Report - free.nowgoal.plus/

Report Overview

Submitted URL
free.nowgoal.plus/
IP
23.224.77.10
ASN
#40065 CNSERVERS
Submitted
2023-01-30 17:16:46
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
user.nowgoal6.com	unknown	2022-07-23T18:47:25Z	2023-02-18T11:58:00Z	751 B	667 B	128.14.140.86
free.nowgoal.plus	unknown	2022-09-19T18:32:35Z	2023-03-04T18:17:56Z	37 kB	343 kB	128.14.140.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.202.152.202
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
platform.twitter.com	597	2012-05-21T05:34:05Z	2023-03-13T05:09:29Z	937 B	134 kB	93.184.220.66
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	2.2 kB	93.184.220.29
img_nowgoal.thscore.fun	unknown	2022-12-06T00:23:09Z	2022-12-20T07:52:35Z	5.8 kB	576 kB	104.22.54.149
syndication.twitter.com	833	2013-09-20T03:46:47Z	2023-03-13T05:26:52Z	457 B	916 B	104.244.42.136
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	385 B	80 kB	142.250.74.40
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	1.0 kB	12 kB	103.235.46.191
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.7 kB	12 kB	95.101.11.115
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.131
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-13T05:09:32Z	366 B	22 kB	172.217.21.174
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	370 B	2.7 kB	31.13.72.12
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	359 B	1.9 kB	104.18.21.226
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	733 B	448 B	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	free.nowgoal.plus/	Phishing
2023-01-30	medium	free.nowgoal.plus/	Phishing
2023-01-30	medium	free.nowgoal.plus/Content/Com/theme.css?v=638105847200000000	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Com/jquery.min.js?v=637691366600000000	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Main/Public.js?v=638084410840000000	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Main/localDiff.js?v=638106078980000000	Phishing
2023-01-30	medium	free.nowgoal.plus/Scripts/i18n/rs_index_ng.js	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/ng/serverDiff.js?v=637987435590000000	Phishing
2023-01-30	medium	free.nowgoal.plus/scriptEx/ng/all_Ad.js?v=638106231532419554	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Main/defaultBlank.js?v=638022265090000000	Phishing
2023-01-30	medium	free.nowgoal.plus/Content/Com/eventStyle.less?v=638105847200000000	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Main/soccer/soccer_common.js?v=638097467710000000	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Main/soccer/flash.js?v=638105151340000000	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Main/fly_ad.js?v=637774946286063125	Phishing
2023-01-30	medium	free.nowgoal.plus/ajax/IPchecker/?1675099009000	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/bf_us.js?1675099009000	Phishing
2023-01-30	medium	free.nowgoal.plus/sound/sound4.mp3	Phishing
2023-01-30	medium	free.nowgoal.plus/sound/red.mp3	Phishing
2023-01-30	medium	free.nowgoal.plus/sound/sound4.mp3	Phishing
2023-01-30	medium	free.nowgoal.plus/sound/sound4.mp3	Phishing
2023-01-30	medium	free.nowgoal.plus/sound/sound4.mp3	Phishing
2023-01-30	medium	free.nowgoal.plus/sound/sound4.mp3	Phishing
2023-01-30	medium	free.nowgoal.plus/sound/sound4.mp3	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/odds/en/goal8.xml?1675099010000	Phishing
2023-01-30	medium	free.nowgoal.plus/ajax/GetTipsCount	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/odds/en/runOddsData_8.txt?1675099011000	Phishing
2023-01-30	medium	free.nowgoal.plus/Scripts/Ng/tongji.js	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/change_en.xml?1675099011000	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/panlu_kr.js?1675099013000	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/sbCorner.js?1675099013000	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/odds/en/ch_goal8.xml?1675099014000	Phishing
2023-01-30	medium	free.nowgoal.plus/gf/data/change_en.xml?1675099014000	Phishing
2023-01-30	medium	free.nowgoal.plus/scripts/Main/soccer/soccer_fliter.js?v=638017643370000000	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (62)

	URL	Size	First Seen	Last Seen
	free.nowgoal.plus/scripts/ng/config.js?v=638106983891957425	688 B	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/scripts/ng/config.js?v=638106983891957425 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 45b7b53ca4d61e5baf8cefc7bf5d0ab9 85217dce46b6d56b3ad887797a21a4800eca2ce7 50e3f12c468b58c38971a3fcea15ffced1cfacab277ec4b9b644a9952c8e8b05 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs	152 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:09 Last Seen2023-03-14 14:13:10 Times Seen1 Hash 17f8a13c08d686864cf2e90b3c1f501c fb1b45fee77fcf9292297818da49aed9bea10173 7fc95c63ef763ca78bc62910711282071e88a80e2d744534bbbf9762282f64b1 Loading...

	free.nowgoal.plus/scripts/Main/soccer/flash.js?v=638105151340000000	38 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/soccer/flash.js?v=638105151340000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 32d2f73da1ff7379794333dc4c66fabf 6a74bb421bbc49ec534207394850dd5f4a00d7d8 09e21b8c4fd37fb52fc7c3362ddf4a28287233b076e052653c27aeea75758ac0 Loading...

	free.nowgoal.plus/	438 B	2023-03-10	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:29:48 Last Seen2023-03-13 12:35:11 Times Seen1 Hash f0561c8fd06b07354e1b3cdb4835ee1f 868caf917173cd590563ab8d7fa103f3be6c2120 daf1eb1d7ea5964e9063ea63d1b11604d9f1037de36445b98a9c59643073a87c Loading...

	free.nowgoal.plus/	32 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash b128a0f60a229af399c52641375e6803 7e730cbfbcf94fcfaca3cf9fff75eac674153b95 90652e9b1bb64f6bd3f859a1b8553c358876a856aa97f810ed49edeb9946f0f3 Loading...

	free.nowgoal.plus/	15 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 2b7dfa3625f031f119a80a34574648c4 720cc932fb5b869c8d59fb53827ce9aa64a51c03 a291279cc2c587a164bc66dfc91da6d9ed675432bc115124430429b50756e756 Loading...

	free.nowgoal.plus/scripts/Main/setting.js?v=637770638734614593	6.0 kB	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/setting.js?v=637770638734614593 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash bf4d703ec8ad380b32f86bd547a3dc55 7d1f0abc482693deda28b81ba167f13a3dac898e 96f3479188c3d5955e10a3401e5e851dd967ad4cc6fe9c97cdd9152ef4f42763 Loading...

	free.nowgoal.plus/scriptEx/ng/all_Ad.js?v=638106231532419554	12 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/scriptEx/ng/all_Ad.js?v=638106231532419554 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 93faf7f1e9af3710b211979acf10bdeb de2eea3cfc0c4bc0b328c351a439898c9ae7bf5d 9bcf222eb5534c7b1ae48636f91c139f700906fb40d6da757aeaff7e820580c2 Loading...

	free.nowgoal.plus/	25 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash fb58a22730af1cdd6cc5de303458e0db 80ccfd1c4f3799515d928f87979adebf7a6f9730 fec74ffaaf99407fc08afc8641d610476fdbb1f83003999d1520c0806a98a702 Loading...

	free.nowgoal.plus/	25 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 7a9d8fdd4f560f67a26c290b37b21ed7 2f9b612d29f9766a3bf9cdb200472c1d557c416b 599898bd648b2b0810c6bf77c607a8de78858d2996b0fad0282a600b3076cfa8 Loading...

	free.nowgoal.plus/scripts/Main/fly_ad.js?v=637774946286063125	2.1 kB	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/fly_ad.js?v=637774946286063125 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 7c1be444bf67128d0d55d6b133e0f419 cd86dfc2b8921a788e9c51f3c053a8aa38f06622 d3fbfe28459d7a07e026719d53592ebe942d1030da745cfae3730ec592b14f81 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.0	3.1 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 2ba9501498ccf17da9195a44437c7903 bf35e81a416611fb8353d2aa8eda6d129a9ceb2a 7b61dbb677724d42d950188cbda404f1438bc20cd09ef228ffc0e769c1d46834 Loading...

	platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus	327 kB	2023-03-13	2024-04-18
Pretty URL platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:53:42 Last Seen2024-04-18 11:27:49 Times Seen2170 Hash ddda7cfc08478ea11fab363ee004f38e e56b886f428cb955f3c594b3c82213cd422b82fd 74df0c960477a1e829b4e135295119fc6d3603d2fbdae3f87bc1854ec5ef0cc4 Loading...

	free.nowgoal.plus/	36 B	2023-03-07	2023-05-20
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-05-20 00:52:10 Times Seen3 Hash cfd076e5c276f6869cd11526e099c485 9eb3ddeeba2ac8aeea74527ff146a81df28beaa4 936d79efaa427d6d06440f2d6aa327eca3a9ea0f013d2c0063ac551eae34108d Loading...

	free.nowgoal.plus/	25 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 95f81ac03353e1ddaf6b094c7e441363 cf627a80faa9b98d263a07a521ffdb606e6092c7 f895c400a425237fd1b4b92ce9140a6a1eaf39e3fd31a968427a8099c8eb0f38 Loading...

	free.nowgoal.plus/scripts/Com/jquery.min.js?v=637691366600000000	96 kB	2023-03-10	2023-06-16
Pretty URL free.nowgoal.plus/scripts/Com/jquery.min.js?v=637691366600000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:29:48 Last Seen2023-06-16 08:10:55 Times Seen15 Hash 516db6753d94d096717395964b6fb80c d8a5505d38adcc7aae6c390821bbd64130e041f7 ac7cc90c3251fd4f8480f76332ebb9a5d24e05fc92bfca6fafab145dbac399b6 Loading...

	user.nowgoal6.com//sso/ssologinpcjs?opr=2	36 B	2023-03-07	2023-03-13
Pretty URL user.nowgoal6.com//sso/ssologinpcjs?opr=2 IP 128.14.140.86 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash ed3173eb9f7d973bd0f46fb7dc62ce2d 9c0106a087d87b95963b2af3205ccb2ebb3d1763 136055a8be430942f15c65799930f9a91a96e62f77c3a56354d142e1eabbf223 Loading...

	hm.baidu.com/hm.js?0394be8d23ef30dfa25c2fe6e78fb15b	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?0394be8d23ef30dfa25c2fe6e78fb15b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 19ce1796478293e072217469de6c6fd8 e1606466c553ed05a4b22bf5c8fa2b3b7e581bfb 01c03a73444cc64aee33838ab897232c2bac397d857870b03beac62a0ae7b1fc Loading...

	free.nowgoal.plus/gf/data/panlu_kr.js?1675099013000	21 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/gf/data/panlu_kr.js?1675099013000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 5d33ac82ac20a2acd2a81a7bb78ca046 3716e3e5a778a55629f54db57c482e03aa31a203 d222f743ebcaacd9a91f955846c87d367727f931b64e33f9fee58c292b4a2c94 Loading...

	free.nowgoal.plus/	25 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 4a2e2ef01275d17cec34f8a2cf0d1954 873a9e4adaf3a3ed5c07a8483741e85b202a2121 0c6cfa6b892f3cefacd228011ec5ece24f7ba190116452199a5423fcc582242a Loading...

	free.nowgoal.plus/gf/data/bf_us.js?1675099009000	23 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/gf/data/bf_us.js?1675099009000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 73be069b5cd898f4447144c515eb693a a1f20483118dbb767e74896aaa41f559c0a74ed2 03b660f5c15f44c72a146a531148e513595b79fd20de4a885bd5ab362b866923 Loading...

	free.nowgoal.plus/	12 B	2023-03-07	2023-05-22
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:55 Last Seen2023-05-22 12:17:51 Times Seen2 Hash 0f920de9c10e317df5ddf93d1581260e 5881dd501064795b8bf63aef8b23a94678992563 7c0f1833fac9db70d8de44134567d794985c803b3016fd15f2070bc8c9df6051 Loading...

	free.nowgoal.plus/	25 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 5080a48d7e98aa44167be2d81a4b852b 7ad1c390e05cc7f734fc8847096ccafbdd2b87e2 a0b3c77b630f7fca87285930303ecf9e7db17c5a2cbba66e8451c6c0fe697327 Loading...

	free.nowgoal.plus/	19 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 3a34dd5db877914aa9ccd4bf090197da 96814f9682a5bf0926f49b119c1371a3c9d4891b c4b0c23568de5d9da6de4d09307752a8e991965f81a6b59833a2955a8e783d8e Loading...

	free.nowgoal.plus/	26 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash b6ff2af4207586fb5513ff53ed7600de 5169a937e8486b0b3f75db58d4c9d6b282929655 eeb3488dd76b09ab36a3eee83cb508e17224797b83a1598ddd3613928b2775cc Loading...

	free.nowgoal.plus/scripts/ng/localDiff.js?v=638106080070000000	5.9 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/scripts/ng/localDiff.js?v=638106080070000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash dc4d070667d61d021b6244b5cde3fb73 e8ed447b575667f707961dd27b994c95f69a7604 d49382e732f3405201e1b2d6e1edafadb58eb77b59dc9e3d9b5645a912952ee1 Loading...

	free.nowgoal.plus/scripts/Main/defaultBlank.js?v=638022265090000000	279 B	2023-03-10	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/defaultBlank.js?v=638022265090000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:29:48 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 258e2451f0acf004c579b94277e30a96 feea2592abc27b67d22b75c0e40efca0a5f8d2c7 0427ff6b0c8daa6d4d8ca9b1e2cd3e45576a58c97c58e2e7fdfa74fa905f27cb Loading...

	free.nowgoal.plus/	29 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 44c882554e3862e0eabf3a6c2b0cdf24 9ad7349de3a4cab8153436b734e7f89a5a24d01c d28504ff60508a5543784e34e60a1a4b08f3f58918b8398eba79a88538c9cb70 Loading...

	platform.twitter.com/widgets.js	93 kB	2023-03-13	2024-04-18
Pretty URL platform.twitter.com/widgets.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:53:34 Last Seen2024-04-18 11:27:49 Times Seen3883 Hash 9e99725b7a4cd730a934afba2a438bb5 cca18cd298b243e672b37ba6e6927bec865dd742 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b Loading...

	connect.facebook.net/en_US/sdk.js?hash=77fec54c3c530c76549d23c847cb98c1	313 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/sdk.js?hash=77fec54c3c530c76549d23c847cb98c1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:33:30 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 1b621deb11b17401b10ee10ceb91a2a5 759035d7e5ad01433ed46f9c686c74e6567463fe f87c2f692138ea5e00489fdea9b35a7763e7ade834c00cbbd63068b4e0ad7149 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 00:36:23 Times Seen36969155 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	apis.google.com/js/plusone.js	55 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/js/plusone.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:09 Last Seen2023-03-14 14:13:10 Times Seen1 Hash 16c58379dbc00071e786bbcd4201ba8b 41263545ee7cfe317f627bde06a2113412522b08 6cae3ec13bbff388bc73c59a24021f69f4ca6d901de9912005af469f2d750aa8 Loading...

	free.nowgoal.plus/scripts/Main/localDiff.js?v=638106078980000000	5.3 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/localDiff.js?v=638106078980000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 906faec6d948e5802d0ad766b7fd4c23 293f55b5081d7e9d0a47a204490fcf4385b0988d 484e878b9062f70edd273af5e5966aecd3b20a0b37bc3e7c0f09371a186498ac Loading...

	free.nowgoal.plus/scripts/ng/serverDiff.js?v=637987435590000000	5.5 kB	2023-03-10	2023-04-05
Pretty URL free.nowgoal.plus/scripts/ng/serverDiff.js?v=637987435590000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:29:48 Last Seen2023-04-05 02:01:43 Times Seen2 Hash a7b1cb7ae0ecd6ae8ba05dac19be2ae9 fb32c4e56163b79cfe8be8a8de12228a27a40b36 7a6d5dde96de2ce24e55d905d7c075f4f04bf646cf615dbe6254a557ff556bce Loading...

	free.nowgoal.plus/scripts/Main/soccer/soccer.js?v=638106114720000000	213 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/soccer/soccer.js?v=638106114720000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash ac81e29eb2e5a3ca02d3ea91cd0694e7 5157cb3b843767066f08ab9f674b9e71a0c91366 9b7afae6f1d9f9f6df697fc98d5c71b272ee451b04bce91e8cb7b363531bbb41 Loading...

	free.nowgoal.plus/	58 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 9098248719a3615005b2c874a45a1eb8 a810b025d2e12b15c4a6ea120e4734246ca8e274 e10c0f883ff6f822c6d309a8c7c0c63ce2aa6762e9f3b630292e03a621b34328 Loading...

	free.nowgoal.plus/	15 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:41 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 11bbf374b87e42fee545792864e2d8f6 803e14235adec3fe035352364030993cda0de24e 52dc759f7c881b57d972ef9adf0b32392c47254ee7742c5e414b7a737b0f0587 Loading...

	free.nowgoal.plus/	73 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 7693db93e50eed8a61a9b4b5c8bbe6d6 70b692fddd40c9f9db828e62c48703143129f557 5aa839a83c5a49cae23dd2e793f244cd867dea6ba5a1e6bfa2ebba0720b707a6 Loading...

	free.nowgoal.plus/	7 B	2023-03-10	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:29:48 Last Seen2023-03-13 23:38:22 Times Seen1 Hash 70d86e5ae6dcfa030ea2c465b183e152 64dbc781f4b7d1e749823b5f84d5c69d9a4c77f4 19f63a273407dcee760d7c958f1fb3d09faf5eff570725a92313661963e057c5 Loading...

	free.nowgoal.plus/	1.2 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 41ad7f448a443d8fd1f9dd00802caed5 09a221d60451f953027bb5377974b91c2716977b 523f2ac160085d63695be38f131b9051b5f587b2def0ae7c0e9abf3193677bd0 Loading...

	free.nowgoal.plus/	418 B	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 8f869cbcb33ef2387cd7d1ece7e95d59 c785d83fa343d87787cb9a883dbcc9e69cc89052 16f3677f46146bafb9c8c5724ca5e5e4d43789713c81fb33efb9be4b2ef05d02 Loading...

	free.nowgoal.plus/	25 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:41 Last Seen2023-03-13 12:35:11 Times Seen1 Hash cc10ca88bbed9ff8cb9136b232ceff73 cb64a9b65020d8e6d966a657a30377ae574c14bf 85a315ead66ad7c5fc81c240ee9e204d9da2a7178f94da3e5d80b1828fcc4fba Loading...

	free.nowgoal.plus/Scripts/Ng/tongji.js	391 B	2023-03-10	2023-05-20
Pretty URL free.nowgoal.plus/Scripts/Ng/tongji.js IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:29:48 Last Seen2023-05-20 00:52:10 Times Seen3 Hash 5933cf9ab6bf81a4da2f48994cb44814 47be67ee915e8dbcc75e30611d834d075fb42ca4 aa742424c70cfccbc97f58f12c786d53d6b5ad08e4396764bc26cc8e309076e2 Loading...

	free.nowgoal.plus/scripts/Main/soccer/soccer_fliter.js?v=638017643370000000	32 kB	2023-03-12	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/soccer/soccer_fliter.js?v=638017643370000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:09:33 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 785bac6d9a54dbf3f4c07d36b88ce034 270c7ccb6a7ed39b615da063af4945879a7fe7c5 b526951970c06a25a6591fcaedee939f22d9f02d7dfca67fdcd0eb16aa5965d4 Loading...

	free.nowgoal.plus/	103 B	2023-03-10	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:29:48 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 34cb1210a6f183186937b6d23f9f5fa0 0ecc30f8607d9b16ddb610590fac2da0b137c231 2905d5983e28d23b1845d9f5e70dc7adad9e6737eb16080ddcaf2c2a654865cc Loading...

	www.googletagmanager.com/gtag/js?id=G-77FSGHPJTH	238 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-77FSGHPJTH IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 1263f2082e8c38ac362e6b90a7603c57 f77bddfcd0a4b1d2adadfe92ea05f4183432b9f8 83e6b07fd7d9c6ffae1c6fe94b59c0de3d60aa5f079422e0d802c707a96b7a96 Loading...

	free.nowgoal.plus/scripts/Main/Public.js?v=638084410840000000	76 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/Public.js?v=638084410840000000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash f2340f46e1342b3bc4dc4a692efc51c1 d6367201b1b0ce7e450bc0f3421e6336ad80c3e8 c3f72928ca66ce59385cb22d90c8ca8b12e21857996e952e875fc0c8ffca040f Loading...

	free.nowgoal.plus/scripts/Main/AdCheck.js?v=637772574871339630	507 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/scripts/Main/AdCheck.js?v=637772574871339630 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:41 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 51f6aa5bc1dbc01c5bb84cc2acf2b374 37439d681c1e146fa7a7eeff6a40c93702881acc 41477808e17d7bb6af96fb413e235d5f1d1f9782fce97ca13077f26807929e32 Loading...

	free.nowgoal.plus/	26 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 8115b6ae912902baaa0ffbc6ae5356f3 5f7ec3992a3313a8866e6433c6a826bfc3ebb85f 78a453ca8d3697c2818ac5d69bde2dd2c2efc74e3075b31100892878caefbcc8 Loading...

	user.nowgoal6.com//sso/ssologinpcjs/	210 B	2023-03-13	2023-03-13
Pretty URL user.nowgoal6.com//sso/ssologinpcjs/ IP 128.14.140.86 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 65a7896f3e63fecbbbdcdfde4a448216 5c38ec153f0b9e720500126b6330d3488aebc6a2 0f9fc731760d25c8b73f99b59881bf9b3f043c6101700e128f9e051880161e64 Loading...

	free.nowgoal.plus/	27 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:42 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 0ba585bf26cf3a2e5ca2776ac650e4ef f66f4d501b9347b965f5af81cddee61153f63299 29d708fda61011fa9a4c0f4d8c476796f5037a78d359c0fc2e8e0e847318fc59 Loading...

	free.nowgoal.plus/	30 B	2023-03-07	2023-03-13
Pretty URL free.nowgoal.plus/ IP 128.14.140.150 ASN #21859 ZEN-ECN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:41 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 7b2c43260cd5dfd15f0c24cb46b90e98 66f1b519b7c2579dde04fc3a4c847fbfe5e9de3f dee3f1be389eb6d7e3e2c58cde1d3aaa8e8d97d74ee1f21d34a779357dea0e9a Loading...

	free.nowgoal.plus/gf/data/sbCorner.js?1675099013000	15 kB	2023-03-13	2023-03-13
Pretty URL free.nowgoal.plus/gf/data/sbCorner.js?1675099013000 IP 23.224.77.10 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash e17ee6c170ac4c5851f9a1f31fb66ccd dcb3ee3772bb12189a6c04c8dd6cb396d27fae5e 3f5b84e72d524e9c3dae1974b93868cb341807a7a8612b80f0146f94fb3c4673 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 96a3be3cf272e017046d1b2674a52bd3	2 B	2023-03-08	2024-04-13
Pretty Observations First Seen2023-03-08 16:25:25 Last Seen2024-04-13 12:30:55 Times Seen14 Hash 96a3be3cf272e017046d1b2674a52bd3 ddfe163345d338193ac2bdc183f8e9dcff904b43 938db8c9f82c8cb58d3f3ef4fd250036a48d26a712753d2fde5abd03a85cabf4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 16c4b1f0f4ff04ccf3fd94933952a3f6	342 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 16c4b1f0f4ff04ccf3fd94933952a3f6 ffb26d200dc890f1976250a22c3c948ead8195e2 24a6dc3b51534c12ac6c61fd7debe63a3bfd436262b46698d0c13e8b8914f5c7 Loading...

	#2 Write - 161fc2aa5134a9ba67722dc8a9c4b7b6	165 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 161fc2aa5134a9ba67722dc8a9c4b7b6 d9b99e64368390feb57214e1c4a01e4c82a353fd 99c89e158ae8e2e2b2392b0c18748a48a0b8b2f5cb89925609c82e5046cb42f8 Loading...

	#3 Write - 47f6fb22ac7c535c75e3b52216eb5c0d	727 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 47f6fb22ac7c535c75e3b52216eb5c0d b1f794940dae59c9c1e1ac613c9ad07a7166a73f 80337e0eae47e413995b172708893f9f36d4433061f217ec4a2e8ace37e46a2b Loading...

	#4 Write - 2e044db656ab0f7676ac60dcdc52550d	439 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 2e044db656ab0f7676ac60dcdc52550d 21c092b3b1c0534b739b76417ac53588d574c056 44caf7ac19499e79cac59a4c5785d66ef9280b18072cc44eae8fc6504c42d265 Loading...

	#5 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 00:36:23 Times Seen36969155 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#6 Write - 37e6d4473371e982ea3dd938b20581d2	169 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 37e6d4473371e982ea3dd938b20581d2 3837f77e93d7f2b085e6025b1bba792f3149356f b0c861ac31ef582cf96d48ddf492c38d2cf46f628769b2dfbbdb2415aa6f006d Loading...

	#7 Write - 052858c02e5d4e6c23b0bf3cae643080	167 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 052858c02e5d4e6c23b0bf3cae643080 0480906bf15db3f8f82d4793bfea749dc5e008d7 cb433de23bd6b31975ab301893a16bb1f53c01e3204e38499a55d54471735623 Loading...

	#8 Write - 13945ced6c8deed4f93f236483b89ac4	318 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:35:11 Last Seen2023-03-13 12:35:11 Times Seen1 Hash 13945ced6c8deed4f93f236483b89ac4 650bce9dde59a769136c2835fd66ced3a0ac936f 952883d66c38d4b3f6e10c6dcfc19b53f5b6557c97b2541aba2010c89d407f10 Loading...

HTTP Transactions (142)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3082
Expires: Mon, 30 Jan 2023 18:07:57 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3334
Expires: Mon, 30 Jan 2023 18:12:09 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive

free.nowgoal.plus/

128.14.140.150

301 Moved Permanently

149 B

URL HTTP/1.1
free.nowgoal.plus/
IP
128.14.140.150:0
ASN
#21859 ZEN-ECN

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Size
149 B (149 bytes)
Hash
258d35f1cf004e597b5575edf4197573
d4590f3a38a2190dea86ad52d1154b824abf0076
e8131213584120d26c77117751e5a53eb83583528e13522c6771de14b4f345bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://free.nowgoal.plus/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Mon, 30 Jan 2023 17:16:34 GMT
Content-Length: 149

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:35:45 GMT
content-type: application/json
age: 2450
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5116
Expires: Mon, 30 Jan 2023 18:41:51 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GELRlQTYdn51eadTrFnaUMJPEktlPri4FnoIoxT0m+lG4fjw2dN0y6iS+KdKaHPRLz9jx97DH8g=
x-amz-request-id: GXKCAHVFN40HS0A9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:21:52 GMT
age: 3283
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:16:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:49:04 GMT
age: 1651
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0991e433a9640d114f8b46cf12ee5ad7
40c2dc2755f60b409357ef37d7556df404101752
06904b99445cc25df886430a4adeaa3910984a757a948716afcc43648a984cd5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06904B99445CC25DF886430A4ADEAA3910984A757A948716AFCC43648A984CD5"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 23:16:35 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11630
Expires: Mon, 30 Jan 2023 20:30:25 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive

free.nowgoal.plus/

23.224.77.10

200 OK

12 kB

URL HTTP/2
free.nowgoal.plus/
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
12 kB (12383 bytes)
Hash
5b165917621f8886d47074626c35535d
aebf80f07efa81d68922e869bb301498e19425c7
90a3156baec128bc51a6929cebf6f38517b938e6634399ffec30cf347f8a875a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:50 GMT
content-length: 12383
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.202.152.202

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.202.152.202:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5hcR+TpEABm8l/F9Jk4rRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ON7ENCU8bVvEe6Ye6gETjrxy/7c=

free.nowgoal.plus/Content/Com/theme.css?v=638105847200000000

23.224.77.10

200 OK

1.0 kB

URL HTTP/2
free.nowgoal.plus/Content/Com/theme.css?v=638105847200000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.0 kB (1012 bytes)
Hash
fa7c4800ad17e7d8e36e9c85b65482e9
ec37b4791cde1fbdeb7943b3c8f69fedeba809cf
d6667d488445dc78e4967a6a51911ea4711365dc87d8684e9a8ca9e831578836

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Content/Com/theme.css?v=638105847200000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 02:25:20 GMT
accept-ranges: bytes
etag: "068daee8833d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1012
X-Firefox-Spdy: h2

free.nowgoal.plus/Content/Com/main.css?v=638106657070000000

23.224.77.10

200 OK

23 kB

URL HTTP/2
free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (338), with CRLF line terminators
Size
23 kB (22938 bytes)
Hash
d84904c197ee5c8d4b9a595a21a88ea0
fad69ca96473897e5031d5296d813db2a4335daf
a5232e4e6978ac72a8a0d0459bce0c764e9d32f506bba2758f4bccbab858a261

HTTP Headers

GET /Content/Com/main.css?v=638106657070000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 00:55:07 GMT
accept-ranges: bytes
etag: "80e7dd7e4534d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 22938
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Com/jquery.min.js?v=637691366600000000

23.224.77.10

200 OK

34 kB

URL HTTP/2
free.nowgoal.plus/scripts/Com/jquery.min.js?v=637691366600000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (32072), with CRLF line terminators
Size
34 kB (34035 bytes)
Hash
69e25f4d33a4082965995dfed5b1cd5a
c7fa7703bc0bf94a8d3e5bde1022bae62155afe3
88a4f58da905ec99f3a4405bd6ed938b16600be898c5a6156291525515e48b77

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Com/jquery.min.js?v=637691366600000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:04:20 GMT
accept-ranges: bytes
etag: "082ec2591bad71:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 34035
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/ng/config.js?v=638106983891957425

23.224.77.10

200 OK

371 B

URL HTTP/2
free.nowgoal.plus/scripts/ng/config.js?v=638106983891957425
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (688), with no line terminators
Size
371 B (371 bytes)
Hash
8e4161eb4474a7f04cffbeb5dc77df92
4058b59c2cb3db0420ec82d14b8295619c436edb
dbd74f9cedb4d911862b1dac5d6f878c203fe800f15058684d6054bede4c46c3

HTTP Headers

GET /scripts/ng/config.js?v=638106983891957425 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 09:59:49 GMT
accept-ranges: bytes
etag: "b136f9969134d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 371
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/Public.js?v=638084410840000000

23.224.77.10

200 OK

19 kB

URL HTTP/2
free.nowgoal.plus/scripts/Main/Public.js?v=638084410840000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (649), with CRLF line terminators
Size
19 kB (19342 bytes)
Hash
4d8ff95211e51a94b5e267bd266754aa
31f067977a1a8c55f1b881f6e39421ebe7c628cc
ba8acad3ef8d53720822521260dc7ed4c72d7d659b454c3ba49c5d3064403789

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Main/Public.js?v=638084410840000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 04 Jan 2023 06:58:04 GMT
accept-ranges: bytes
etag: "0e63ae4920d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 19342
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/localDiff.js?v=638106078980000000

23.224.77.10

200 OK

1.1 kB

URL HTTP/2
free.nowgoal.plus/scripts/Main/localDiff.js?v=638106078980000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1122 bytes)
Hash
b5b9cae764393c78f0e0c570af9915a8
ae0ea03fc9705f0e24c26b45804d2e63b66dd5cf
018d5ee42582526fdca7172afcfd83ccbd6fd8d2cc712c734522dd9dfa9bbd51

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Main/localDiff.js?v=638106078980000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 08:51:38 GMT
accept-ranges: bytes
etag: "0894e6be33d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1122
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/setting.js?v=637770638734614593

23.224.77.10

200 OK

1.6 kB

URL HTTP/2
free.nowgoal.plus/scripts/Main/setting.js?v=637770638734614593
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.6 kB (1554 bytes)
Hash
3f0ebcf35a099cade86e864e15ec6365
b6f7adc619ef37423d8e476dd32c50ad94f0fb3f
90c93915a2b181665922210736aef821ef817a6ea63f0ec557d455622acdf430

HTTP Headers

GET /scripts/Main/setting.js?v=637770638734614593 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 03:04:33 GMT
accept-ranges: bytes
etag: "80b61221aa2d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1554
X-Firefox-Spdy: h2

free.nowgoal.plus/Content/Com/header.less?v=638076474710000000

23.224.77.10

200 OK

1.0 kB

URL HTTP/2
free.nowgoal.plus/Content/Com/header.less?v=638076474710000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text
Size
1.0 kB (1029 bytes)
Hash
1722db9f9c03b5f2eabfc30b443d5b56
7bd9806c5a27d9d8ba270a360e24883ee384c765
6033647f4572c7f5d026b22ef249960ad3e13a0e7bdd1072abeb070095cf629a

HTTP Headers

GET /Content/Com/header.less?v=638076474710000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1029
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/ng/localDiff.js?v=638106080070000000

23.224.77.10

200 OK

1.5 kB

URL HTTP/2
free.nowgoal.plus/scripts/ng/localDiff.js?v=638106080070000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.5 kB (1487 bytes)
Hash
d29ba5a049f72ceabdcb1ca26e9082f0
ceab79f5ab677eddf0843a6038eb183f4d1a19ed
54fc59fe1500191c8d8175bc8e753a8251c7f7b7898924d15a2c4fb8e1dcb504

HTTP Headers

GET /scripts/ng/localDiff.js?v=638106080070000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 08:53:27 GMT
accept-ranges: bytes
etag: "809dfc26bf33d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1487
X-Firefox-Spdy: h2

free.nowgoal.plus/Content/Com/com.less?v=638105847200000000

23.224.77.10

200 OK

4.3 kB

URL HTTP/2
free.nowgoal.plus/Content/Com/com.less?v=638105847200000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text
Size
4.3 kB (4340 bytes)
Hash
021b36be410ecec58eb0a5c0e37e9b1a
ee12e5d87f1d5b6410f08875587847b24a5c8fe3
9b5361e9a8dcfe343d68abc05ffdd5977cefc5acbdc4e29607eea53c71dc439c

HTTP Headers

GET /Content/Com/com.less?v=638105847200000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 4340
X-Firefox-Spdy: h2

free.nowgoal.plus/Scripts/i18n/rs_index_ng.js

23.224.77.10

200 OK

2.3 kB

URL HTTP/2
free.nowgoal.plus/Scripts/i18n/rs_index_ng.js
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (5895), with no line terminators
Size
2.3 kB (2309 bytes)
Hash
cd6a7d1a45e3fc7b30247bbf3d0fce2f
0fe5aa0f152cb0cbecf0e399ea66f7e2d93b7042
ff7291cc01b728093a851002ed6ddb7a872c3cd4fac1a151ac5231518938378c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Scripts/i18n/rs_index_ng.js HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 09:59:49 GMT
accept-ranges: bytes
etag: "8058db969134d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2309
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/ng/serverDiff.js?v=637987435590000000

23.224.77.10

200 OK

1.8 kB

URL HTTP/2
free.nowgoal.plus/scripts/ng/serverDiff.js?v=637987435590000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.8 kB (1813 bytes)
Hash
4601d7e0605ba3bbd9646c515c0b1286
1c24048c25e855ba35cfe4faef56d8e0f3294515
6f33e4fe70e6d132ce1be6cd373543855535a9027c63b32e127f4fe57303bc83

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/ng/serverDiff.js?v=637987435590000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 01:12:39 GMT
accept-ranges: bytes
etag: "80dde614d7c7d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1813
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/AdCheck.js?v=637772574871339630

23.224.77.10

200 OK

408 B

URL HTTP/2
free.nowgoal.plus/scripts/Main/AdCheck.js?v=637772574871339630
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
408 B (408 bytes)
Hash
8f708037ffc39fd000ca1d4849af8060
e9f75e9f2402af41e49299de5723fdd10b9d3fe1
4eb844a663adf2cca1504e7788a0fa1d108f2462810b8f90aeba3fc8673e494c

HTTP Headers

GET /scripts/Main/AdCheck.js?v=637772574871339630 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 08 Jan 2022 08:51:27 GMT
accept-ranges: bytes
etag: "6e217ec6c4d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 408
X-Firefox-Spdy: h2

free.nowgoal.plus/scriptEx/ng/all_Ad.js?v=638106231532419554

23.224.77.10

200 OK

3.1 kB

URL HTTP/2
free.nowgoal.plus/scriptEx/ng/all_Ad.js?v=638106231532419554
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
3.1 kB (3143 bytes)
Hash
a6b994a2b70fe96af4937ff250d0625b
37a3ae1786bc1b7ff3649326e455de2a3f6f0132
d8bf9975a6f06b325b2e828c45b273a3224b9e4bb32b9f250bb12af38377836e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scriptEx/ng/all_Ad.js?v=638106231532419554 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 13:05:53 GMT
accept-ranges: bytes
etag: "80ceb46ae233d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3143
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/defaultBlank.js?v=638022265090000000

23.224.77.10

200 OK

233 B

URL HTTP/2
free.nowgoal.plus/scripts/Main/defaultBlank.js?v=638022265090000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
233 B (233 bytes)
Hash
874c9221a7b2ab877ea3947fe80d52c7
d6f01bacfed09a92a8c950ddb1916de6bb84b277
c660710367753df75e8369baf3fdded38e311fa975fb65e6c2807900e56f9c4b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Main/defaultBlank.js?v=638022265090000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 08:41:49 GMT
accept-ranges: bytes
etag: "8084e07484e7d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 233
X-Firefox-Spdy: h2

free.nowgoal.plus/images/down.jpg

23.224.77.10

200 OK

694 B

URL HTTP/2
free.nowgoal.plus/images/down.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 31 x 29, 8-bit/color RGBA, non-interlaced\012- data
Size
694 B (694 bytes)
Hash
0dd3f6effc30efe477bba91f05ddfd05
157bb68ee971b4f134602ec5328b9a1887b1ee5c
42ddafe5ac3e426a3855f5ab725b4c5d55657c39befcbb06ed55a1a4662b387e

HTTP Headers

GET /images/down.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sun, 03 Oct 2021 03:24:24 GMT
accept-ranges: bytes
etag: "9d2e502a6b8d71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 694
X-Firefox-Spdy: h2

free.nowgoal.plus/Content/Com/eventStyle.less?v=638105847200000000

23.224.77.10

200 OK

2.3 kB

URL HTTP/2
free.nowgoal.plus/Content/Com/eventStyle.less?v=638105847200000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text
Size
2.3 kB (2262 bytes)
Hash
662ecf9668c312c16bab43fc8b5e1a30
f540e57d8ae7ea6e036429a8c3fc3276f68bacca
aa5bea9a7c9192ea972079a37469313b030477d112898becb1034ac699a4bafb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Content/Com/eventStyle.less?v=638105847200000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2262
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114102211.jpg

23.224.77.10

200 OK

2.5 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114102211.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Size
2.5 kB (2466 bytes)
Hash
ed74c99ca87a5a533a17fc525b0c72fd
bd753103dda325623e6e023b5858b4830ca78d31
5deb25150876ca2c6ee06c672ce09c3e96cb6e00ec4cfdc0973ac6a0a64cfee0

HTTP Headers

GET /mn/20220114102211.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:22:11 GMT
accept-ranges: bytes
etag: "11cd8689ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2466
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/soccer/soccer_common.js?v=638097467710000000

23.224.77.10

200 OK

2.5 kB

URL HTTP/2
free.nowgoal.plus/scripts/Main/soccer/soccer_common.js?v=638097467710000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (793), with CRLF line terminators
Size
2.5 kB (2463 bytes)
Hash
a39c63d3080df4933989a6256105a2d3
22fbd993fa590f575637ae6b8c4f9e9f10aaa2f2
6beb07f738efcbe721e12cf3e2e97f4bcbe3355edeb675303c665955bce7f600

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Main/soccer/soccer_common.js?v=638097467710000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 09:39:31 GMT
accept-ranges: bytes
etag: "80b54eee92bd91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2463
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114095612.jpg

23.224.77.10

200 OK

3.4 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114095612.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 96x91, components 3\012- data
Size
3.4 kB (3381 bytes)
Hash
7f66a24e601aad5167a4ae40c2b120be
e3fe378f5e5470b4243e7b07719c4aae4d54aa27
d2f7a6580957669d7a7ca0a6451063133ceaf3abe369a4e01e81847537e97da5

HTTP Headers

GET /mn/20220114095612.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 01:56:12 GMT
accept-ranges: bytes
etag: "a1d322e8e98d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3381
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/soccer/flash.js?v=638105151340000000

23.224.77.10

200 OK

8.7 kB

URL HTTP/2
free.nowgoal.plus/scripts/Main/soccer/flash.js?v=638105151340000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (496), with CRLF line terminators
Size
8.7 kB (8660 bytes)
Hash
b78a7c4cb0fe9734f6ebebdffaba172f
14a81bab6296b911dcf55ac1543a138c5517936f
2f977ea3cd26a2ee2441c53a46d46a4efc03b6119e550fd14b50ae96da17d189

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Main/soccer/flash.js?v=638105151340000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 28 Jan 2023 07:05:34 GMT
accept-ranges: bytes
etag: "0735deae632d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 8660
X-Firefox-Spdy: h2

free.nowgoal.plus/images/ng/Logo.png

23.224.77.10

200 OK

5.6 kB

URL HTTP/2
free.nowgoal.plus/images/ng/Logo.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 325 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5614 bytes)
Hash
a8c78d12dfb5310d76423cd92f15616c
880392a5e3b183d63ee6a3be30c5e398f53595ea
396643a74ddd88dacbb5fcfd585d66b67fac36723b1e2aad78c5c8dc319122d0

HTTP Headers

GET /images/ng/Logo.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 26 Nov 2021 00:58:18 GMT
accept-ranges: bytes
etag: "b19f65b360e2d71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 5614
X-Firefox-Spdy: h2

free.nowgoal.plus/images/top.gif

23.224.77.10

200 OK

498 B

URL HTTP/2
free.nowgoal.plus/images/top.gif
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 31 x 29\012- data
Size
498 B (498 bytes)
Hash
9353fbbf91e2a0f692070218928555c9
3f614a60d25cd29b04cd8cdb0fc6cf927844ed1c
bbc9ecd1b1e1a480793c777810f4a873ea82a5dde914f1a494874d36c3f8e4a0

HTTP Headers

GET /images/top.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "e17e839805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 498
X-Firefox-Spdy: h2

free.nowgoal.plus/images/fb.gif

23.224.77.10

200 OK

432 B

URL HTTP/2
free.nowgoal.plus/images/fb.gif
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 31 x 31\012- data
Size
432 B (432 bytes)
Hash
b325c0a955b5d4d6ac51aa2537af38a3
9552f708f9ec3ef4bb24b9a4b288bbcf10cac120
fd72bcdd135629be85c27176a6e105edacdf66a29912fa631866ab1db7896a7b

HTTP Headers

GET /images/fb.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "28216439805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 432
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220722101215.png

23.224.77.10

200 OK

21 kB

URL HTTP/2
free.nowgoal.plus/mn/20220722101215.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 200 x 275, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21156 bytes)
Hash
b5df32b769c2af7c3266f28fbea3e318
05074c685f07e49f80d03a185d1f76869e5256f2
2a8e8685c1d9c8fd6c0664035b37c757940e5127e7652671b21ef8b4396ff142

HTTP Headers

GET /mn/20220722101215.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 22 Jul 2022 02:12:31 GMT
accept-ranges: bytes
etag: "8011987f709dd81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 21156
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114095736.png

23.224.77.10

200 OK

13 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114095736.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12703 bytes)
Hash
b0b3979fac40d2f2e294ab93859bc06f
c85ae4358900a206b87d13cfe553ffb7d7711db0
5249e2fdc69e6d6a2046adbeeee705dfe51976b9e273d082999df20c3e6d69c8

HTTP Headers

GET /mn/20220114095736.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 01:57:36 GMT
accept-ranges: bytes
etag: "96e49a1aea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 12703
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114100201.png

23.224.77.10

200 OK

5.6 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114100201.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Size
5.6 kB (5557 bytes)
Hash
4ec773253cb9a3b80b14632d4f8caa05
c10f27017de5515debf12fabd3ee48895b8bccae
84614a65aa7d0ae4c7aae275a2870489a789c700e74e28022ea312244d09251e

HTTP Headers

GET /mn/20220114100201.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:02:01 GMT
accept-ranges: bytes
etag: "d98075b8ea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 5557
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114100151.jpg

23.224.77.10

200 OK

12 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114100151.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 367x365, components 3\012- data
Size
12 kB (12521 bytes)
Hash
edd49146c4fb388c8b7e237b36db4812
d181048d76759cf2fb9922ec64dc57a9775b92ae
e381e92dca417d128db749cc029acb72ca5d1219f91ab43dee016f947e2de39a

HTTP Headers

GET /mn/20220114100151.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:01:51 GMT
accept-ranges: bytes
etag: "d48a78b2ea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 12521
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114100358.png

23.224.77.10

200 OK

2.2 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114100358.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 56x83, components 3\012- data
Size
2.2 kB (2230 bytes)
Hash
115c788b601f0b707df5242f6c04a881
bf77bb79c7176e2b298dade69e1b1039a45ef24e
62c0a994aec0283a954b5d5b034b9dac8300f37a7f36447cd8bc3be0e42f3c06

HTTP Headers

GET /mn/20220114100358.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:03:58 GMT
accept-ranges: bytes
etag: "dd1943feea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2230
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114100431.png

23.224.77.10

200 OK

3.9 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114100431.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3878 bytes)
Hash
fe07e7db2938f44a83a88ed8aa1b80f3
247e53fefa8295a66429746ae02b2154b6321d25
530b87bdc0c3cf8cbe83b999100114090f8e31ac7c64bcd64ff83449e4ac7a74

HTTP Headers

GET /mn/20220114100431.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:04:31 GMT
accept-ranges: bytes
etag: "502da211eb8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3878
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20221006082112.jpg

23.224.77.10

200 OK

2.6 kB

URL HTTP/2
free.nowgoal.plus/mn/20221006082112.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Size
2.6 kB (2551 bytes)
Hash
d3df0971d415bc337fda1c394dec26cc
dc6b88266906ce17d111f8f043db623eca567c94
38e68952b28a6a5d00f02e4edabd4c08ff3c4fef75d8441c1ff3a1147559f3f0

HTTP Headers

GET /mn/20221006082112.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 06 Oct 2022 00:21:16 GMT
accept-ranges: bytes
etag: "e5bbbc8c19d9d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2551
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114102258.jpg

23.224.77.10

200 OK

2.5 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114102258.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Size
2.5 kB (2532 bytes)
Hash
e463c9c160695e987ec4b8fb8fbdfa27
792b1467b27e6fed28acca83120ac543d99097bb
e926bc774bac21366664ce2ff9a689b2b37502dbcb40be368e9b249fe07f35bd

HTTP Headers

GET /mn/20220114102258.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:22:58 GMT
accept-ranges: bytes
etag: "fa3d86a5ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2532
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114102335.jpg

23.224.77.10

200 OK

2.4 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114102335.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Size
2.4 kB (2448 bytes)
Hash
ca61d3071be8c51d71d01e2e23f54af5
ef1b99d25f8f456927f96f9afe83e8699d4d88bc
0687f97bf077ee41591eb9d88ad314f62be56ba282855a44bbfe264876ca6011

HTTP Headers

GET /mn/20220114102335.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:23:35 GMT
accept-ranges: bytes
etag: "ebaedfbbed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2448
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114102419.png

23.224.77.10

200 OK

3.2 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114102419.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Size
3.2 kB (3187 bytes)
Hash
153e0e261bd4ff72acd0870674523378
1f460765aca815e75f6f2ecc5e5dfb015b8a5ed7
a17aacd60ac06a9540500b139a1474683407b901ff94a3e7229e9c1aab03cd5a

HTTP Headers

GET /mn/20220114102419.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:24:19 GMT
accept-ranges: bytes
etag: "489cfd5ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3187
X-Firefox-Spdy: h2

free.nowgoal.plus/mn/20220114102508.jpg

23.224.77.10

200 OK

2.1 kB

URL HTTP/2
free.nowgoal.plus/mn/20220114102508.jpg
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Size
2.1 kB (2118 bytes)
Hash
ab8a116d27b0a35602867d702c7bb793
9752eb1be90a38511a6a5be6fd917f4cffdda2eb
6b1b0f96499d91b3599aa6b4d85fe85fded207a1d620d1ac9ab152a8099644d2

HTTP Headers

GET /mn/20220114102508.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:25:08 GMT
accept-ranges: bytes
etag: "4d2e2f3ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2118
X-Firefox-Spdy: h2

free.nowgoal.plus/images/Ng/loading.gif

23.224.77.10

200 OK

938 B

URL HTTP/2
free.nowgoal.plus/images/Ng/loading.gif
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 230 x 18\012- data
Size
938 B (938 bytes)
Hash
93d039289c483a2ffc08399182398ab3
b197a8fd906b6c052d8af37475fd494d53bb3aae
b0759537a47d4a3e943db9d4b15bbc2f61776892d554cea95feee02962d132b5

HTTP Headers

GET /images/Ng/loading.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/gif
last-modified: Thu, 01 Dec 2022 08:02:08 GMT
accept-ranges: bytes
etag: "04063355b5d91:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 938
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/soccer/soccer.js?v=638106114720000000

23.224.77.10

200 OK

39 kB

URL HTTP/2
free.nowgoal.plus/scripts/Main/soccer/soccer.js?v=638106114720000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (563), with CRLF line terminators
Size
39 kB (39098 bytes)
Hash
1e980c57fa7aa740907c37f9ccf8d9ae
b528ba0e5dcf5e7330d3a96e32711c4120e0de35
331c5226bdd527aa3d22351b65f2abbd2b48cef94344409737787d5f7a4ea708

HTTP Headers

GET /scripts/Main/soccer/soccer.js?v=638106114720000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 09:51:12 GMT
accept-ranges: bytes
etag: "0a84938c733d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 39098
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/fly_ad.js?v=637774946286063125

23.224.77.10

200 OK

769 B

URL HTTP/2
free.nowgoal.plus/scripts/Main/fly_ad.js?v=637774946286063125
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
769 B (769 bytes)
Hash
364c8cac30ea93a836cf69e476fe748e
39ef83a7e619518eac16ebdb53631456904c55f2
9a9494a239c74e5d3c199a934587a0675394722e9c96149016c25cda5d03352d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Main/fly_ad.js?v=637774946286063125 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 02:43:48 GMT
accept-ranges: bytes
etag: "15e6cf956d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 769
X-Firefox-Spdy: h2

free.nowgoal.plus/images/share/Facebook.png

23.224.77.10

200 OK

686 B

URL HTTP/2
free.nowgoal.plus/images/share/Facebook.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
686 B (686 bytes)
Hash
3195d651673232fe24d8c9378480125c
7ad9fc9f9c16e4edb54ff664da829916cff2153d
62499f4f1de1b6f9a99cebc4bbf0ea8d9458dd3962d3812f131d787c5f0053f3

HTTP Headers

GET /images/share/Facebook.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "c6d3c139805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 686
X-Firefox-Spdy: h2

free.nowgoal.plus/images/share/Twitter.png

23.224.77.10

200 OK

1.2 kB

URL HTTP/2
free.nowgoal.plus/images/share/Twitter.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 37 x 33, 8-bit/color RGBA, interlaced\012- data
Size
1.2 kB (1169 bytes)
Hash
7c18e680e5772f5f0ed19f8272e29cde
d52ccb21f1bfbf9ec5e2d1d94badcdcf2830278c
9f836b4c3ae18adb1cf0c7059ad6eb21801b8c5bc0f0154ba0d976381d3d081f

HTTP Headers

GET /images/share/Twitter.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "8cf2c539805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1169
X-Firefox-Spdy: h2

free.nowgoal.plus/images/share/Telegram.png

23.224.77.10

200 OK

550 B

URL HTTP/2
free.nowgoal.plus/images/share/Telegram.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
550 B (550 bytes)
Hash
7f457f7b1fa5ddfb7a80c59f81387fef
f2831102cbc118e9a4db486988682eba5b766996
5db1c6c8969058eeca9e687db0b91df177ae14392cd80a7348a19ad9e90daeff

HTTP Headers

GET /images/share/Telegram.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 20 May 2022 00:31:23 GMT
accept-ranges: bytes
etag: "807fc2eee06bd81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 550
X-Firefox-Spdy: h2

free.nowgoal.plus/images/share/Tiktok.png

23.224.77.10

200 OK

782 B

URL HTTP/2
free.nowgoal.plus/images/share/Tiktok.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
782 B (782 bytes)
Hash
7428d0a1016b0a0215740ff4582904a6
24786b79cc9e27a00f2e962d2edfdd3522247742
459133e31773a1efe061b3aef51ad5c47a0593952c5aa41158ba066c3f6f07f9

HTTP Headers

GET /images/share/Tiktok.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "3179c739805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 782
X-Firefox-Spdy: h2

free.nowgoal.plus/ajax/IPchecker/?1675099009000

23.224.77.10

200 OK

120 B

URL HTTP/2
free.nowgoal.plus/ajax/IPchecker/?1675099009000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
very short file (no magic)
Size
120 B (120 bytes)
Hash
33d3779889f4a7f1c358ce308935ff7a
e072eb28f47d466d15353a644346b90f90ef9a90
660e01048e5820ad2665bba09bb409432858bb1eb674fcca35855d4e5f7955d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ajax/IPchecker/?1675099009000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 120
X-Firefox-Spdy: h2

free.nowgoal.plus/images/theme.png

23.224.77.10

200 OK

946 B

URL HTTP/2
free.nowgoal.plus/images/theme.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 48 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
946 B (946 bytes)
Hash
397053c2a835338a0cf25359d74da748
0924155b26e220e3adf041b8270712819c837ef1
dda3cfad11cf76c9b36c7baf81e96038f1a9dee5398708c9970d6240a15779ba

HTTP Headers

GET /images/theme.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "6185e439805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 946
X-Firefox-Spdy: h2

free.nowgoal.plus/Images/telegram.png

23.224.77.10

200 OK

605 B

URL HTTP/2
free.nowgoal.plus/Images/telegram.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
605 B (605 bytes)
Hash
b4343402a7f4f12380e84c2d361dda60
7cc297bea8ee4edde9606d9fe7a54ee6ea7223d6
317e42bed86cc985b998213d0212db938f96553747ad02b6dd2922c33c1767d9

HTTP Headers

GET /Images/telegram.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 20 May 2022 00:31:23 GMT
accept-ranges: bytes
etag: "807fc2eee06bd81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 605
X-Firefox-Spdy: h2

free.nowgoal.plus/images/twitter.png

23.224.77.10

200 OK

631 B

URL HTTP/2
free.nowgoal.plus/images/twitter.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
631 B (631 bytes)
Hash
5f63e2090ec3c17d50dd945521c95ac9
c323e5f40a1ff27cb95e740d492a202d51714506
b0999f9fe2598dea15023f7eabefbb8b3b6e21c5e100cf879a8a726f97ce2053

HTTP Headers

GET /images/twitter.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "c3beee39805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 631
X-Firefox-Spdy: h2

free.nowgoal.plus/images/light.png

23.224.77.10

200 OK

487 B

URL HTTP/2
free.nowgoal.plus/images/light.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
487 B (487 bytes)
Hash
a5657c32924627af2438b423d9fbc15b
14e393119fadb249357743a3deed59b5f01d60bc
337d84f8ad5bca57e4d9473a6070c1e34065ea30b12e7d3bff7b043a53d7c7f6

HTTP Headers

GET /images/light.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "b3259139805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 487
X-Firefox-Spdy: h2

free.nowgoal.plus/images/Baseball.png

23.224.77.10

200 OK

784 B

URL HTTP/2
free.nowgoal.plus/images/Baseball.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Size
784 B (784 bytes)
Hash
cfec8c0c0e9cbbc8025264b7031f13ac
725daf814226b71cf4474749d65c0f918c648aff
d33bc849aa4441c1622521a25b49963e9508ec0b218663c3d0a666c75e24fc60

HTTP Headers

GET /images/Baseball.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:54 GMT
accept-ranges: bytes
etag: "f6cf1939805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 784
X-Firefox-Spdy: h2

free.nowgoal.plus/images/soccer.png

23.224.77.10

200 OK

960 B

URL HTTP/2
free.nowgoal.plus/images/soccer.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Size
960 B (960 bytes)
Hash
fec4155d32e2c286a73fc9c7746d71c5
b0906075dee7d9a61fb46b3c2f6a7fee2557af62
ed12dcfd139deea9c957f749a674b348eaf08d94f97549139ab97cd144751b59

HTTP Headers

GET /images/soccer.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "25bfcb39805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 960
X-Firefox-Spdy: h2

free.nowgoal.plus/images/basketball.png

23.224.77.10

200 OK

990 B

URL HTTP/2
free.nowgoal.plus/images/basketball.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Size
990 B (990 bytes)
Hash
70df2eb5358ad9ca017a8be5e6696a10
19c2554b2a5ddce71aa05d3f45517f19837a7f8d
1fe085353adf78b3218ddb992fbad1765289c666c8f7290758ace1fdc3c7bcfe

HTTP Headers

GET /images/basketball.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:54 GMT
accept-ranges: bytes
etag: "2b451a39805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 990
X-Firefox-Spdy: h2

free.nowgoal.plus/images/Tennis.png

23.224.77.10

200 OK

1.0 kB

URL HTTP/2
free.nowgoal.plus/images/Tennis.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Size
1.0 kB (1012 bytes)
Hash
1917ab37ebc8aeedc0a5fdb860716f5b
c8ea76a97ce2cfdc910af6d85585bd66124a0b8a
83f04e03d526fdc8732b91d358377619ed08bd58fea2ad281ddbe607fcc946bb

HTTP Headers

GET /images/Tennis.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "f0c1e339805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1012
X-Firefox-Spdy: h2

free.nowgoal.plus/gf/data/bf_us.js?1675099009000

23.224.77.10

200 OK

7.3 kB

URL HTTP/2
free.nowgoal.plus/gf/data/bf_us.js?1675099009000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
7.3 kB (7275 bytes)
Hash
446f549b4e3fc1ae87467767220c11ca
32488a233a045e7dff3ee5a5e8e333d2d43da2a4
da258816ac652aad719796f11ca8f2bcbf452afbdb6120da91d7f532ac19f2fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/bf_us.js?1675099009000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:39 GMT
accept-ranges: bytes
etag: "80f53b9dce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 7275
X-Firefox-Spdy: h2

free.nowgoal.plus/images/f.png

23.224.77.10

200 OK

460 B

URL HTTP/2
free.nowgoal.plus/images/f.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
460 B (460 bytes)
Hash
2e970584c5a71f22d9270c7ef21d6556
9f544f8997d321b302e9b1ce65478bc697ff357b
69febd66fb9f29c616a0cb895f008d8a14a7e4394874a5ad7afa803a82f1179f

HTTP Headers

GET /images/f.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "f6616139805fd71:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 460
X-Firefox-Spdy: h2

free.nowgoal.plus/sound/sound4.mp3

23.224.77.10

206 Partial Content

4.2 kB

URL HTTP/2
free.nowgoal.plus/sound/sound4.mp3
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Size
4.2 kB (4167 bytes)
Hash
de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2

free.nowgoal.plus/sound/red.mp3

23.224.77.10

206 Partial Content

11 kB

URL HTTP/2
free.nowgoal.plus/sound/red.mp3
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Size
11 kB (10591 bytes)
Hash
7a817f2e5a2d18cfe59761388e4df45a
fda89f4f09f8efa091a33a15f4d6bcc35daa8205
819fa2f72fa9658146fed0fc9c2a07dccbce39a7bdadbcca75225b0aba2b8bf8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sound/red.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "bde44625f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 10591
content-range: bytes 0-10590/10591
X-Firefox-Spdy: h2

free.nowgoal.plus/sound/sound4.mp3

23.224.77.10

206 Partial Content

4.2 kB

URL HTTP/2
free.nowgoal.plus/sound/sound4.mp3
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Size
4.2 kB (4167 bytes)
Hash
de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2

free.nowgoal.plus/sound/sound4.mp3

23.224.77.10

206 Partial Content

4.2 kB

URL HTTP/2
free.nowgoal.plus/sound/sound4.mp3
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Size
4.2 kB (4167 bytes)
Hash
de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2

free.nowgoal.plus/sound/sound4.mp3

23.224.77.10

206 Partial Content

4.2 kB

URL HTTP/2
free.nowgoal.plus/sound/sound4.mp3
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Size
4.2 kB (4167 bytes)
Hash
de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2

free.nowgoal.plus/sound/sound4.mp3

23.224.77.10

206 Partial Content

4.2 kB

URL HTTP/2
free.nowgoal.plus/sound/sound4.mp3
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Size
4.2 kB (4167 bytes)
Hash
de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2

free.nowgoal.plus/sound/sound4.mp3

23.224.77.10

206 Partial Content

4.2 kB

URL HTTP/2
free.nowgoal.plus/sound/sound4.mp3
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Size
4.2 kB (4167 bytes)
Hash
de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2

free.nowgoal.plus/gf/data/odds/en/goal8.xml?1675099010000

23.224.77.10

200 OK

3.9 kB

URL HTTP/2
free.nowgoal.plus/gf/data/odds/en/goal8.xml?1675099010000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (8313), with no line terminators
Size
3.9 kB (3870 bytes)
Hash
08271a077f97551049ae1a3c5344bd98
dddb0b72b70ffb24e18da6f1d28c76ec24b544ad
0e03c0b30433b31981570010bc992c9bdc7b5ef488519b05233fc29ef12dac42

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/odds/en/goal8.xml?1675099010000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:48 GMT
accept-ranges: bytes
etag: "538b19a3ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 3870
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3c508c2e8edfb108120f3dca28a1c43
9e4c2606f1a5c9586ef370fbcf23c38cb9827348
1e9aa3a414849ba35f95481513432d8ebf9c934eee0b380ed94f4b15829b0396

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E9AA3A414849BA35F95481513432D8EBF9C934EEE0B380ED94F4B15829B0396"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21418
Expires: Mon, 30 Jan 2023 23:13:35 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3c508c2e8edfb108120f3dca28a1c43
9e4c2606f1a5c9586ef370fbcf23c38cb9827348
1e9aa3a414849ba35f95481513432d8ebf9c934eee0b380ed94f4b15829b0396

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E9AA3A414849BA35F95481513432D8EBF9C934EEE0B380ED94F4B15829B0396"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16085
Expires: Mon, 30 Jan 2023 21:44:42 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1f279e1cb12802f1f1436935b041a307
4c86893c034ebf10bdeeeb018bca20da0ab4f69d
c31db9a5b4557c765b97686f83d7332ae5d5e5b7824b403bf65c92665f817071

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31DB9A5B4557C765B97686F83D7332AE5D5E5B7824B403BF65C92665F817071"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17087
Expires: Mon, 30 Jan 2023 22:01:24 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1f279e1cb12802f1f1436935b041a307
4c86893c034ebf10bdeeeb018bca20da0ab4f69d
c31db9a5b4557c765b97686f83d7332ae5d5e5b7824b403bf65c92665f817071

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31DB9A5B4557C765B97686F83D7332AE5D5E5B7824B403BF65C92665F817071"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17135
Expires: Mon, 30 Jan 2023 22:02:12 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1f279e1cb12802f1f1436935b041a307
4c86893c034ebf10bdeeeb018bca20da0ab4f69d
c31db9a5b4557c765b97686f83d7332ae5d5e5b7824b403bf65c92665f817071

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31DB9A5B4557C765B97686F83D7332AE5D5E5B7824B403BF65C92665F817071"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17188
Expires: Mon, 30 Jan 2023 22:03:05 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10997 bytes)
Hash
65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 68860
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 69430
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 69915
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvqpQI-tR9W2NwvIgoi8loQaD--rOgVYFdLdkdlaXMhe4ts9mYqahg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:50:16 GMT
age: 69981
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 05:47:49 GMT
age: 41328
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9457 bytes)
Hash
51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 68200
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

free.nowgoal.plus/gf/tvlive/tvlive_en_fb.txt?1675099010000

23.224.77.10

200 OK

1.1 kB

URL HTTP/2
free.nowgoal.plus/gf/tvlive/tvlive_en_fb.txt?1675099010000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (3604), with no line terminators
Size
1.1 kB (1087 bytes)
Hash
d6dd2716f2dbce2c242507fbf81d54bb
21dc8f2500763826c12676763cea83bc097c34d2
c99a1f6de37220b58db00d309c7a3832dc7f909e0649e029af640082e39d838a

HTTP Headers

GET /gf/tvlive/tvlive_en_fb.txt?1675099010000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/plain
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 16:01:47 GMT
accept-ranges: bytes
etag: W/"8027cb27c434d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 1087
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20220912084941.gif

104.22.54.149

200 OK

37 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20220912084941.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 353 x 45\012- data
Size
37 kB (36792 bytes)
Hash
c6dc37552e6ccbc61e3e3123c933e9b4
a98000678fe4709a2337a535804f5012a9288dbb
a654dfc5ee9bfe282a87571c31f2a74b57522cd9f7ce60ccd3c79ea77873e674

HTTP Headers

GET /mn/20220912084941.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 36792
last-modified: Mon, 12 Sep 2022 00:49:51 GMT
etag: "5047c89041c6d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e63b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20220815092912.gif

104.22.54.149

200 OK

38 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20220815092912.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 350 x 45\012- data
Size
38 kB (37765 bytes)
Hash
4018e461acd3cf7e463fcd54cd6412bf
9cda3d0c0f8d39abdeb8b9d4472284b3ec7c4667
de980d19431ed8876ed3e10e8222b45c4eaeabdb8ddb6775b3e1f1b45b91825b

HTTP Headers

GET /mn/20220815092912.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 37765
last-modified: Mon, 15 Aug 2022 01:29:27 GMT
etag: "722c47546b0d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e73b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20230114094103.gif

104.22.54.149

200 OK

49 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20230114094103.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 70 x 136\012- data
Size
49 kB (49229 bytes)
Hash
b95830c0689f5de1fc2c0532a740c78c
bc4e1b64cf01278b6e1900813027cdf5f9487363
760d434b26cfc38d0ccd987661cbf7f0f0694948ab9edffb13d933a1b4b17257

HTTP Headers

GET /mn/20230114094103.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 49229
last-modified: Sat, 14 Jan 2023 01:41:15 GMT
etag: "66be6b4ab927d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e6ab51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20220815164508.gif

104.22.54.149

200 OK

49 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20220815164508.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 350 x 45\012- data
Size
49 kB (49146 bytes)
Hash
007d93b2d5d18aaa4f21b7c4657f5db1
56c123f5a9fdcbe6bae2fa764bc32c283c68cb83
6c8843a9fb27b8aa515ab8c85a8804850caec2a5b28ab327fe1982120f86f295

HTTP Headers

GET /mn/20220815164508.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 49146
last-modified: Tue, 15 Nov 2022 08:47:39 GMT
etag: "28475ebcef8d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e76b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20221122172459.gif

104.22.54.149

200 OK

39 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20221122172459.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 70 x 270\012- data
Size
39 kB (38783 bytes)
Hash
c6c2becde8646b9de715256400ced4c6
4048bad08cce6e804a37e75847a12881c05d4597
368b2bf7c8ac2427770274dbe38c2e0d5cf4f99fe73a4fce5aabb666599f0314

HTTP Headers

GET /mn/20221122172459.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 38783
last-modified: Tue, 22 Nov 2022 09:24:52 GMT
etag: "42edc44654fed81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e68b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20220912085015.gif

104.22.54.149

200 OK

33 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20220912085015.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 353 x 45\012- data
Size
33 kB (33347 bytes)
Hash
aed7d9a9d797762c3450de8ceec6a9a4
90d478607cb4c869624b4e2dce2f259929a84c22
c1733cb835ac376f8dc10af7a2251fc893ca2b89e2f2ad5ac2e1bf08225d0fcb

HTTP Headers

GET /mn/20220912085015.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 33347
last-modified: Mon, 12 Sep 2022 00:50:22 GMT
etag: "f4a3a4a341c6d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e5e8cb51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20220912085024.gif

104.22.54.149

200 OK

38 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20220912085024.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 710 x 45\012- data
Size
38 kB (37668 bytes)
Hash
700e34a9a366daf58992f7332fc97941
19be701d841871a125f005b1d969dd93d1b1dd2c
61ce5bf4f429b9860db486de57c2b1ce83f6242bdf7036b01cc5a80aed8be4ea

HTTP Headers

GET /mn/20220912085024.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 37668
last-modified: Mon, 12 Sep 2022 00:50:35 GMT
etag: "fa7026ab41c6d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e6e97b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20221207092916.gif

104.22.54.149

200 OK

23 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20221207092916.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 710 x 45\012- data
Size
23 kB (23244 bytes)
Hash
8b38f269462cbf4dc4e6a584445ff83a
d0af94c8e8013f0cd751f1566d765f6d3c98bdf4
f6500273cea76f942438406f2c0158042ed5c1cfa3090531b64ccabe42d55dea

HTTP Headers

GET /mn/20221207092916.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 23244
last-modified: Wed, 07 Dec 2022 01:29:19 GMT
etag: "b9a33254db9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e6e99b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20221207092815.gif

104.22.54.149

200 OK

51 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20221207092815.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 70 x 270\012- data
Size
51 kB (51096 bytes)
Hash
6ae4d7b2a94784c562b2775b8085247a
bd1d9734bf1ae8997486914d1f282b6dfb9a40b0
d47fbcc2861b20e88c9ef7f5e8451c1725ee0bc2c14fac5078933a015a873d2b

HTTP Headers

GET /mn/20221207092815.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 51096
last-modified: Wed, 07 Dec 2022 01:28:21 GMT
etag: "e55f5f31db9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e66b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20230118101812.gif

104.22.54.149

200 OK

49 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20230118101812.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 350 x 45\012- data
Size
49 kB (48953 bytes)
Hash
301f3b2efd4e55e66050c59540a36b7d
9aa9a927f3bdb724c51c8913f382d2a199f1e2eb
dc5b73733cc998cc793455a2c351d4e6a8eb5cd4984016e28670dff7ef0a4ec2

HTTP Headers

GET /mn/20230118101812.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 48953
last-modified: Wed, 18 Jan 2023 02:18:28 GMT
etag: "ad44d126e32ad91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e6cb51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20230114093509.gif

104.22.54.149

200 OK

51 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20230114093509.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 155 x 80\012- data
Size
51 kB (50849 bytes)
Hash
90e08f6a14abef2bfeb7be0e3898e53b
ffa6ee7d4d780c5d40afae9e62dd8708289b58aa
c7b56697ee499273e37491c77b67c046891ac50fd6c36235323fa1f68201824f

HTTP Headers

GET /mn/20230114093509.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 50849
last-modified: Sat, 14 Jan 2023 01:35:23 GMT
etag: "20889a78b827d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e7ec7b51e-OSL
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20230114093657.gif

104.22.54.149

200 OK

39 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20230114093657.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 155 x 80\012- data
Size
39 kB (38736 bytes)
Hash
3304663b524687c5e4c5aced759a4dc6
98f1ca20341dcb154b4fb5e24d61f3ca525d4f2b
195fdde42ab07f75a49c1369643af22527245bddd1f4eabb8ab3d30b99ee82f6

HTTP Headers

GET /mn/20230114093657.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 38736
last-modified: Sat, 14 Jan 2023 01:37:11 GMT
etag: "e16afdb8b827d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e5e7ab51e-OSL
X-Firefox-Spdy: h2

user.nowgoal6.com//sso/ssologinpcjs?opr=2

128.14.140.86

200 OK

36 B

URL HTTP/1.1
user.nowgoal6.com//sso/ssologinpcjs?opr=2
IP
128.14.140.86:0
ASN
#21859 ZEN-ECN

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
ed3173eb9f7d973bd0f46fb7dc62ce2d
9c0106a087d87b95963b2af3205ccb2ebb3d1763
136055a8be430942f15c65799930f9a91a96e62f77c3a56354d142e1eabbf223

HTTP Headers

GET //sso/ssologinpcjs?opr=2 HTTP/1.1
Host: user.nowgoal6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 17:16:37 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 36
Connection: keep-alive
Cache-Control: private

user.nowgoal6.com//sso/ssologinpcjs/

128.14.140.86

200 OK

184 B

URL HTTP/1.1
user.nowgoal6.com//sso/ssologinpcjs/
IP
128.14.140.86:0
ASN
#21859 ZEN-ECN

File type
ASCII text, with no line terminators
Size
184 B (184 bytes)
Hash
f7cd3faf5d1b377461d2457b8b2927f3
143193da767fd938564820c8267267040198b2ea
ae739d429ae241109dda7b2a03cc35bcc862d2518bf979bd8cfae62581f4914d

HTTP Headers

GET //sso/ssologinpcjs/ HTTP/1.1
Host: user.nowgoal6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 17:16:37 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private
Content-Encoding: gzip

free.nowgoal.plus/ajax/GetTipsCount

23.224.77.10

200 OK

316 B

URL HTTP/2
free.nowgoal.plus/ajax/GetTipsCount
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
JSON data\012- , ASCII text, with very long lines (724), with no line terminators
Size
316 B (316 bytes)
Hash
6ea5a8a695e2e28c1d73564c931b8f67
3f7007e53bc49847a79f9d5eaf2dd1cba7065fa7
a156e6bdc2faf5f5f796a233101485d83c1687c7b94625ddbaff9a56ad97e239

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ajax/GetTipsCount HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 316
X-Firefox-Spdy: h2

platform.twitter.com/widgets.js

93.184.220.66

200 OK

28 kB

URL HTTP/1.1
platform.twitter.com/widgets.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (38752)
Size
28 kB (27630 bytes)
Hash
8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368

HTTP Headers

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 391
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "63d71410-1d7"
Last-Modified: Mon, 30 Jan 2023 16:57:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
93e097027f2d53e4c41ac3a4ef1b210c
83cb79e5ced32851d1c3513e4a9ab65bc9a31e93
6bcc8888fed5f48846a37f451d0517dba26cec5cf90d72082a80ab77abf05598

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/plusone.js

172.217.21.174

200 OK

21 kB

URL HTTP/2
apis.google.com/js/plusone.js
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1429)
Size
21 kB (20950 bytes)
Hash
f8971f3ad662af35a2ca6871f8c78482
35a0b814d6ecec8deacc9aea87ce9be62b15d92b
a438d380bab44504b1ff13673a0e041c6ac6645d03926e7f076465d1fe049765

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Mon, 30 Jan 2023 17:16:38 GMT
expires: Mon, 30 Jan 2023 17:16:38 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

connect.facebook.net/en_US/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1687 bytes)
Hash
f1804c3911300670354afe11e728c241
9f56de8082c410112a948c42df4d3c54e29f60ce
3fb5ff9ecb952fe0b73240585a3754cb0dfa829b660c2d779a087c6d3152772d

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2ba9501498ccf17da9195a44437c7903
etag: "bdf4498e1f60b655bde454a4c1c4beb8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 30 Jan 2023 17:24:50 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 8YBMOREwBnA1Sv4R5yjCQQ==
x-fb-debug: paSIHG2HmjC+t5EvgePrkq3WW5PAF1aV4pINqHbGrrRyh3PQfNpoMnxDvX02ksuqCF50SKmbOX/djPW0u8BTPw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Mon, 30 Jan 2023 17:16:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "63d71410-1d7"
Last-Modified: Mon, 30 Jan 2023 16:57:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

free.nowgoal.plus/favicon.ico

23.224.77.10

200 OK

894 B

URL HTTP/2
free.nowgoal.plus/favicon.ico
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Size
894 B (894 bytes)
Hash
f2c460278a525c8493fc1277d6c9dea9
042799b382fc3516ef6c2af357102c5aa790b253
6d65dcb67d6d8a2cb63106d1bf5087325fa39e1c1188eb1a4bba9cf19df18583

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Wed, 06 Dec 2017 07:53:03 GMT
accept-ranges: bytes
etag: "8019503e676ed31:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 894
X-Firefox-Spdy: h2

free.nowgoal.plus/images/star_off.png

23.224.77.10

200 OK

413 B

URL HTTP/2
free.nowgoal.plus/images/star_off.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
413 B (413 bytes)
Hash
931f64d9452b946774c4bb0083e37095
0d6166952f782dcceba76832be4762482c2f3edf
3b4be8d81d0ae7b06868b4942eeb9b3db9306c25f2f86a8111a6fee95e655d24

HTTP Headers

GET /images/star_off.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "b6d9d139805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 413
X-Firefox-Spdy: h2

free.nowgoal.plus/images/star_on.png

23.224.77.10

200 OK

364 B

URL HTTP/2
free.nowgoal.plus/images/star_on.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
d8dc74ae8d8effcd784602f68eae3df4
2392b48820ca8c335bdb6e5cc731a62cc583558a
a0b9944042ea8b2e34bd4140b939d86a7f3c58410cbb524bceffd456f22572fb

HTTP Headers

GET /images/star_on.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "21c4d239805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 364
X-Firefox-Spdy: h2

free.nowgoal.plus/images/Ng/tv.png

23.224.77.10

200 OK

527 B

URL HTTP/2
free.nowgoal.plus/images/Ng/tv.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
527 B (527 bytes)
Hash
68fa07d04f53f93a56a9cb175504593b
a7ef2d6f523bb14da0565da4297d963516dd4c2d
a031ba1e03e1e530ca68f5bcfa92cbab71428bf5de95b4e3d58041dbd03b242e

HTTP Headers

GET /images/Ng/tv.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 25 Dec 2021 07:26:26 GMT
accept-ranges: bytes
etag: "5cfbe9b960f9d71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 527
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20230106171945.gif

104.22.54.149

200 OK

27 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20230106171945.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 710 x 35\012- data
Size
27 kB (26960 bytes)
Hash
0c121857b3f55a40d0d80b6b9b4e7df4
9fad3d990896a01fc444516c51a2659eab9ff5bf
fa864c2d2da99366e15ac103eec0df211b651da4211f6edd11de625facdab250

HTTP Headers

GET /mn/20230106171945.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:38 GMT
content-type: image/gif
content-length: 26960
last-modified: Fri, 06 Jan 2023 09:20:15 GMT
etag: "e3425916b021d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb423cb3b51e-OSL
X-Firefox-Spdy: h2

free.nowgoal.plus/images/allno.png

23.224.77.10

200 OK

249 B

URL HTTP/2
free.nowgoal.plus/images/allno.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
249 B (249 bytes)
Hash
967c95fd2a51105486fe25afd5e7aac0
9ffdd20bdaab8cec448907c54554d55560e0b068
f93679a9d7a471ef56720ee40c8377412bb8502dc9bba7bab675b5c0fcf8026e

HTTP Headers

GET /images/allno.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/eventStyle.less?v=638105847200000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 06 Oct 2021 09:04:20 GMT
accept-ranges: bytes
etag: "082ec2591bad71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 249
X-Firefox-Spdy: h2

free.nowgoal.plus/images/analysis.png

23.224.77.10

200 OK

272 B

URL HTTP/2
free.nowgoal.plus/images/analysis.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
272 B (272 bytes)
Hash
906cd7e3a205f329a038fd4d6fc50551
0c539c7ed33a3f84d36f80de2704ec1ac974bbd1
6088ea08d5cb46523ebb6a717c78a2bbd55377550fa7e572fab0fcb1e0485bbd

HTTP Headers

GET /images/analysis.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:54 GMT
accept-ranges: bytes
etag: "3e3fa39805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 272
X-Firefox-Spdy: h2

free.nowgoal.plus/images/odds.png

23.224.77.10

200 OK

336 B

URL HTTP/2
free.nowgoal.plus/images/odds.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
336 B (336 bytes)
Hash
ffe7e4dea5a87a5860a64aa39137b3a7
6e086cac01692fe304a41d212c1307e6efa43fcd
9986365d6b4f15bdbe1a11668a5ffd125faa4f0afbbd630a456f2b3551926fd1

HTTP Headers

GET /images/odds.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "71ab139805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 336
X-Firefox-Spdy: h2

free.nowgoal.plus/images/ng/t5.png

23.224.77.10

200 OK

325 B

URL HTTP/2
free.nowgoal.plus/images/ng/t5.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 16 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
325 B (325 bytes)
Hash
554758bef9afc93ba4376d56c844fa30
cdb329fcc293318b8ad9292f26f5cd1cd37ed652
726278f740f7ae7ff2329997a2a5c7154c7191f1665c37e0803c295f464a454e

HTTP Headers

GET /images/ng/t5.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 03 Jan 2023 06:52:15 GMT
accept-ranges: bytes
etag: "80f9cbe93f1fd91:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 325
X-Firefox-Spdy: h2

free.nowgoal.plus/images/ng/matchdata.png

23.224.77.10

200 OK

422 B

URL HTTP/2
free.nowgoal.plus/images/ng/matchdata.png
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
PNG image data, 19 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
422 B (422 bytes)
Hash
20c08f93a02befbdc3c016233adcabac
484ee34900129e562d9902be457121dff7968915
9764eb98d55d7f7f7a2729513ab303ec937887dc6db560928b0b8cf0adeb5fe2

HTTP Headers

GET /images/ng/matchdata.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 03 Jan 2023 06:52:15 GMT
accept-ranges: bytes
etag: "80f9cbe93f1fd91:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 422
X-Firefox-Spdy: h2

img_nowgoal.thscore.fun/mn/20230106171146.gif

104.22.54.149

200 OK

49 kB

URL HTTP/2
img_nowgoal.thscore.fun/mn/20230106171146.gif
IP
104.22.54.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 710 x 35\012- data
Size
49 kB (48568 bytes)
Hash
0b8aceebde29b538133523431ee15ff8
7dd3f4f74429f4e204a214d58368a06e26700668
fc69d8324a372149351cf04d163573b06f17c8de5f0f8c6233c0eada91599c20

HTTP Headers

GET /mn/20230106171146.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:38 GMT
content-type: image/gif
content-length: 48568
last-modified: Fri, 06 Jan 2023 09:12:11 GMT
etag: "a299cf5ae21d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb423cbcb51e-OSL
X-Firefox-Spdy: h2

free.nowgoal.plus/gf/data/odds/en/runOddsData_8.txt?1675099011000

23.224.77.10

200 OK

4.4 kB

URL HTTP/2
free.nowgoal.plus/gf/data/odds/en/runOddsData_8.txt?1675099011000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (19594), with no line terminators
Size
4.4 kB (4392 bytes)
Hash
7f5fed498ed3d6130727163a7fcd3cd6
2eea047b80368a4fcc852a80233a0bf38cca6831
1cbaa983222c5c57bcee6cd11298402f2bdfa26a27719af766e441e66be4e865

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/odds/en/runOddsData_8.txt?1675099011000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/plain
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:51 GMT
accept-ranges: bytes
etag: W/"80363a4ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 4392
X-Firefox-Spdy: h2

platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus

93.184.220.66

200 OK

105 kB

URL HTTP/1.1
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size
105 kB (105435 bytes)
Hash
58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789

HTTP Headers

GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 502403
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
8dd38092d440d9d71039ccaf8e78b5e8
d164d292dd948c30e5b871dd15027a730d421987
78d10840c0ea8608c44ecc6cd96e3a8249cd1088841a782a82b79c976daf7468

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4469
Cache-Control: max-age=133454
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "63d7504f-138"
Expires: Wed, 01 Feb 2023 06:20:52 GMT
Last-Modified: Mon, 30 Jan 2023 05:06:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312

free.nowgoal.plus/Scripts/Ng/tongji.js

23.224.77.10

200 OK

383 B

URL HTTP/2
free.nowgoal.plus/Scripts/Ng/tongji.js
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
383 B (383 bytes)
Hash
52b10dba1ca91c8c1c7d2db5dbae253e
2e17d7d65a7470af7be3ce0248a1c5511c0b1287
dc00b2578fcf9bbe1e6d5b9c08ef8e641e99cca4bbf77a34106371ec5097e31f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Scripts/Ng/tongji.js HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:44:48 GMT
accept-ranges: bytes
etag: "0e87f4848a5d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 383
X-Firefox-Spdy: h2

syndication.twitter.com/settings?session_id=1338bcecb1b4d4f2aab38c7a95102770a4e0d05a

104.244.42.136

200 OK

326 B

URL HTTP/2
syndication.twitter.com/settings?session_id=1338bcecb1b4d4f2aab38c7a95102770a4e0d05a
IP
104.244.42.136:0
ASN
#13414 TWITTER

File type
JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Size
326 B (326 bytes)
Hash
11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff

HTTP Headers

GET /settings?session_id=1338bcecb1b4d4f2aab38c7a95102770a4e0d05a HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:38 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Mon, 30 Jan 2023 17:16:38 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 220c52135798ed9c
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 113
x-connection-hash: a02881afecad6a776fb5ad318dbded1cad3f5ff4055a21f56509f582554c7631
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-77FSGHPJTH

142.250.74.40

200 OK

80 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-77FSGHPJTH
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (27699)
Size
80 kB (79839 bytes)
Hash
a33f71483b63cf362f194cbdd5c05eab
2e049326e2c6d36193ef9897ac575ff3e7a47bd0
e87e366ef8e620ee58c64fd0c372c703d88800b21672f99e8de9578505ac9ca6

HTTP Headers

GET /gtag/js?id=G-77FSGHPJTH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:38 GMT
expires: Mon, 30 Jan 2023 17:16:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

free.nowgoal.plus/gf/data/change_en.xml?1675099011000

23.224.77.10

200 OK

257 B

URL HTTP/2
free.nowgoal.plus/gf/data/change_en.xml?1675099011000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
XML document, ASCII text, with no line terminators
Size
257 B (257 bytes)
Hash
708190e9f982863aa97552ce26b2bef0
4c1801a630b4f22478b4a9d7379ca9b287c738c9
f2406d4d9ae4130c9321598b69c423bfe64e4637e15a839c84857b97563d51de

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/change_en.xml?1675099011000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:38 GMT
accept-ranges: bytes
etag: W/"7842cd9cce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 257
X-Firefox-Spdy: h2

free.nowgoal.plus/images/in.gif

23.224.77.10

200 OK

88 B

URL HTTP/2
free.nowgoal.plus/images/in.gif
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 3 x 8\012- data
Size
88 B (88 bytes)
Hash
654680cdd2420d99f2dae65391535241
a73743af5591ec33aca3bce09cc03df9d90eb10f
c4514603172ef7d32b0b391f2925506f1529fb39257079a12cdc2cf74c9c8fba

HTTP Headers

GET /images/in.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/gif
last-modified: Mon, 20 Jun 2022 02:19:02 GMT
accept-ranges: bytes
etag: "0ef6d1b4c84d81:0"
date: Mon, 30 Jan 2023 17:16:54 GMT
content-length: 88
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
89086667f6ed6d6b5cd0560f56590bce
3713db85315606d927b997c1da8ba9a7e04255e1
dfccfc12b8d43ed87ab681feb045bc0673b7b16250f22dcd7c8a108f4663b749

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:16:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 15:40:14 GMT
ETag: "3713db85315606d927b997c1da8ba9a7e04255e1"
Last-Modified: Mon, 30 Jan 2023 15:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2073
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bdb4b2eb0b506-OSL

region1.google-analytics.com/g/collect?v=2&tid=G-77FSGHPJTH&gtm=2oe1p0&_p=480335195&cid=1016697391.1675099012&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099012&sct=1&seg=0&dl=https%3A%2F%2Ffree.nowgoal.plus%2F&dt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-77FSGHPJTH&gtm=2oe1p0&_p=480335195&cid=1016697391.1675099012&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099012&sct=1&seg=0&dl=https%3A%2F%2Ffree.nowgoal.plus%2F&dt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-77FSGHPJTH&gtm=2oe1p0&_p=480335195&cid=1016697391.1675099012&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099012&sct=1&seg=0&dl=https%3A%2F%2Ffree.nowgoal.plus%2F&dt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://free.nowgoal.plus
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://free.nowgoal.plus
date: Mon, 30 Jan 2023 17:16:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?0394be8d23ef30dfa25c2fe6e78fb15b

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?0394be8d23ef30dfa25c2fe6e78fb15b
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (698)
Size
11 kB (11336 bytes)
Hash
308b5964345949eb03f10ba26b18707a
e1339484139276a16ca2b99557aef785fc567922
0776bbc252a0a6d6ee3af505eebf786428a1634d6428b6b8129a108b66ad7a38

HTTP Headers

GET /hm.js?0394be8d23ef30dfa25c2fe6e78fb15b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:16:39 GMT
Etag: d92d278128efc1f68897773f9666faae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8F1D47B82290C9BC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2011361190&si=0394be8d23ef30dfa25c2fe6e78fb15b&v=1.3.0&lv=1&sn=24414&r=0&ww=1280&u=https%3A%2F%2Ffree.nowgoal.plus%2F&tt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2011361190&si=0394be8d23ef30dfa25c2fe6e78fb15b&v=1.3.0&lv=1&sn=24414&r=0&ww=1280&u=https%3A%2F%2Ffree.nowgoal.plus%2F&tt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2011361190&si=0394be8d23ef30dfa25c2fe6e78fb15b&v=1.3.0&lv=1&sn=24414&r=0&ww=1280&u=https%3A%2F%2Ffree.nowgoal.plus%2F&tt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:16:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5D4201A596EB6A20; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

free.nowgoal.plus/gf/data/panlu_kr.js?1675099013000

23.224.77.10

200 OK

4.8 kB

URL HTTP/2
free.nowgoal.plus/gf/data/panlu_kr.js?1675099013000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
ASCII text, with CRLF line terminators
Size
4.8 kB (4840 bytes)
Hash
7117b587ce042e68c9e83cd42bcbe59c
e96c3d411688f8439346e6737915019ee8352c1b
4b1fa58c126b93a7af11df78a2305bef466da23a83c2ec047b0c3df5a2bb022a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/panlu_kr.js?1675099013000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:03:31 GMT
accept-ranges: bytes
etag: W/"80b38cc7cc34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:55 GMT
content-length: 4840
X-Firefox-Spdy: h2

free.nowgoal.plus/gf/data/sbCorner.js?1675099013000

23.224.77.10

200 OK

4.0 kB

URL HTTP/2
free.nowgoal.plus/gf/data/sbCorner.js?1675099013000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (14648), with no line terminators
Size
4.0 kB (4004 bytes)
Hash
428081aa8713155a89a666ed62e1c72c
3f04aa49b713d8a9fcaafdb3691ce101135fc287
70aeb5a61d04bcfd979f9b709e5377c535813841e07eaca6ccee41b1eec1b6f6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/sbCorner.js?1675099013000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:44 GMT
accept-ranges: bytes
etag: "0e636a0ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:55 GMT
content-length: 4004
X-Firefox-Spdy: h2

free.nowgoal.plus/gf/data/odds/en/ch_goal8.xml?1675099014000

23.224.77.10

200 OK

1.0 kB

URL HTTP/2
free.nowgoal.plus/gf/data/odds/en/ch_goal8.xml?1675099014000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (1819), with no line terminators
Size
1.0 kB (1040 bytes)
Hash
41e109fad79a40d096a703c8f58dc658
92c61b97848cda78cd47585963d26fe52f8f224a
3b64b45d2b521290a473732e6cde36200408af9c19ea729df591252ccd906663

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/odds/en/ch_goal8.xml?1675099014000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:45 GMT
accept-ranges: bytes
etag: W/"c9ec5da1ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:56 GMT
content-length: 1040
X-Firefox-Spdy: h2

free.nowgoal.plus/gf/data/change_en.xml?1675099014000

23.224.77.10

200 OK

257 B

URL HTTP/2
free.nowgoal.plus/gf/data/change_en.xml?1675099014000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type
XML document, ASCII text, with no line terminators
Size
257 B (257 bytes)
Hash
708190e9f982863aa97552ce26b2bef0
4c1801a630b4f22478b4a9d7379ca9b287c738c9
f2406d4d9ae4130c9321598b69c423bfe64e4637e15a839c84857b97563d51de

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gf/data/change_en.xml?1675099014000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:38 GMT
accept-ranges: bytes
etag: W/"7842cd9cce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:56 GMT
content-length: 257
X-Firefox-Spdy: h2

free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000

23.224.77.10

200 OK

0 B

URL HTTP/2
free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Content/ng/diff.less?v=638106732790000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2926
X-Firefox-Spdy: h2

free.nowgoal.plus/scripts/Main/soccer/soccer_fliter.js?v=638017643370000000

23.224.77.10

200 OK

0 B

URL HTTP/2
free.nowgoal.plus/scripts/Main/soccer/soccer_fliter.js?v=638017643370000000
IP
23.224.77.10:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /scripts/Main/soccer/soccer_fliter.js?v=638017643370000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 00:18:57 GMT
accept-ranges: bytes
etag: "80eee56050e3d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 6648
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (62)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML