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GObjEh6C0Ivf3wG1WzWRgrSdE4fl5YcyeOTEJQQ8XWUlMbUhXqkplDvKFGFu0QnEXhIuOx9X3LHoDCpEgXjsfvC%2BvTa4X%2FePldR41OSP%2F9mVvk43nguRGddco56ehciTew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef69846b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/d-Home.f1e92d80.css

104.18.30.232

200 OK

28 kB

URL HTTP/2
www.dd7.xyz/static/stylesheets/d-Home.f1e92d80.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
28 kB (27725 bytes)
Hash
fe37a8d2906a67afb85229b4515745ff
934e0488041f267751e7e27e60a4fb30fe61458a
3dbd694b20ad7b78df8e377185687ab1a178d4ba3e5cefdd2940abebd09e4f73

HTTP Headers

GET /static/stylesheets/d-Home.f1e92d80.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-1c25"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400eed1eaa0b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ezugi.png

104.26.1.241

200 OK

24 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ezugi.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
24 kB (23634 bytes)
Hash
d3964ba375eba565e39cdf785d0f4f62
7a3394ce5674d8a244b92aa325e9226cc511b831
41ad9968864ef4238c76a8aff4d6dcaa2a4557aae7eff399b49819506656b318

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-ezugi.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 23634
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-5c52"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=866yQzcTZm7Ts6BVBWJnIbjlxlgeO86MoVo0jxbVqQhkIZqirwNOwuRoH5Om%2BQUgh2GXG39fVTyc2eVFOl5DAIDSfDaPwlxgSroeQCBevX4vbexSp%2FzCGPA5mQlLVkTZIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6a863b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ameba.png

104.26.1.241

200 OK

39 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ameba.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Size
39 kB (38972 bytes)
Hash
1cc4718957a130a220dd73a8482576c8
18677291ef6eec2fe963ce0791f697bc490ffc3f
5621cd0f7df6bfc2e692821fd15ddc2729d216580fb7b84ba9fd6e85ad8959bb

HTTP Headers

GET /img/static/desktop/sub-menu/sub-egame-ameba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 38972
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-983c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEmiDCZoOPMeeC%2Fe8MZEaAxY1U3%2FrFibzDgnFGZH3sr6l4mU0YBL2I0cCPByjC%2Bt3GjaEabUF6LTv7C8ytEBbMBwFXiWzAV8JlyuNyJyre1Mgow1wc6Juyh%2FX8dYZpUA2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6b89eb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ebet.png

104.26.1.241

200 OK

26 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ebet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
26 kB (26025 bytes)
Hash
08a6e75f3710394dc3c6ebd2ccaacfc6
975da62de96268cd4474c182c2c3930c41091993
c847ddad5550bb78871ea2eeac14af68ebeec707d6a67483f487d0553aff60c1

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-ebet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 26025
last-modified: Fri, 17 Jun 2022 03:14:22 GMT
etag: "62abf18e-65a9"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vewdM28dIw%2BTijNSu9tqtzVT6j28XSu1MTioGMp91fliD9Ek4tvQt%2Fu9inrWJwjGpbLWTJOvxjLl8B5DyGSrK5xe0Z%2BNWMw2ZFOp3kDgUXHgc2VJSc4TUU1aH01ym2z%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6a85bb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-live-bbin.png

104.26.1.241

200 OK

22 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-bbin.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22213 bytes)
Hash
768010c008f58914c82d67f5905685c9
43a0e7165019b32be66f94bab16aef3d87223bc4
2321bc11d44bf170caa975217cf7dadfc17c779e238ff87de45b756a43c9f8ad

HTTP Headers

GET /img/static/desktop/sub-menu/sub-live-bbin.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 22213
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-56c5"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT6eoV3ks03wToBHiWqhFEvCvDxBv%2BYNpYRxHwHlT03EH5fsEktOQSO0Vn%2B%2FZfU1Rfn01VZk5i6y9%2FQbGOgr2FxPra4MLorX8sRyh%2F3%2BMe7%2FkGX0wJehHphD2jNiAaMz%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6a856b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/d-AppContainer.196d41e7.css

104.18.30.232

200 OK

111 kB

URL HTTP/2
www.dd7.xyz/static/stylesheets/d-AppContainer.196d41e7.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
111 kB (110845 bytes)
Hash
4427db5c774de10d4275ff4937a826ac
c7abd0c1e3cd8f14ce7986e4d113fdb68d6c3922
4921add3cdd99e798aa2a2806e902823c41078204c380d7d5bc7f1fdfa5506d2

HTTP Headers

GET /static/stylesheets/d-AppContainer.196d41e7.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-4a7d4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e8a20b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-jdb.png

104.26.1.241

200 OK

47 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-jdb.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Size
47 kB (46876 bytes)
Hash
cca4544281026176c7e256b1cf94b1eb
3d6d6c41bf8356d48b5bf5a3cbd77f3458f030f4
8925bfe7429f49dc6fc729045554d6d97bab7ba6d2b8d0fe1ba3e70039e2e506

HTTP Headers

GET /img/static/desktop/sub-menu/sub-egame-jdb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 46876
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-b71c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aA2vtL6HIAIjtfRT1Hk6wcj4764%2FZVkCssj1I6MqS4VRbhxyuoS9RBegzv%2Fsj4zhtJ51kRz%2BZnDsec8sCej3ZSaculg%2BWgsHp5KXAn26wxoPW7Dt7L0r1Y%2BvbsNZb%2F3XQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6b8a2b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-mg.png

104.26.1.241

200 OK

35 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-mg.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Size
35 kB (34826 bytes)
Hash
0c466727c1e91d2989dbced881ec6836
591947ae4f2894ca2f18249750f69416aa316ecb
f324e1e6f91ca9c7c8e47fd368d958d87be6e2d58334f179637955cb44d101f5

HTTP Headers

GET /img/static/desktop/sub-menu/sub-egame-mg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 34826
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-880a"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjOLqnWZ%2B8OpPFk9qfSLrt8pZOL1RKvsy5KUr6%2FZ9fJaB7R3CdTUlOhBvqUN3zYieBn9NaF7SK4KKgia6Vb%2BT87KhfZI%2BpdaVu2CES4FKMA4gKBEX4Rm3x9B0k1J83jhog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6c8b9b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-spadegaming.png

104.26.1.241

200 OK

35 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-spadegaming.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Size
35 kB (35390 bytes)
Hash
c4a3f96b78b8c5aa3fef8f41fd0badaa
a77c22261bbb00df4aa0c9ae179a49887bb42c4e
c2c7cf2ae68e48da795d512a48be515bc591b3eb1978414011a2e62edc3682ad

HTTP Headers

GET /img/static/desktop/sub-menu/sub-egame-spadegaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 35390
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8a3e"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km439slgH5IRbcmMkc%2BtcFTAqSTpXK%2Fj1j7v9m8mtk2fZ5bfiFhiorHXJwUGIVsgu0q%2FWBv%2B9JTLhlZRylmnKPhrVsp9Ujn9a4irnSnjuSYmPSohwe7HYoJ1WF5zfSLPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6d8e4b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-pt.png

104.26.1.241

200 OK

39 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-pt.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Size
39 kB (39150 bytes)
Hash
40b8f22b6422c122db4c28ef6bb3cd0c
786507712fe5a9c5bcefbde9327b89941d2562b7
e86dbd507412d0c08e2cd8df8cffa0c4f38ef2da1df5437e5d1db71d8c6a7ae3

HTTP Headers

GET /img/static/desktop/sub-menu/sub-egame-pt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 39150
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-98ee"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3FZdalEFmoReSJqFUXfxQOXtit7%2BuGivf31gY3BYPM4fxlvHVJZ535IkzmJ3NxmfPpnrzZzNMyen4SGtp91bHcV6ltb0Fdh1DX25%2BkgellWI9lWql1U1U0jh3vFWW%2FR1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6c8bfb506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/6548.de9cc734.js

104.18.30.232

200 OK

79 kB

URL HTTP/2
www.dd7.xyz/static/js/6548.de9cc734.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
79 kB (78683 bytes)
Hash
3d9a4b1c03e51eb2360c4458e1647c3b
78d802e343cee3a4ecd88121d4de87244f988d81
b0fb3e3a2108de00447fcd6332b316c48139aebb6d9d9d812839ebe19a47c9ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/6548.de9cc734.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-2afe1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:22 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e8970b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/8955.47aaf980.js

104.18.30.232

200 OK

232 kB

URL HTTP/2
www.dd7.xyz/static/js/8955.47aaf980.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
232 kB (232355 bytes)
Hash
3d104c937c9a556e91b0096fbc6c812b
d75ec15f32be639513867d9357f069f03f213d45
3bcdd4d105a9fa5f83eed40fc24161e28fbd1c10d3ce87c2f03b326b54b657d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/8955.47aaf980.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-98a6c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e88e0b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/2576.b6ebc9e0.js

104.18.30.232

200 OK

46 kB

URL HTTP/2
www.dd7.xyz/static/js/2576.b6ebc9e0.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
46 kB (45982 bytes)
Hash
0ad2057f18d9f2b388314a2b454c94c1
2674bdbc9c2a0091f92677ac0bc18687221bae43
448ffc1a43a099f1c7c4634308512cff4d44b1f3b774782f7c1faf90e1277e5b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/2576.b6ebc9e0.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-279f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e8940b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-card365.png

104.26.1.241

200 OK

34 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-card365.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
34 kB (33748 bytes)
Hash
57b119df58f4b0fde3ee15c005937ea3
1c41843c8549f1af4ba1b49123914b3d01cc6a0c
3bbebfc5daed8846f859e425c1455e83bec92c88bdbf0d75a48785160a1cc46e

HTTP Headers

GET /img/static/desktop/sub-menu/sub-chess-card365.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 33748
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-83d4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okk0aUj8l9x096NapFuo7gLSsZ%2FQLCOj6zC0Obh03n7%2FN237ColXWim52tM2CxCEwfqnmU6Eo6%2F8M89IhmkYWxlwQHDShV2lTj9MDugislDcBSKU%2BU7GO2oTHwUMWwpk7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6e914b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/739.fca1fba5.js

104.18.30.232

200 OK

49 kB

URL HTTP/2
www.dd7.xyz/static/js/739.fca1fba5.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
49 kB (48841 bytes)
Hash
f8f2c95d7ff5e2c70e22f7b88ae215c2
110319f6900897f54d002eed2ca166ef1beb3e27
09ab34fe3cb25dfd8c7e9ec1b5eddab45a6868d1690c6b54491ce150e412bd9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/739.fca1fba5.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-a259"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:22 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7d8750b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-mg.png

104.26.1.241

200 OK

32 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-mg.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
32 kB (32113 bytes)
Hash
8c4703a4cf4690fc92239cbc10fa2740
6d854ee75e718473451a389fae9e81e770f7e97e
55de05bd1d419df8fd3436025b8bfa2d93ad9d463e4c08293f7ef3b11b6ed74e

HTTP Headers

GET /img/static/desktop/sub-menu/sub-chess-mg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 32113
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-7d71"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOwef3Emy4ZEaCG%2BHH6DHNYgNcFiMXiYksDX6kB0evb1n08S79cP2TxhMDJBINu65cnaT3%2BJzY%2BRZ3lzOFIa%2B9KVeHHrisZwGtIru3vw3RVJm%2BBgSLXvqRjMF9mLE4qNRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef6f925b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/ads/59755435-8d42-465a-ba56-d9de6e0255ba.jpg

104.26.1.241

200 OK

471 kB

URL HTTP/2
csi.20icipp.com/img/dd7/ads/59755435-8d42-465a-ba56-d9de6e0255ba.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x660, components 3\012- data
Size
471 kB (470984 bytes)
Hash
ce3ea117bb6df8a0c4e79ab61d7f8df1
11ef58e89d5519e9177b6b122eabfce8ca6b7e97
4bc77816d21b1e30c9652a583a00fa9e44f859fe63c1d2ba6bef0e7c22a31323

HTTP Headers

GET /img/dd7/ads/59755435-8d42-465a-ba56-d9de6e0255ba.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/jpeg
content-length: 470984
last-modified: Thu, 29 Apr 2021 12:10:11 GMT
etag: "608aa223-72fc8"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZX3VH%2FloBo0IduJzEaRLcpfaN34ADMfD1CjKQoBE%2Fq84lbkLmw%2FqhiDDoRtxUpERHzascwZTi98pfSkWws9tO9R6qZaZLxuSriWW2HnE461hyb9vyMB98w5PdqpVygBkdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef03e9db506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/

104.18.30.232

200 OK

412 kB

URL HTTP/2
www.dd7.xyz/
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
412 kB (411966 bytes)
Hash
94f637d4e0ba208ba21cf3f0e177f983
0fadd0314309cc6f0c5f9e5cc67e5708725c2b6e
48866df88a088292ff49576ffc53bdd5b7e658d33cfccb31543f6615641232d7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75400edd7c530b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/7283.7d590fa8.js

104.18.30.232

200 OK

52 kB

URL HTTP/2
www.dd7.xyz/static/js/7283.7d590fa8.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
52 kB (52354 bytes)
Hash
201bdddb86cca68ab200b1e7a8afed14
170f4d644eb7b6b6b0f1bd6b2dd681c1de95c30a
7bb6682deeb86793b678d1bc12dc1b3145a344fc16db1f8d094e9683ae978186

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/7283.7d590fa8.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-b225"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7c8550b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/125.20fe76ed.js

104.18.30.232

200 OK

61 kB

URL HTTP/2
www.dd7.xyz/static/js/125.20fe76ed.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
61 kB (61193 bytes)
Hash
a61a8ffe3cc893d20cb50dba9c31bf3f
f64b1dd7434fd551b4646f3ba81cbc6263de8f34
80e6601cf851179564f469a3c6eebc71db57cd34da76d637d722b7f2955016eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/125.20fe76ed.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-14436"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7b8470b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-tf.png

104.26.1.241

200 OK

38 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-tf.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Size
38 kB (37489 bytes)
Hash
50ccdda192a6239bf8afe82ff2aeea67
3b72d445d5e9e38c31d125d435cb1d8a6004c683
70452132cc982b3576730c0747f3f37c40997ce2ef8bddfc73b792c62bc29024

HTTP Headers

GET /img/static/desktop/sub-menu/sub-esports-tf.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 37489
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-9271"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZMxmiIdX8yN50ulsTEtI1BPoAXI0F%2FqX9miEW8dCfIicHch7d6RXF45W%2FwDD9Jnl51phqEzpj9Ph4%2FuQeI7BzL3m3u2ULxRVzu9nuLR809iXwvoN6A%2FvsoEaJbe32fR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef7196cb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/ads/4b623616-1958-4cdd-a930-b4d35fed9daf.jpg

104.26.1.241

200 OK

457 kB

URL HTTP/2
csi.20icipp.com/img/dd7/ads/4b623616-1958-4cdd-a930-b4d35fed9daf.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x660, components 3\012- data
Size
457 kB (457230 bytes)
Hash
400dcdc8f0a811efd3ce4ca3e6240cb3
793ee731e387bbb709cbdabe1d1f9583b678113b
90fa1d03b714f66ea4d1e6d0b26212ae8af51337c94d37af9efe09357f9b6b2d

HTTP Headers

GET /img/dd7/ads/4b623616-1958-4cdd-a930-b4d35fed9daf.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/jpeg
content-length: 457230
last-modified: Sun, 26 Dec 2021 15:29:48 GMT
etag: "61c88a6c-6fa0e"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQj%2FCgK5JqaLbB3m3scvlPA63VqXc7tCz7qz%2BW3Y69O%2BjKJom3mUREQ%2Fkl3lKYANW2A1Mk2e2gQZmC4fsljh2iEmweKWPEe9bGd5Qog7B7qzbmrBJkqfQb%2FapOaLkzFxzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef04ea5b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/dd7/ads/5088f0f9-b44e-499c-a660-70e1bdd849ca.jpg

104.26.1.241

200 OK

455 kB

URL HTTP/2
csi.20icipp.com/img/dd7/ads/5088f0f9-b44e-499c-a660-70e1bdd849ca.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x660, components 3\012- data
Size
455 kB (455205 bytes)
Hash
d226578f07d903ea1cf11c69e9755967
8021006114b325f29555807514ce8f39ef075f2c
4bc655f0d01dd8e33a690f7536b3b946f2300241eebd55b054b0442fdf1b1f11

HTTP Headers

GET /img/dd7/ads/5088f0f9-b44e-499c-a660-70e1bdd849ca.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:24 GMT
content-type: image/jpeg
content-length: 455205
last-modified: Sat, 06 Nov 2021 11:38:02 GMT
etag: "6186691a-6f225"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTCJiZBC0oNynfWfX12q%2Bs%2Buz1wV%2FdnvfhBCRh7NGf5cLFsN59ZSJMC17F%2ByYginVKRPj%2BMyo0Yb0H9J%2BuupGPzhRXHAURxveInCiObn1e%2FxIGLbaMriCHLTLOSGol3jcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef04ea3b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/home-cate-game-10.jpg

104.26.1.241

200 OK

66 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/home-cate-game-10.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 330x330, components 3\012- data
Size
66 kB (66078 bytes)
Hash
60f8bec2e038d269a6d852b62bcc41dc
b403725980d5d6b37d0fef0a6c0b323d3212ed01
413431f026da3bc1015fe7684a9abde62f2bcb4c1f8254f19abc0ad6765a4bd1

HTTP Headers

GET /img/static/desktop/home-cate-game-10.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/jpeg
content-length: 66078
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-1021e"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AloyT%2B8bhfukRJ8I1rRq%2FckHfgSsRoqh%2BAr53atftWl6QZS7FJM10cmHjORzWpslWM5PitiiaRSGnNfXmagazm8wbOqXfOtdyMh5%2BmG7nE7rSvnTHgcslGngkdBmF5ySJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef739bcb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ae_lotto.png

104.26.1.241

200 OK

32 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ae_lotto.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31735 bytes)
Hash
b93d3e51024affbbb81aa2813d11244d
eb0ac6838f17ad0d174f2ec9c80f4f91ef917cee
67276e81f9aecb007be21e47d884f0f963725276a1c4c4c40f22414c8fcc3fd6

HTTP Headers

GET /img/static/gplogo/h-dark/ae_lotto.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 31735
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-7bf7"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu6D1gvfNODuyWMyYdGgPScBBpDM1%2BaM3rp2ydBBMGC3uPYRMUVhJCzNhS%2B70UzTH6Ttoa5iwZsQ2dKRrsmVUFpNAEs%2BSxOSZw1ljoIzYZqAWSmv958V2ZbO5dyQMueW1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759e0b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ameba.png

104.26.1.241

200 OK

10 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ameba.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 408 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10547 bytes)
Hash
eb883d9862c6e6f57caef8f8187aa3e8
25f61111da76cc08afe0b445279c4473979a3040
f81c1bf4e5c5552290ccfe3b3bfc114bba12f04da75535f9627b4bb4b68e7e5d

HTTP Headers

GET /img/static/gplogo/h-dark/ameba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 10547
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-2933"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2Fbr1Zpi7mCtk2cJzCWz5%2BllscurXzNZ%2FE%2FVyEUY7I7iwHnkVe7tte4iIwKrbnAjF1hXD2eB0KoOOdHGkHa6Yshok0TVyETpCH34HtDk9pnw7%2Bm7jF7ZxJyJMxIQm2IVMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759f0b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ae_es2.png

104.26.1.241

200 OK

38 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ae_es2.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 351 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (37984 bytes)
Hash
12009ac54c7be9edab54ddf9d09de8b7
bc9a318d1c64c16e18312e3b94f6dc5852c2b0ca
8788ef21ae4f14cd4eabbed54386430c509ed3a7ff207f6b2008e8ea179d0b0b

HTTP Headers

GET /img/static/gplogo/h-dark/ae_es2.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 37984
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-9460"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFSgea4Qzrr2jnQSTnD4KHP%2FI%2FXhOoWRHwdCTcVAlFAS9jgkLmAiWYAYnQUUseyITvR4UjQAz4ZKZ8nbhzM5mSAB%2FxxBQOXsuuigVkBVm7QktQjJFmsERKmgj96t8NQyDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef749d2b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ag.png

104.26.1.241

200 OK

19 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ag.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 340 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19401 bytes)
Hash
c82c3b733ce6875b666626f4fbc8b81d
7242d9921a4e065ebc7565dbed578937339ce097
ab198a5294e90a9f53285ac68b0c3795004f0f77b1147c0c086fd07cf1aa42cb

HTTP Headers

GET /img/static/gplogo/h-dark/ag.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 19401
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-4bc9"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbwuPGGbnxCU1Jjhaw1UEH1XtOSY%2FBGmd%2Fnyqnyb5sruacBA5uEwH%2Bt89M98u0jjllVyhcxcMAxnRP6fhH387Qcdi7LvJs7gNx9p0t0KRRtN7%2FNrQCfeAUU9gTyUT695XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759eab506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/bbin.png

104.26.1.241

200 OK

21 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/bbin.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 282 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20927 bytes)
Hash
e761360ce63c302924215be7fa772298
faff15640c9cc757849ba79cf9ddb40ce38a6daf
53b8dbb356cc7d63c076467d391ee118ec8327c913349fce319a914ee5f7fe02

HTTP Headers

GET /img/static/gplogo/h-dark/bbin.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 20927
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-51bf"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mHqNAwbux1T%2FQLhvEM6t8%2BDK4LsVFdN1QXGU3MB0g5dyNOCrfe4XKxupFkupnUxUu1BLyqdHCJUNHhZetGnc2HD7YLJhlijXudaslMfQjM%2F2eICy6mRxO4kwY7oWNF3Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759f5b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/allbet.png

104.26.1.241

200 OK

29 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/allbet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 260 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (29434 bytes)
Hash
9c87810ff8a3d5b97adf1a5735e67ddf
72e5d46410bad5493be799f32d184b859896edec
90e182bc6f9ee8c6f7ab57a17a6e8b97a719879e905eb1657eae7d85f778d04d

HTTP Headers

GET /img/static/gplogo/h-dark/allbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 29434
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-72fa"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89Wk9P8hOVXZ5dCZaLM3%2F%2FsChUsveLHquNqtBolKGNDxszOOFcELgnO2LumAPM6dKym3tribhPCfQg%2F7E06bqqjc1oAfUQg88Yg6snmNRLv9N15eVIZjuJek%2F9ZMCMps%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759eeb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/bti.png

104.26.1.241

200 OK

29 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/bti.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 359 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (29416 bytes)
Hash
41783c9bcd413de2f3e23e457fddad6d
77bfa958973f49a9963e0dd93f7e85b05b6fd8eb
99c4b1d6632ba7cc9ee3b1b6c157ece9aed715803b6ab0cea80be390765359ae

HTTP Headers

GET /img/static/gplogo/h-dark/bti.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 29416
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-72e8"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g2RoRRnaGR2Sq2Ta0PDT5EHpJx9fZkfjKTS3wWpLiI2wFI3daF3kFfumvd%2BrtQ8E2rmDJQFGCstxe8n166D11dtSCptERKH0RNi5s3%2Fic0OQudbJXUKRLifGgGVbdA7%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759f6b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/cmdbet.png

104.26.1.241

200 OK

19 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/cmdbet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 340 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18927 bytes)
Hash
8948cfd9ea47d72640c69289e5b6653a
b749bfc1536802a7729c21d95182bf53c6e84813
22c20481be54e176edb6874f7a10c848376aac6a78b2a4eaa3a97697b9ea0fd3

HTTP Headers

GET /img/static/gplogo/h-dark/cmdbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 18927
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-49ef"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BqqvVMvcgSdDJZddpbPp15k6LqPBHFS9Ln6x%2BAEs19YKIFyv2eCR23fBVqsdQog0Q2PaZzJX%2BDgAlsmTDyr6sTkQQCyeuMeJS7fNDU%2BRodcf2SU8LgzB7KUbyWukExDcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759fab506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/cq9.png

104.26.1.241

200 OK

21 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/cq9.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 269 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20604 bytes)
Hash
1031f81b2faa94ef0374da5fcfe65eb3
ee7958fe63d3180b366616d2f2b5c3dada7627a2
1bc7ca1a7d7c719abfaa1a668ef749b5e8c320c47ff4c4f716a29e62fce476e3

HTTP Headers

GET /img/static/gplogo/h-dark/cq9.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 20604
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-507c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tCgsFt1hqbTi3EhqfYPqHX2hnMJ9wgDHJ5kEme6J1e7ZO%2F0o%2F5iMiZ9BqGaG4OBLV5HBe6IDJKsszCB%2Bt6vAMVaMBPvi0emkjmGDfIeIdhfOd8zjw3V1nhrcE%2BnTk3srQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef769fcb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/evo.png

104.26.1.241

200 OK

8.4 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/evo.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 406 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8354 bytes)
Hash
d280d09af504b80519c2d878699f5c05
714a03a26b2a2e302b8710950d832f7834d2c6c7
7533e81412cdfab2ba831e0ce53d81c837aa55efe263ef3dc44a178aba8fde9b

HTTP Headers

GET /img/static/gplogo/h-dark/evo.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 8354
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-20a2"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrikdmQpjcuXrZey4BrwxtCrGvUCvXNWg82uTiHf%2F2ASeYwr3HMS10RJIpjy0zvqmiFRPg01VsPE7S87zQbcRwGq%2FDPlUNdqBqSCeBSAROjJsyybAMzxRxxbuleYbV0yJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef76a02b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ezugi.png

104.26.1.241

200 OK

10 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ezugi.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 272 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10351 bytes)
Hash
7cdfd9720382db5c181905db1663f5a9
34758e00389a0611f99b3aabf136a5237c4dde41
65d2c0502b833319ee5f72fc7d8d54b646580522f8921d93bf29d38c09df83c7

HTTP Headers

GET /img/static/gplogo/h-dark/ezugi.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 10351
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-286f"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6T5vAkvZdWRmS61NzYhKoQNq40G00WgYDNOSc09sIzmRI5mSKAP0cp6Hq6VS8%2FnFp3TVAoxFzeLR2qr8CBUABbT5%2F%2FeSdyZFZajahWD0RPqDUyTLT%2FbwD5FDpaYOyjeeBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef76a05b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ae_play.png

104.26.1.241

200 OK

39 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ae_play.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 307 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39432 bytes)
Hash
6250e3b089cbc41552cc5481f85094de
821a4f5c563652fdb8449b265aeae9daa39ac8b7
fe969770bfb81c2b49422b55eeca2b589725603b9cf796b39516480b7afd2250

HTTP Headers

GET /img/static/gplogo/h-dark/ae_play.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 39432
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-9a08"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I23p6vixYCGrGglNJYirNH68TUrfVc0hq6oHA1r%2FJT4Y4Fhg%2BdNPAzbp%2F%2F7f1m5RvpX2I0gIusEj330KNgv2d%2Fccnn5sFj3In%2BHTSIQQGsA1kJahsBiXdNhUOrcd%2BreGBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759e5b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ebet.png

104.26.1.241

200 OK

28 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ebet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 336 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28066 bytes)
Hash
a9ef202ea1121f9f0bd71704cf85544e
2a3903492c4c3483d3a143eca6d060371e1307d8
588ed9be4899ff835452e96044a4781f07eb239a9068c119b24c1cd9102a1bf7

HTTP Headers

GET /img/static/gplogo/h-dark/ebet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 28066
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6da2"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg%2FgLtdrYXdfO9nyzwMolGf46ACOTiUuFv8Md7py4GPaCgmeI6iXvZ7wEJfhh2QnlS%2FDBDEtGgueZGhcMT6V6ghNoS%2BR25dlII90Vjprnmd5rGsFwOLBbNxGDsvEZvb6rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef76a00b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/gpi.png

104.26.1.241

200 OK

19 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/gpi.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 447 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18759 bytes)
Hash
df236565a070ab20f19c5bf24549902a
bcad4256d1dec0a85fba83c633a9a34da00e4c4d
59f504b6f95e54f32e93706f6f47baa85747bdbf887a62fb099a661f496cf40f

HTTP Headers

GET /img/static/gplogo/h-dark/gpi.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 18759
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-4947"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPa5zplJ%2FLCMtqQfP%2F3S5p8oIVOE9xtnhcH9o0oKzDVYYo6VAGYQ1DolPH4SViudWjJr6sPoHDj92e4l7zf5b6wVol2Jl%2BC08m5iwrg3cGNk5d3vO0g%2BFpvJkkGURdP3bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef76a07b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/jdb.png

104.26.1.241

200 OK

11 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/jdb.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 217 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11422 bytes)
Hash
9ecb926e49f9ae1bbfbd8a13e2a13ade
38fe5822d144011eb3ea96d8fdce8c39fea540a4
4b5b3b175cc73a514310d7c080d33727c433f4b6eddff26e48b2afb107a018ce

HTTP Headers

GET /img/static/gplogo/h-dark/jdb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 11422
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-2c9e"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z0ljTihiggK8j6bzmThLfHHYf2rxia7Xx%2BaGEoeb%2FSxOveuvzNc0ij%2By1fChl9xx9E8W7mrxScc5BBts4K5OWe3f5NX3k0guz7d2zqYKpq8plrdYp5GmWyqvVZqb%2Fzvow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef76a12b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/sa.png

104.26.1.241

200 OK

12 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/sa.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 346 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11868 bytes)
Hash
0b56dd3f8d9618ab0c5237fd8306935b
7036688a0cc08f4b49a28c49916e224e927afa8c
2bd46ab228195b37255a4a31735aefba0058f5de328ebbce48586b1c8b264827

HTTP Headers

GET /img/static/gplogo/h-dark/sa.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 11868
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-2e5c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c01Kvi5vawmhoNaEcdmltso0B3w0M%2BbnBDwq3Hhw6tUsFstslSIBB6ZgdzoPfsPUBXWu6IJfuG7ivlgW8y%2BoUWtmU4puF%2BY6z9BrFJASSjjDMLhrf4JkMgEheCaz1%2Bg6oA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a32b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/saba.png

104.26.1.241

200 OK

14 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/saba.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 303 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13843 bytes)
Hash
f360d8c52563b1c90084b0eb63fc1d6f
18b6d34040383a43df760e12f3c33be1666d758b
e8c63c70ae36100c05250ac4adb582df414d995b3e344475d6c4f8bdc342abbd

HTTP Headers

GET /img/static/gplogo/h-dark/saba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 13843
last-modified: Thu, 01 Sep 2022 03:45:25 GMT
etag: "63102ad5-3613"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LOIjhlVkNxgFCqiiIaaZD%2B1XPRtatra4Ciem%2FJB9ymRbhfsd%2Fhaesyo7p3A6noqz9b72dZpLnrQPsu6l8G8aPDMLxmg9Q5SkyEutB64BWaUjbOgKA1bL5%2FrYsrlZBd1Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a34b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/4726.255522fb.js

104.18.30.232

200 OK

61 kB

URL HTTP/2
www.dd7.xyz/static/js/4726.255522fb.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
61 kB (60627 bytes)
Hash
0ce4c83796ceddb2ef1621afca587a1b
3fb60bb06aabfb84692a4a4fc30814f9d00b7e87
4b494483192dc128bdbc4e8632aabeb5d4182e85236ae63339fa5d550eeaa84f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/4726.255522fb.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-aaee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7c85b0b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/pp.png

104.26.1.241

200 OK

23 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/pp.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 379 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (22968 bytes)
Hash
e5000adceb10ead2a5fae72d3bb492f4
c616cc24f4c4d33d43114fcc42524c92741235af
d2f7dad0a4b4dad5f49ccde3e1b770f6dd77e2fac1c4bc50af432b8dbf0305cc

HTTP Headers

GET /img/static/gplogo/h-dark/pp.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 22968
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-59b8"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTXegjEonVR6uV11AKUM6NZM60Xl69KAyzzk9bo4iC5P0hTQcEDvJDckSD1tG33XK4zJHVo%2FUQS67bJmaSCdvy%2BPfEW69hGSZ%2FkoEk1hUYwcHGBjuQJeSsrR5OiEnslohQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a2db506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/rich88.png

104.26.1.241

200 OK

21 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/rich88.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 336 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21301 bytes)
Hash
78194d40e7c16d292ed7588f1279fadf
6e0ff593cc93e1c2cf65bf954d9a8832e38d290f
4048f4264822075bd51de018efa364a3fb6d0b27ce378d6ac8b997e71b4c5223

HTTP Headers

GET /img/static/gplogo/h-dark/rich88.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 21301
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-5335"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTKvUTNTcoFiUl2w4Op2sWGGb2J%2FwY5XXA%2B8Xw0ja3MjQqLxgmnK9B4xVVOwOYqDMe9ykaMSqy1FE6hdbl1MTvwNDfyoCSD7%2FuUTdDry%2FqZy3DaXquz63ejmfP3Wh2VNvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a30b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ae_seven.png

104.26.1.241

200 OK

49 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ae_seven.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 326 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (49185 bytes)
Hash
79b48a93271de2e3d795436338d8b09f
85f00a5d93ff35b8dfcb8e9798cfc8fd46d83777
d880a5d390acb41a61f5299d18f3638d8cb3bc4ee2530a9f9d12a3e7abc71860

HTTP Headers

GET /img/static/gplogo/h-dark/ae_seven.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 49185
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-c021"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mB9Wbxp3H95LHwFETEww3vzMHDrCjCCGR9rN96vrms7YTpTVipNxSYeyeOupAqn0Ka87W%2BDfmnHWb6fMgjixQkWIv4GAtcIfVUH2cILWIrDRtieWi72wXE1Tmbq3AEwfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759e8b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/gw.png

104.26.1.241

200 OK

25 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/gw.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 254 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (25080 bytes)
Hash
70f7d585b7c3e5117082a612eabed48a
64eb6337ff8db594692828d7d1a3202e3cbe8e27
f3bb04605d2a1764fd47a32d7fdf50d041d34d179f3500bba9b3f444d955227d

HTTP Headers

GET /img/static/gplogo/h-dark/gw.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 25080
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-61f8"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp6W8JRIUTYWTblzwavMtvsOEMdDdanJOh6k6kVPUNb6kciIiJBheW%2FEvo4WuepnINxzJemHymHeWIhKS7Mq7g6Y5QzrbtYZdgr%2B8AmtlXGhD7UectkHz1M6YO7sXIYPug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef76a09b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/jili.png

104.26.1.241

200 OK

28 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/jili.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 243 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28019 bytes)
Hash
94c2db6a0f1701f6b90ec17aea34870c
e09e6ca278a1b034f5b2c1fb9788422b108c6919
5ae3d4597d1c8fd5ff6f6c76b127c4fff7a0cf61d6907b6b3808eafa071f68ee

HTTP Headers

GET /img/static/gplogo/h-dark/jili.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 28019
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6d73"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is8jnINi99r%2FvYmQH6DGnpgPI4VStJ689oF%2FhqlvWB20S6k9St2EcmLNLOU4SFbKKlz9ITUoEKnJ8HXdy4vMla%2BX%2B1EqzuLBbHmPCmj62DmfUBqBM6gIhOzsPoY%2Fv4evMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef76a14b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/kingmaker.png

104.26.1.241

200 OK

31 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/kingmaker.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 417 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (31191 bytes)
Hash
d8e880a32a9843f29cfa7857e18ef3db
c659d11ac11463f1ef8a1b906cc46215eca5ddb6
3dfdeb860c2bd75e4494bac95ddcd2e48faade104d138958924db94133ceb82c

HTTP Headers

GET /img/static/gplogo/h-dark/kingmaker.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 31191
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-79d7"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKfo9E41zxiM0guxwDb1mlejBO4SJCGFzS5CYUh2jE7ivR3EB3Idfs5cMRG1q2CVGCsyHMmGXdQr6Bj7spL8%2BIds7omi0V6mXeD1q%2Fo%2Fij0nfyfpqowzyc1odP1QtzCibA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a1cb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/tf.png

104.26.1.241

200 OK

28 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/tf.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 278 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27564 bytes)
Hash
5b3fe539bdf9a443b5bbf91351195eaf
0feeb16559853dae22321057b9bdfa403a55bc44
e1a2625fb0f42e75062982b2fbc54ea3f003be644abc4e4d92b3f2612c1e991f

HTTP Headers

GET /img/static/gplogo/h-dark/tf.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 27564
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6bac"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZB411WWoM%2Fp%2Bop04%2Fo%2BI3SnlqLvg6tT%2BhBetyzVEsKEAvcrBivJhcWXviqLmPKqT7GXKX7xivkfs%2BSQUC%2B2fL%2FukQkU0MF04nkXOoBPF3Hz5Mtu0%2FOv4DItvBWjgS8KbUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef78a4fb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/card365.png

104.26.1.241

200 OK

57 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/card365.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 259 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
57 kB (57316 bytes)
Hash
7afc771ec1f9d9a512ab2c4d4fb351cd
c75315214484f7ace2181316a02b0449956a6691
d24f4304eedf2f709e97ecd68e2e510446963dca295d9976aafab48f456e67ea

HTTP Headers

GET /img/static/gplogo/h-dark/card365.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 57316
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-dfe4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jgm5Lv0EewXHdGYGjFpSFLPexMRykVfEeRDhfJvhZjppjYGMlhRzHn3GkGJJw4xascPByiOr7zhAC05SDcqU13FL3PGpN5u90%2FYVXv9oXaXB0tvj5BufCGPcL2m4qlbUlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef759f8b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/dg.png

104.26.1.241

200 OK

43 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/dg.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 434 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (43124 bytes)
Hash
8e4d451b7b786e822f69a990bcab5e52
9da884d73fbf892858f5e77c0ce5822ebd7df57e
00e1b0bb1370a795c028bd275374cc8b75460a952d0cd77eff7b957cff5733a7

HTTP Headers

GET /img/static/gplogo/h-dark/dg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 43124
last-modified: Wed, 22 Jun 2022 06:45:20 GMT
etag: "62b2ba80-a874"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tpi8OyDiflipFStjD%2B3bYTSjfiRrTzzK4BHk3p4uA2Kgv64Ufrb%2Fwo0c6MgZQsjVELoYmaFfno5qZV7STDJB758%2BoXAZR5UTvtBEdJoVo33y3VTAW6%2Bxzddt7%2FwYlG%2FiRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef769feb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/pt.png

104.26.1.241

200 OK

32 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/pt.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 426 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (32495 bytes)
Hash
53ffb3ea10aedaa6b909bc80f9c119b2
532c9aab749a43cf7c0ded12bbaead13d280260e
88988bf58d84500119a01e7f2b1d962b9eab88c3abb2690a9df640d01a62366b

HTTP Headers

GET /img/static/gplogo/h-dark/pt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 32495
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-7eef"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq%2FL8NONR4tO%2BZxHeYyzttLndUwdCRRurF5vk3C0%2FbThqLCIkC64zKVONSvb5bzx0ndppSRonVc04XbhdQlEEoY%2FMRVUau9HlrAoUixaZ3Gb9JquUirKIYzNIoyCXCIXXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a2eb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/sbobet.png

104.26.1.241

200 OK

11 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/sbobet.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 349 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10710 bytes)
Hash
ecdfacc9dfa6effdf798a55e8e918319
fc954aee6fbdaecdae0a802156234c63c6838f51
c4e8e1336c95d75d96c452b3b557d3e3d167c842efb813b9daa4f0bb7277f28d

HTTP Headers

GET /img/static/gplogo/h-dark/sbobet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 10710
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-29d6"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsbCz9zpBaNhEWLlrxf5yiiawAGENepS3JG0%2FsNRLR3x8%2FsbfTNNzB3Q7VwBFfOqwyqHnayoYcXxD%2FbxEjqRmGYy66e1w2WUUGYwz%2F9tUgNfc%2BFpQ4fWKNNdf7XTOucYMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a38b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/spadegaming.png

104.26.1.241

200 OK

34 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/spadegaming.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 507 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (33776 bytes)
Hash
0b1477070b6d961b235169620c17dcd3
0bbf058e66df384f83981f2df00665bca0ade52a
4799028e53487e1b65a41fe73c9e939a6e4b30bb6044a219c89f944a4a1909e1

HTTP Headers

GET /img/static/gplogo/h-dark/spadegaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 33776
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-83f0"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWo7v%2BRnZe6HVUJ23A8wjWNhltrt1BCz6hT6sLhRyBTQ5A6EyEx6dyqdrY%2FJzq5wxeWz%2BcsSQ2RzMBe13a%2BkURoUvbVhScZYBL2gbmPQlG%2FNpZGo2awWYjwoez%2BwbtlDiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a47b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/home-cate-game-01.jpg

104.26.1.241

200 OK

27 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/home-cate-game-01.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 330x330, components 3\012- data
Size
27 kB (26802 bytes)
Hash
9dae9cf2c556297cec2f1c47b290e3ba
8eba8712e0e7a97cbeff9e04eeb30411e654c97c
dcddaec2e245fc54ab657c4c1590c754627aef73234b41b4b57be73837a5689d

HTTP Headers

GET /img/static/desktop/home-cate-game-01.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/jpeg
content-length: 26802
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-68b2"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dokRdt6%2F1QlTb%2BVNv%2F%2F5CCn4ObYUBOc82AqPsmfP9TzTRrxR9OIqXt5D8YpwYN2iODwxkaBsxjmXfoBKsv48OxALb27T1zJSKCsiaOlwNAO%2Fz0OETUhPwMvADHWHc3HpNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef72980b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/2593.9924de69.css

104.18.30.232

200 OK

40 kB

URL HTTP/2
www.dd7.xyz/static/stylesheets/2593.9924de69.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
40 kB (39473 bytes)
Hash
1cc18c3f27bbbbe74fa5ec55e6eb5444
26a488e7b1c23e4d5d8d73d570da52754bf026f4
d64174b0a53e737c2a158c4a10ac0c921f3c742d93bb9d2f0601bdae46f08529

HTTP Headers

GET /static/stylesheets/2593.9924de69.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-9c5b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7d87e0b59-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/home-cate-game-03.jpg

104.26.1.241

200 OK

29 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/home-cate-game-03.jpg
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 330x330, components 3\012- data
Size
29 kB (29055 bytes)
Hash
3ed94be101601b38c548de7ff190b4e6
b57b7b8e1e7fcd631f74e1aa8f8aff91b0f96d6a
2b1360f9681449c13bddbe8808b543726a435b3d5e0c01efb4850f1863048b58

HTTP Headers

GET /img/static/desktop/home-cate-game-03.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/jpeg
content-length: 29055
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-717f"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOt%2BMvRONHeW1oM1q9TWRWxqfXbe9LOtrsAh%2BY733nMqtTtBa9ogumqjGqGhkwFSyFQgzP4lHPrr%2BdhBeaXh%2FfHl%2B5Vs6PRK2LUixer9IoSiFAtHoPttKkgsQaM3z5WjFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef7299cb506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/3562.87afb9b2.js

104.18.30.232

200 OK

34 kB

URL HTTP/2
www.dd7.xyz/static/js/3562.87afb9b2.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
34 kB (33834 bytes)
Hash
28e8fb2ded7edc9ac53ae9bf3cf718ad
ab61c7de1361ef38c5aeaffffd2b74ae72d3cc19
b80c8940a5f6f0a89e0f7e68fbdac7336a095702683420e41704ce6b7d41be12

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/3562.87afb9b2.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-2d95"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7c85a0b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/2593.9924de69.js

104.18.30.232

200 OK

157 kB

URL HTTP/2
www.dd7.xyz/static/js/2593.9924de69.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
157 kB (157001 bytes)
Hash
162004d335056cb075d99f46d23395d9
aa2050c49171ce35ef537fe5b17f504e07af0c10
131f00a0964fc14d47db8179a4502208b0f560b8b1c7a0276360654372e88a5f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/2593.9924de69.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-6be83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7d8810b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/8820.b838a408.js

104.18.30.232

200 OK

44 kB

URL HTTP/2
www.dd7.xyz/static/js/8820.b838a408.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
44 kB (44529 bytes)
Hash
d084311b1e297a8ba248c8740b9a6a54
b963ad88f1671365a9ee2c87a963d54b1f506811
5730f15a191a0da9dd4a99a92e4689ca97590f0f016730eafe592910e55e4254

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/8820.b838a408.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-7672"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e88c0b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/favicons/dd7.ico

104.18.30.232

200 OK

75 kB

URL HTTP/2
www.dd7.xyz/favicons/dd7.ico
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
75 kB (75231 bytes)
Hash
3f386e331296f0dcc03ed92b5f38a182
1e927c7ef58eeab41248f12c6d008d64f3592721
1fbad953aa5a6bf2f8e8d4b513d796ec553bdefebb2d104953f4afee212bb368

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /favicons/dd7.ico HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: image/x-icon
last-modified: Wed, 21 Sep 2022 09:46:41 GMT
etag: W/"632add81-1d038"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ee60e210b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/sexybcrt.png

104.26.1.241

200 OK

49 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/sexybcrt.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (48596 bytes)
Hash
baca437e884488d8727b9c9ffe36ca25
8cbe699e6dea79066eaf9d3be2b388a42a21ea5f
4056bc602aae9e4cd78356f1abb4e29a952ba161376a0219f73621c93fe9e692

HTTP Headers

GET /img/static/gplogo/h-dark/sexybcrt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 48596
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-bdd4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88t%2FuvOr6gaQQ2hjqgN1GuFnBM46TrsIv3m0RVUz79Y8p2RPfLgptlGfHAiq0iHB8ZUjimKcX2dGGdouI9K65I8RyfFiNGhkQ43qy%2FqdJ9Jv2nQu8oUS78kBrUBpEmWjOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a42b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/venus.png

104.26.1.241

200 OK

47 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/venus.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 329 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
47 kB (46889 bytes)
Hash
224cd82165399865303b99264842808c
2d437daf4256e7b0f5bfac145af7596caa33d5d1
f8d7f2b81fb3d9f72b6fbea745b9f4d2e6e0bda14a7be0e0606a9f312b6967aa

HTTP Headers

GET /img/static/gplogo/h-dark/venus.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 46889
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-b729"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfgwSPm1keamc7rG6y%2Feu8Rh6JprFG5UHYhoZbxIwM8nDpb5%2BdHb8dZrwGrBqil25eehuVlOIp53ulk8W5YKSXQLvQRLDL30kbel4K%2FiZyZ4BoNRA56ckD7wn%2FtunFF%2BCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef78a55b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/gp-frame.png

104.26.1.241

200 OK

8.9 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/gp-frame.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 230 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size
8.9 kB (8857 bytes)
Hash
d29c21d728e395634a5b32c3ff97203b
1864fea2c7fb000e4461bdad5ed2b9431a2b2802
ed41227096931634b05b966b3f646e95119ee3d1e59b8438399c41ec671fd0b2

HTTP Headers

GET /img/static/desktop/gp-frame.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd7.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 8857
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-2299"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G41QJYwIlIQ22VtzT7jzzJsGpiYVb8P8gvcm2ns7cjAsIypbiP%2FwpWcSpala84XKW73Jxyl4gKaugi5v8I3pQntKPoCIyLKASMcitFl%2FrYHLlxVFe5OUOH1anafYRnBh7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef79a7cb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/icon-dark/ae_gaming.png

104.26.1.241

200 OK

8.0 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/icon-dark/ae_gaming.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8041 bytes)
Hash
ae691e5a93475879389a5d263202d34b
429ceb72677d6a2794488ecf0dfaabb9f880a4da
0fe13aaa3191c2b6a0a481844e64227fd4d83774d9a2c6d96ea421f6907356cd

HTTP Headers

GET /img/static/gplogo/icon-dark/ae_gaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 8041
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-1f69"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0B2uKj%2BpSKZ4voGRqL2NB3ZJYrF4G2spx6I914Kzu6zxlr1IvsJ479ehhTIYCsmnU%2FKVpLgaGheD%2FUaioRLkOumAVOZtX0WluoTjIk%2BdONQXq1skuHaoSZ8azNND9IchHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef79a81b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/icon-dark/jdb.png

104.26.1.241

200 OK

5.8 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/icon-dark/jdb.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5846 bytes)
Hash
9e5a49bdb62adc0d7aaacf6d1550377c
3ce03bff97d3b69362860eb8645ded2b9b915681
80160b420eb1a4b96da3061a4be1fe508addc9023a70a557bc1a9c41e42b0357

HTTP Headers

GET /img/static/gplogo/icon-dark/jdb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 5846
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-16d6"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQSvYlXjL0KI8VI2MT40XP36t6yNqV%2BKEcdKO4O5Fo2%2B9p3uUtj%2FfT7sgeX1x5%2F4aQ6v%2FtE4oIbMDZUvu%2BC1J93xJz6rPEYkq6xPzVz14A6cuvrA2HNxwQjZOvoMQbUKjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef79a8db506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/lc.png

104.26.1.241

200 OK

85 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/lc.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 286 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
85 kB (85180 bytes)
Hash
7ca22d2d9fddd8c6ec460310b1f8ac16
d29bdcc4ba0233ce83efd8b0ab5ce508ae5b5894
7fdc1e7e1e49bbda2954051fcb81cb1f0f9d78ed46e5890b867944f503b4d812

HTTP Headers

GET /img/static/gplogo/h-dark/lc.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 85180
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-14cbc"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DuIzzR8K4qpKLcC827w5QS6OSB2KzmWEDxVzan%2Fgbh%2BmRZnfXSe6EkgKhJrHMii6XZ76Ssd0BFIk0yyIVOj8IDFqBfMxSWC1bamDFT2ySwW%2BlFWyWHvPGZFOSor6eK42A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a21b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/sv.png

104.26.1.241

200 OK

41 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/sv.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 343 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (41237 bytes)
Hash
dc8978fb159628dcbeaaeee993f6a01c
b12850daf5716103cc05e7d6ddcc462364a792d7
7dd5033ee3a192095fd7852cacf4efe11b08638e14bf4270c0400a1ed46ec830

HTTP Headers

GET /img/static/gplogo/h-dark/sv.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 41237
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-a115"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yPmYGvW%2FUd27utiVfsuMhzaBr9hU4E05Hwez7YvqzJoFxgGX3MiuT%2BJkitiWTnH%2BjFdooCFr1PZjKoOnFFJ9ZzcYK6rYi6vT93RGODW4M8kELGQnClG48E6xipPlWgP9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef77a4cb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/desktop/sub-menu-bg.png

104.26.1.241

200 OK

19 kB

URL HTTP/2
csi.20icipp.com/img/static/desktop/sub-menu-bg.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 300, 4-bit colormap, non-interlaced\012- data
Size
19 kB (19012 bytes)
Hash
a1086ff70294cdf527580e13c8923975
8e37714d58d81fa4765c4b553371aabf538197e6
c363e17d1c224804097c8f5b2210ee405d750c387c1c72e87082d4b7d8065159

HTTP Headers

GET /img/static/desktop/sub-menu-bg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd7.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 19012
last-modified: Thu, 16 Dec 2021 04:49:31 GMT
etag: "61bac55b-4a44"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shJhru5Mqvqb9q2jFnw0dNesmYy2lTP9Re8uFuwQqi9hgH3uvPrrCzNMgItv3ZDVsmIiHw1jjAw9CGhMUP1mSh6qdZ%2F45TMblUxpuclPr2DrxgT7jSNRS07RlizcJsuOGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef78a6eb506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/egame/ameba-w.png

104.26.1.241

200 OK

10 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/egame/ameba-w.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10335 bytes)
Hash
bae98fbe4336e78afee8f39e4cb04eb1
1e5a406591e46349c6b7da3cf2fa499b759016a5
70234a28f7a5a24b390fe72859355d20f175365be1f662894c941a6d8df14cc2

HTTP Headers

GET /img/static/gplogo/egame/ameba-w.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd7.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 10335
last-modified: Thu, 16 Dec 2021 04:50:00 GMT
etag: "61bac578-285f"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaZNDtFCgNdqdvSyPSYI3npIknbdZc9lwGb0kdSAomL%2FvT2EdpAos1SvmRZxGr%2BALYJXDOS2MnPkDNOtAWUeCRZ0aEXq70XI0LCLH2UvLklKVU7qpeuvljB2R1WjGh3ZSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef79a88b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/wm.png

104.26.1.241

200 OK

28 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/wm.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 388 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27578 bytes)
Hash
352128c68069300455beda7bb3f90ce8
4423768ef6342d5013076213440428be036d7d03
43256cb9432d7989a7a04744d535dc2124303cb7554a0651465bc5f1af1fe04d

HTTP Headers

GET /img/static/gplogo/h-dark/wm.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 27578
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6bba"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsCb22%2BYrpTma25QjNey4DoLELsh5w2w9tGC3yrO5wFBLYsEpgUkzzFWyD3CXjdBoWm3rTfbfOX1GH7JvPsqJhKJzzjscjil2SSAlro8yeWWvl3zc9ajmTrYo4LDhY810Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef78a57b506-OSL
X-Firefox-Spdy: h2

csi.20icipp.com/img/static/gplogo/h-dark/ugaming.png

104.26.1.241

200 OK

38 kB

URL HTTP/2
csi.20icipp.com/img/static/gplogo/h-dark/ugaming.png
IP
104.26.1.241:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 315 x 165, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (38035 bytes)
Hash
b46ed5bf2b03bc3b8a23437957cb67a2
5da542d8f88784bf1ca11211dd994f4cacd8a9f6
508fc8dbb147a819546b83301f4b1beffe52b62906faaaf54c9ffadc714d0a6c

HTTP Headers

GET /img/static/gplogo/h-dark/ugaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:25 GMT
content-type: image/png
content-length: 38035
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-9493"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQKkR%2FxP%2F4RmYE9NU6ik5CK89U%2BmLgIkF8vMWFO8RjCGSG81MajCUsO27eCsUWXY61fVR2Yw3TjSeiMfu4scsceL9TxlzC65Z9k878IwnXdsu7fB6WxSBcNKUNJPPmEWbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef78a53b506-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/8000.27be1a00.js

104.18.30.232

200 OK

67 kB

URL HTTP/2
www.dd7.xyz/static/js/8000.27be1a00.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
67 kB (67044 bytes)
Hash
6c5c288527b4dacf4117d3a1cf6948dc
4264a4b40fce4cbce55b9b0fe8bf8def16a68f9e
e985d0c6f16897f9605666378f071205cb44ad71355774e44dd02668604b5880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/8000.27be1a00.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-6948"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e89d0b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/d-AppContainer.196d41e7.js

104.18.30.232

200 OK

109 kB

URL HTTP/2
www.dd7.xyz/static/js/d-AppContainer.196d41e7.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
109 kB (109012 bytes)
Hash
5c2598d1193604f13e931e42a0fa1623
c3ea90c56ef0a66383f2bee12531d4d9d45c007b
c3c07504772b7256bfa15189673c202ab7ff93c8443370791031a63cd7010ead

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/d-AppContainer.196d41e7.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-1f548"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7e8a40b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/media/Tahoma.4e507db3..woff

104.18.30.232

200 OK

178 kB

URL HTTP/2
www.dd7.xyz/static/media/Tahoma.4e507db3..woff
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 178196, version 3.14\012- data
Size
178 kB (178196 bytes)
Hash
8c9b75cb745c5056523c361eb56a23ae
26c7cf5f7347a7e0500f6a6a034ce7bd79454f1b
1c9075a602ae11bb1b6f43f86790bd2cd99fd949daacf82bb5de9800de796553

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/media/Tahoma.4e507db3..woff HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd7.xyz/static/stylesheets/d-AppContainer.196d41e7.css
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:26 GMT
content-type: font/woff
content-length: 178196
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: "632adee9-2b814"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:26 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400ef7ab180b59-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9340 bytes)
Hash
6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 80275
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/7088.9dbdba31.css

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/static/stylesheets/7088.9dbdba31.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/stylesheets/7088.9dbdba31.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-c289"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400eecfe790b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/i18n-en-US.3c4c8dd6.js

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/static/js/i18n-en-US.3c4c8dd6.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/i18n-en-US.3c4c8dd6.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-24898"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:22 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee56d860b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/stylesheets/main.8b288181.css

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/static/stylesheets/main.8b288181.css
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/stylesheets/main.8b288181.css HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:21 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-43bf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:21 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400edf9f2b0b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/3129.d0e75e99.js

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/static/js/3129.d0e75e99.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/3129.d0e75e99.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-caaf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:22 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7d8860b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/6448.e30f7703.js

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/static/js/6448.e30f7703.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/6448.e30f7703.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-2f098"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:23 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400ee7c8540b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/static/js/runtimechunk~main.0de96554.js

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/static/js/runtimechunk~main.0de96554.js
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/runtimechunk~main.0de96554.js HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 Sep 2022 09:52:41 GMT
etag: W/"632adee9-3f12"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Mon, 03 Oct 2022 20:06:21 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 75400edf9f280b59-OSL
X-Firefox-Spdy: h2

www.dd7.xyz/cdn-cgi/rum?

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/cdn-cgi/rum?
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
content-type: application/json
Content-Length: 42536
Origin: https://www.dd7.xyz
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.dd7.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 75400eff6bd10b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Origin: https://www.dd7.xyz
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:21 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75400edfbf290b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.dd7.xyz/cdn-cgi/rum?

104.18.30.232

200 OK

0 B

URL HTTP/2
www.dd7.xyz/cdn-cgi/rum?
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd7.xyz/
Content-Type: application/json
Content-Length: 369
Origin: https://www.dd7.xyz
Connection: keep-alive
Cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:06:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.dd7.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 75400f166a600b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

dd7.xyz/

104.18.30.232

301 Moved Permanently

0 B

URL HTTP/2
dd7.xyz/
IP
104.18.30.232:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: dd7.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Sun, 02 Oct 2022 20:06:20 GMT
content-type: text/html
location: http://www.dd7.xyz/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=iJFBTxrcnHVUDtwXJTiGTr.G7Qp2a.hy.hQbSY1vZzc-1664741180-0-AXs8F6G57dGH+R3LCrhutcuLchCjpyCJni08NdqBc+KGqPSEq2BPH61SDgygl9LS3HgBOptyy1J9HsbEHJfZOWg=; path=/; expires=Sun, 02-Oct-22 20:36:20 GMT; domain=.dd7.xyz; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75400edbba6d0b59-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations