m.payquiz.xyz/question.php?pkid=40xp4cybbbs0./signin.php./signin.php./signin.php./signin.php./signin.php./signin.php./signin.php
104.21.87.84302 Found 3.4 kB URL User Request GET HTTP/2 m.payquiz.xyz/question.php?pkid=40xp4cybbbs0./signin.php./signin.php./signin.php./signin.php./signin.php./signin.php./signin.php
IP 104.21.87.84:443
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
Hash 465e95a1b396615eeadc6555532421bd
bf6c32b0d652c46de60ac70b7eb753770fe09dd1
9bd05aab73bc5c81e5dd161cd4d07a3ee27495f0bfe2657524e55754a41269cd
GET /question.php?pkid=40xp4cybbbs0./signin.php./signin.php./signin.php./signin.php./signin.php./signin.php./signin.php HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: text/html;charset=utf-8
location: ./signin.php
set-cookie: loclang=en; expires=Mon, 29-Apr-2024 17:17:48 GMT; Max-Age=259200; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91XXYYb2N%2F%2FnW1u%2B1cucwn1xlSsUNCkQMoyg0tos60jrXHio21iqaHpKsTJT0IC4B1gvy%2FfTKXbIDEe4%2BD97RL%2BTpWRvarhy%2BW4cxvDu0J0IRf%2FtnFxw4rvF%2F9pFzSJQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a7c2aa3b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
m.payquiz.xyz/img/Answer_pc_Support.png
104.21.87.84200 OK 1.2 kB URL GET HTTP/3 m.payquiz.xyz/img/Answer_pc_Support.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash 92c8aacf76b31d3a08597a3849f0545e
2c74f1aed7b114f8d31565f530467ff373284380
e6b897df6a87f20bec1bb5f4689d122f67095992aae84b79e814a88a1f00fd81
GET /img/Answer_pc_Support.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 1194
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-4aa"
expires: Sat, 11 May 2024 18:19:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1292313
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M09%2B7TJ02XNCg0pXj2V5ZDdX6BgXxwmvzb%2B0kCvDZTiWEETelVd4sTWhjLO6oNODvfw5ykyvJdI0NQ5uy5g2zewkG3a%2BKxI4pX7tKx%2BJQSTbto2Znx6m43JjNsIqHspE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82d8efb527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_pc_Home.png
104.21.87.84200 OK 508 B URL GET HTTP/3 m.payquiz.xyz/img/Answer_pc_Home.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash 60be355f63ecbb781dda38ade7cc47b5
ea3627b8f993fb00b1da9b31b795431701c8fcbb
2589ee98f66272d8af6bdf3639505cc42ff3d8aee18973129f3341ac734cfa17
GET /img/Answer_pc_Home.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 508
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-1fc"
expires: Fri, 24 May 2024 03:55:27 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 220942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VR46s98d2vmne7CDt8%2FHOgzXJpXnSJPtI3RI2Ovn8%2B6th9DcQ8ruF7qGZkrpnn9Ptiz7r9FUMkXwP6crGUS9nT%2FOAKOVhpH%2BpKW1kzlxpiELNEuPUCrnxnfBOALN%2BYhB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82d8edb527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_pc_Rules.png
104.21.87.84200 OK 455 B URL GET HTTP/3 m.payquiz.xyz/img/Answer_pc_Rules.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash 45420c3303ad8593b2ed7d2ae02530de
09392189c8e80f20950059ef721b2c799ab1d239
482355fa327e795e3114e335fa70f6c4ee352bbd66540d365c94c719cd3d7847
GET /img/Answer_pc_Rules.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 455
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-1c7"
expires: Sun, 26 May 2024 17:17:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1l%2BlCNE%2Fs4yXUwddOdAENb%2Fj%2Fd3vHZtB3mZGbK4VP70BtyqY9kQyxObRIg7fErI2bhZZzjvnI6UPyZJRv0RbvNlDOlCZ%2BDsPDTphdsn8EfajXkdKHb2Z95VpE7DEZF29"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82e8f4b527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/head.png
104.21.87.84200 OK 3.3 kB URL GET HTTP/3 m.payquiz.xyz/img/head.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 147 x 147, 8-bit colormap, non-interlaced
Hash 9c7de4763367fed9c9b5ffe680622c2a
d433a88bcb000f5e98385c06b4c0bc6da22190be
cd483b84dad3747061d18c6173a36ef438200d66d0cac503404173eec4913027
GET /img/head.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 3330
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-d02"
expires: Sat, 11 May 2024 18:19:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1292314
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYvhsnldGu4eWcvagFMUjfwNR%2BXqX6r0u8xFsvhlOvV7Cvnz93sfVWur4%2FOuyJP0MRcBHvJ3CTzFcOweXle16diyuILoyMHdUQeYbr1ODyB%2FVUgnJS5skAWNSBrpIjRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82d8e3b527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_pc_Language.png
104.21.87.84200 OK 893 B URL GET HTTP/3 m.payquiz.xyz/img/Answer_pc_Language.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash 9b034b5eb84e477e4c6e868baf9a42bf
b4ad7abdebcb0f12ca3e16a2e5ad6d1749322d3b
38fd90ebc3999035170310a5c38ddcf8745dce659edfcb0fafb72d0714f68d43
GET /img/Answer_pc_Language.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 893
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-37d"
expires: Sat, 18 May 2024 05:03:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 735273
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I6hgZnLcWuX5E0nUf2cRoHEkLB%2F2T5kFNFJYor4750NsJSU3co5giGKvr2BrYSpCurtdxo0pADStKLscMVMMQEVcq5gAR%2B%2FTvo2PK9l5VWYTlguWwpBSlcVvpi%2FFVi06"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82e8f2b527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_pc_F.A.Q.png
104.21.87.84200 OK 1.2 kB URL GET HTTP/3 m.payquiz.xyz/img/Answer_pc_F.A.Q.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash dcbdee5147e3caea028b18dc665c965d
82de1c17e9214503382c2aa01bed2eef72075dcb
548520c286521c9d0f7c38f16e0934211322bd8571c6764242a89662c3978d4c
GET /img/Answer_pc_F.A.Q.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 1208
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-4b8"
expires: Sat, 11 May 2024 18:19:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1292312
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1i34Su6Ov9xNUpjsh0HQLIQxdh%2FR%2FPZwNB3ywXNKK0ClbVY6tinwgWGdDZXvmmxVWOjTXg8gJFn4gwppcqNLI42BoR0Rxanf19I7xyBrrcM4Sj1hDlYDZNEKembsP1W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82d8f0b527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_7.png
104.21.87.84200 OK 338 B URL GET HTTP/3 m.payquiz.xyz/img/Answer_7.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced
Hash d7ad748bd3ba01d43e3c09c705f1720d
8754bee0d330d3207c4ec04bee4ec29258a203d3
9a30cd63bb9af11a2bb36d7dcb6806cfd71cc2fef7362694d82059b2e644a307
GET /img/Answer_7.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 338
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-152"
expires: Sun, 26 May 2024 17:17:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qroRFnBJFor0qW0EhNHSJNynr2b93UY5sxSghaHRfKxr5iZA6EeILbCS%2FQo3tWPQ%2Bv6TlQ3HHMvAHs8zvX9yw%2B4EaKh%2Bto9arapufiYvvMtjftILgmYZMdE91W3nbbFi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82e8fab527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/public/common.js?v=1025
104.21.87.84200 OK 1.7 kB URL GET HTTP/3 m.payquiz.xyz/public/common.js?v=1025
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type JavaScript source, ASCII text
Hash bc5538672592ffaec79fa6d8d867ca48
d634906013cf2b33a3c0a686f7430dc274495390
5b5c5192e4cd0430695a6aa793252effbfad68ae8940a06b630ea7df9221fbdf
GET /public/common.js?v=1025 HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: application/javascript
last-modified: Wed, 20 Dec 2023 06:50:16 GMT
vary: Accept-Encoding
etag: W/"65828ea8-ffc"
expires: Sat, 27 Apr 2024 05:17:44 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FJ3uIZNuS4AS7u%2BB1P2%2BVq5ImfVC0oPPv4uJxbCAGZgIivcrUTTNfmtm2djOlc7vfB%2Fkq%2Fjjb6doJsqoTz2i0p1DfD8hnl957OBa5staet93xDajGGeIYI0VPiHnuST"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a82d8d9b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_bg.jpg
104.21.87.84200 OK 9.2 kB URL GET HTTP/3 m.payquiz.xyz/img/Answer_bg.jpg
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x1625, components 3
Hash ae6d0f3d012f7e40e2663ac3b50ace02
9bdde67f3abe5abda16b3aad0183972557556b1a
29ba93cc464765da13bb0e3c31d0b55fe63709dd0deeab4d94f225f3f5930165
GET /img/Answer_bg.jpg HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/public/common.css?v=1025
Cookie: loclang=en; userInfo=%7B%22id%22%3A%221%22%2C%22name%22%3A%22test11%22%2C%22email%22%3A%22%22%2C%22head%22%3A%22./img/head.png%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:50 GMT
content-type: image/jpeg
content-length: 9223
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-2407"
expires: Fri, 24 May 2024 03:55:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 220942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuNwxZVa%2FcNm0lQ%2FX0tMP8R1uVQm6xbFyucDv8hnJia0or00fUXRGVZiwsn8dyaY%2B7IM9j2012emt0HQ69fK80v8f0SrlLYLK5C3PxGjWgMaDR7BwPKRHB%2Brs1WWDeri"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a83b9eeb527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/public/jquery-3.6.0.min.js
104.21.87.84200 OK 34 kB URL GET HTTP/3 m.payquiz.xyz/public/jquery-3.6.0.min.js
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /public/jquery-3.6.0.min.js HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: application/javascript
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
vary: Accept-Encoding
etag: W/"61a47582-15d9d"
expires: Sat, 27 Apr 2024 04:10:21 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 4048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWpaZiDPZd4i%2FSK3tJBM488kMJMd3%2BuICPwGuqBcQad5QPhk21nk9mHmADIX%2Bw4NKDoKQiU2BiNDWEw8vxjDG0XKNksByZWQ7cZlVt6%2Fpsc3lf31mVpRhwecejM7nXci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a82d8d4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_1.png
104.21.87.84200 OK 9.7 kB URL GET HTTP/3 m.payquiz.xyz/img/Answer_1.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 650 x 836, 8-bit colormap, non-interlaced
Hash d4a5980610579d23018ecf9a30c73967
ff28569ee1e381682e2bc4178614951955df537e
351af559d10c31589635d1e8911b59286638badf38c141826f7af5f95a356f09
GET /img/Answer_1.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/public/common.css?v=1025
Cookie: loclang=en; userInfo=%7B%22id%22%3A%221%22%2C%22name%22%3A%22test11%22%2C%22email%22%3A%22%22%2C%22head%22%3A%22./img/head.png%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:50 GMT
content-type: image/png
content-length: 9704
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-25e8"
expires: Fri, 24 May 2024 03:32:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 222297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zudWNqxGkL2MadFE2I14m9KDjAN%2BksWrmLomBNGBdInYGdi7niCRy38LfcCi%2BT%2B2ZkxTRjpLjhk4wjA9qAMIZxsNoNQQpRf21TGEQoh55I7vfxuE91Iln6D2NEnhY7R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a83c9f1b527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/public/sweetalert-dev.js?v=1025
104.21.87.84200 OK 12 kB URL GET HTTP/3 m.payquiz.xyz/public/sweetalert-dev.js?v=1025
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type JavaScript source, ASCII text, with very long lines (482), with CRLF line terminators
Hash 57904bb2d29194cdeb977098ced0997d
c05fe82fb5d018c812cb485a33529c4de85fac8a
4012721763780fea2a700978f072c577cfa5ded57dd165919cec59e1677ee89b
GET /public/sweetalert-dev.js?v=1025 HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: application/javascript
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
vary: Accept-Encoding
etag: W/"61a47582-a8d9"
expires: Sat, 27 Apr 2024 05:17:44 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aaDJqqEZVoz%2B1UnZiqX2saZiawIkaiodQGMLJyJw0BnwNGu2H3BEi3eV%2Bvi0mT%2Bmp1J6kx2y1BHzX9xH3bpDnwPnGHV%2BfF9jOXvup4%2BN%2BuQYE%2FshfwPuLP%2F1kn3rRwF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a82d8dab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ulogin.ru/js/ulogin.js
95.163.118.168200 OK 19 kB IP 95.163.118.168:443
ASN #12695 LLC Digital Network
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerLet's Encrypt
Subjectulogin.ru
Fingerprint9B:19:52:DB:BA:EE:1E:EB:EC:62:1E:7F:67:75:1F:46:E8:A0:25:57
ValidityTue, 23 Apr 2024 22:04:41 GMT - Mon, 22 Jul 2024 22:04:40 GMT
File type JavaScript source, ASCII text, with very long lines (580)
Hash c9704bed2f73ce4d9c2cbf77bfad8fe3
2fc0f98804879c7c59290e478ec2236dd33fe851
b0f570ce375d2366bbbee496891a3f0efa62593305ef5fd82b4a4e8d21b00496
GET /js/ulogin.js HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:17:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 14 Dec 2023 21:21:20 GMT
Set-Cookie: ulogin_token=u352348bd6846a69f7aa43d7c04e6af23; expires=Tuesday, 12-Jan-2030 10:00:00 GMT; path=/
Expires: Mon, 29 Apr 2024 17:17:51 GMT
Cache-Control: max-age=259200
Content-Encoding: gzip
ulogin.ru/version/3.0/img/providers-32-classic.png?version=img.3.0.2
95.163.118.168200 OK 37 kB URL GET HTTP/1.1 ulogin.ru/version/3.0/img/providers-32-classic.png?version=img.3.0.2
IP 95.163.118.168:443
ASN #12695 LLC Digital Network
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerLet's Encrypt
Subjectulogin.ru
Fingerprint9B:19:52:DB:BA:EE:1E:EB:EC:62:1E:7F:67:75:1F:46:E8:A0:25:57
ValidityTue, 23 Apr 2024 22:04:41 GMT - Mon, 22 Jul 2024 22:04:40 GMT
File type PNG image data, 32 x 816, 8-bit/color RGBA, non-interlaced
Hash deda48d7164be4bd370e4f4a842ef4c3
05779a81d5c22751d9fc3233e24dd39d863874b4
4101a0011295ffe856d6ed838c40acace8a110e03a4bd884f681de7a9354b320
GET /version/3.0/img/providers-32-classic.png?version=img.3.0.2 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:17:51 GMT
Content-Type: image/png
Content-Length: 37284
Last-Modified: Tue, 10 Aug 2021 18:31:03 GMT
Connection: keep-alive
ETag: "6112c5e7-91a4"
Expires: Mon, 29 Apr 2024 17:17:51 GMT
Cache-Control: max-age=259200, public
Accept-Ranges: bytes
tj.657g.xyz/api/event
188.114.96.1202 Accepted 2 B IP 188.114.96.1:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint50:D6:E0:11:AD:45:D4:13:FA:D4:11:BC:81:A3:03:88:0B:91:49:F4
ValidityTue, 05 Mar 2024 08:51:58 GMT - Mon, 03 Jun 2024 08:51:57 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert OpenPhish phishing PayPal Inc.
POST /api/event HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 79
Origin: https://m.payquiz.xyz
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 202 Accepted
date: Fri, 26 Apr 2024 17:17:50 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: F8nkKqEGIUlVGnsI4Bri
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6nQApQeXUGr2WJU50T2UCWqaHKWR%2FSEpFagSrDttdlbw0eDEZfMfbdy5RjkB%2Bs%2FALxEiwonkdvylU6lP1nF94OSRQE%2FsQaaQIshxBlysQHJUbpQVfcLEMk4lQBOkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a859f85568e-OSL
alt-svc: h3=":443"; ma=86400
ulogin.ru/stats.html?r=55120&type=panel&xdm_e=https%3A%2F%2Fm.payquiz.xyz&xdm_c=default5066&xdm_p=1
95.163.118.168200 OK 1.1 kB URL GET HTTP/1.1 ulogin.ru/stats.html?r=55120&type=panel&xdm_e=https%3A%2F%2Fm.payquiz.xyz&xdm_c=default5066&xdm_p=1
IP 95.163.118.168:443
ASN #12695 LLC Digital Network
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerLet's Encrypt
Subjectulogin.ru
Fingerprint9B:19:52:DB:BA:EE:1E:EB:EC:62:1E:7F:67:75:1F:46:E8:A0:25:57
ValidityTue, 23 Apr 2024 22:04:41 GMT - Mon, 22 Jul 2024 22:04:40 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 172c9de95b5e09f3f3fb6788dc85e618
a0af500d47d229611d00a78a0bfbcdefedc6d519
0d35a0dfc59effaee55acbe08ff749792d5c5dee22ac7969a297bdbd3fc5b00b
GET /stats.html?r=55120&type=panel&xdm_e=https%3A%2F%2Fm.payquiz.xyz&xdm_c=default5066&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:17:51 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
m.payquiz.xyz/favicon.ico
104.21.87.84200 OK 8.2 kB URL GET HTTP/3 m.payquiz.xyz/favicon.ico
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Hash 201e8d4ea8aee41c203c084f7d1c4e33
8613f3c329fce3f9211731e06ee6da330a11359e
75616a42ff4f96e6e7f3b1d3a74881d9148a46a276377bebab3a98b96c1cdb35
GET /favicon.ico HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en; userInfo=%7B%22id%22%3A%221%22%2C%22name%22%3A%22test11%22%2C%22email%22%3A%22%22%2C%22head%22%3A%22./img/head.png%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:50 GMT
content-type: image/x-icon
last-modified: Sun, 24 Apr 2022 01:42:36 GMT
etag: W/"6264ab0c-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ntp3LvZt5z9v6B3aB%2Fk0FV5DsXvoxn96HszLW1dzq1F%2FGn0U9HobpgdtbAXGBAWuqFcJ5%2F1JHBapYND7g%2B7oUMYnG6gAj0XSOHme%2BR6%2FKyHV4pfrQmnIHhfMdGHJSER3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a874f12b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/public/common.css?v=1025
104.21.87.84200 OK 16 kB URL GET HTTP/3 m.payquiz.xyz/public/common.css?v=1025
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text
Hash 5643d4a7bd96025d43a450ea9b1ed631
f907e2cea773c16b55be45e77a8932153a0d933b
f9bc6e2d009ca14a864dbcfdaa01ce3549ce408c1124a4bbecc993ca6a649cee
GET /public/common.css?v=1025 HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: text/css
last-modified: Mon, 08 Jan 2024 02:50:02 GMT
vary: Accept-Encoding
etag: W/"659b62da-612a"
expires: Sat, 27 Apr 2024 05:17:44 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucLFRkYRanfpeMr1SBrROS7IxyCNJOD9N0%2FTuDiViZ%2B%2Bz%2BrzY7vP67p3waV%2BNmB77Ft2KG9kCVgMJp3HaY9ZXMh0bJ7npf7rcBFMj4tFo85Gj%2FXCGexmiCwbxXAIfFTu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a82d8d2b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=496455020&si=60c87f46b6c9bdadb204d78d0c8c690d&v=1.3.0&lv=1&sn=18411&r=0&ww=1280&u=https%3A%2F%2Fm.payquiz.xyz%2Fsignin.php&tt=Sign%20In
183.240.98.228200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=496455020&si=60c87f46b6c9bdadb204d78d0c8c690d&v=1.3.0&lv=1&sn=18411&r=0&ww=1280&u=https%3A%2F%2Fm.payquiz.xyz%2Fsignin.php&tt=Sign%20In
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=496455020&si=60c87f46b6c9bdadb204d78d0c8c690d&v=1.3.0&lv=1&sn=18411&r=0&ww=1280&u=https%3A%2F%2Fm.payquiz.xyz%2Fsignin.php&tt=Sign%20In HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 26 Apr 2024 17:17:51 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EC4DB926F3CE50A4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=zPR5qjLdBh6W1W2VFDHLDSKeKh_0bNIuP44BSs9Y7PJ8IawEpfk-DUr_rpn1mXM2eEvE-dZcD4kJQtOQXlRzaryUmV_jzsL0Xr7fPLynjoVS6FoHvBcxB-N0_HZ00Bxu
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Fri, 26 Apr 2024 17:17:47 GMT
age: 20
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
95.163.118.168200 OK 20 kB URL GET HTTP/1.1 ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
IP 95.163.118.168:443
ASN #12695 LLC Digital Network
Requested by https://ulogin.ru/stats.html?r=55120&type=panel&xdm_e=https%3A%2F%2Fm.payquiz.xyz&xdm_c=default5066&xdm_p=1
Certificate IssuerLet's Encrypt
Subjectulogin.ru
Fingerprint9B:19:52:DB:BA:EE:1E:EB:EC:62:1E:7F:67:75:1F:46:E8:A0:25:57
ValidityTue, 23 Apr 2024 22:04:41 GMT - Mon, 22 Jul 2024 22:04:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/easyXDM.min.js?version=js.2.0.0 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ulogin.ru/stats.html?r=55120&type=panel&xdm_e=https%3A%2F%2Fm.payquiz.xyz&xdm_c=default5066&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:17:51 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Mon, 29 Apr 2024 17:17:51 GMT
Cache-Control: max-age=259200, public
104.21.87.84200 OK 7.6 kB URL User Request GET HTTP/3 IP 104.21.87.84:443
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type HTML document, ASCII text, with very long lines (8142), with no line terminators
Hash 536262b3c2a9045f2a23a12f8f61e2b6
95c414744cd4091b5793bd020228332132cb7175
c17d141c70822fd625a7eca93599e88e11efd123f59dab12cd8755bd9716c543
GET /signin.php HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: loclang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzSQPizaX6oqMAJcaNxggRJC5mCRQ%2FJkQsXsn9KHGPnpSAyvYgOMHjVWCGQBu6Xxm8X02L8eYiyaCwDsWGv4c3%2F0twTiJe8e5AwZuBnR3Xbhjd03w7mXjeR%2BlITKrcfS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a7dfa63b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/img/Answer_15.png
104.21.87.84200 OK 1.5 kB URL GET HTTP/3 m.payquiz.xyz/img/Answer_15.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 482 x 270, 8-bit colormap, non-interlaced
Hash 4978bd85288fbbfed0278c0e7f625009
f37aa6532095f7d1248a186292c05062458d5c8e
8bd443af9e7ea126b3cd6839c67f16bade003a150eba9171b0bd7b114449fef8
GET /img/Answer_15.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/public/common.css?v=1025
Cookie: loclang=en; userInfo=%7B%22id%22%3A%221%22%2C%22name%22%3A%22test11%22%2C%22email%22%3A%22%22%2C%22head%22%3A%22./img/head.png%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:50 GMT
content-type: image/png
content-length: 1501
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-5dd"
expires: Sun, 26 May 2024 17:17:45 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzACaidO5erkNtma1EfJrfF1BndO8huXbkTW8x9m3UqtZDdWPXHSvlUreLtW290UalwH43tuQ684veJApUThH9BcxNck%2FJPdFFTj1vS34E2Wb3MtX0%2BVdDzu%2BcBu9KDD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a83b9ecb527-OSL
alt-svc: h3=":443"; ma=86400
m.payquiz.xyz/public/sweetalert.css
104.21.87.84200 OK 24 kB URL GET HTTP/3 m.payquiz.xyz/public/sweetalert.css
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type ASCII text, with CRLF line terminators
Hash 9b8007e29ad2778d449264166a7892b7
47418efe84958fcf4a945cbf6c2f54d29967e79b
4513f34c44831aab38d5171e7d729e3fabeea39dfc7ffd06722b490d02f20a70
GET /public/sweetalert.css HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: text/css
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
vary: Accept-Encoding
etag: W/"61a47582-5d03"
expires: Sat, 27 Apr 2024 04:10:21 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 4047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FaW3l0ohcp4PSfbROVFRysootJgmuxrT%2BjFn%2BsS0r4OsrqKftXW2IAmDdyFI1Lq37dU8wnJF9oUx%2FWofHLSoFWzDGCIhyrPkEi8tuVu1NUvWXgmhUuDGuakLcPl6QxDq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a82d8dcb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tj.657g.xyz/js/script.js
188.114.96.1200 OK 1.3 kB IP 188.114.96.1:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint50:D6:E0:11:AD:45:D4:13:FA:D4:11:BC:81:A3:03:88:0B:91:49:F4
ValidityTue, 05 Mar 2024 08:51:58 GMT - Mon, 03 Jun 2024 08:51:57 GMT
File type ASCII text, with very long lines (1384), with no line terminators
Hash 16cfd1982a40489c41a52add24d36b85
344f1896d895c5d0a7c4caecafcf1942603cd026
72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce
Analyzer Verdict Alert OpenPhish phishing PayPal Inc.
GET /js/script.js HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: application/javascript
cf-bgj: minify
expires: Fri, 26 Apr 2024 18:48:21 GMT
vary: Accept-Encoding
x-cache: HIT
access-control-allow-origin: *
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37903
last-modified: Fri, 26 Apr 2024 06:46:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wa%2FBCKZkeY6iUoUTZBbWQ8fzJZCpUzDbp6YYWn8hIqlQ517JJQladuxvdqE4P9N79qsJJOhWffT1P9gTKN7XPTVMWVYsktItfUHRkO24xzGSEVftd0i2OPy0YWLZQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a83a8349c156bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
m.payquiz.xyz/img/Answer_pc_User-area.png
104.21.87.84200 OK 1.1 kB URL GET HTTP/3 m.payquiz.xyz/img/Answer_pc_User-area.png
IP 104.21.87.84:443
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectpayquiz.xyz
Fingerprint82:12:11:9B:0D:EF:CA:9B:64:30:9A:3A:18:50:44:39:01:28:A4:46
ValidityWed, 20 Mar 2024 12:10:07 GMT - Tue, 18 Jun 2024 12:10:06 GMT
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash 169da7dd2359a7338b078288b22a087a
8eb84e4fdb93abbaf1043405c838da69efb660e4
1ad7c05edd739e9b883d4945aa902497127f690184221e45476497250d66b4bc
GET /img/Answer_pc_User-area.png HTTP/1.1
Host: m.payquiz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/signin.php
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:17:49 GMT
content-type: image/png
content-length: 1140
last-modified: Mon, 29 Nov 2021 06:38:58 GMT
etag: "61a47582-474"
expires: Sun, 26 May 2024 17:17:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Fmqmm8BM8MfFqkHOihQROSEX1WZkWeC0qnTI%2FFd3oAqmKm72zZHAlOQYyorg4ObJJvg6JqOpUkiVSQy8DRyyZ400c7YpFudu1dhXwe3hWwU1p4UoD6VytF1vylNzyZJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a83a82d8eeb527-OSL
alt-svc: h3=":443"; ma=86400
hm.baidu.com/hm.js?60c87f46b6c9bdadb204d78d0c8c690d
183.240.98.228200 OK 30 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?60c87f46b6c9bdadb204d78d0c8c690d
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by https://m.payquiz.xyz/signin.php
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (620)
Hash 2b9a1f90056805a0a5c9225d9f64e8e4
d0746ad74ae3422a9cbc7b437b13c7f282222de9
aff00d9eabe6c0908b456aaf256e10322aae8977aab71753a63fbe6bf2dc08d2
GET /hm.js?60c87f46b6c9bdadb204d78d0c8c690d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.payquiz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 26 Apr 2024 17:17:50 GMT
Etag: 13e00cb5edbe1b71ffda4c341239981a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8F4A1DBBA4A3AFDC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800