r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3082
Expires: Mon, 30 Jan 2023 18:07:57 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3334
Expires: Mon, 30 Jan 2023 18:12:09 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive
free.nowgoal.plus/
128.14.140.150301 Moved Permanently 149 B IP 128.14.140.150:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 258d35f1cf004e597b5575edf4197573
d4590f3a38a2190dea86ad52d1154b824abf0076
e8131213584120d26c77117751e5a53eb83583528e13522c6771de14b4f345bc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://free.nowgoal.plus/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Mon, 30 Jan 2023 17:16:34 GMT
Content-Length: 149
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:35:45 GMT
content-type: application/json
age: 2450
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5116
Expires: Mon, 30 Jan 2023 18:41:51 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GELRlQTYdn51eadTrFnaUMJPEktlPri4FnoIoxT0m+lG4fjw2dN0y6iS+KdKaHPRLz9jx97DH8g=
x-amz-request-id: GXKCAHVFN40HS0A9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:21:52 GMT
age: 3283
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:16:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:49:04 GMT
age: 1651
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0991e433a9640d114f8b46cf12ee5ad7
40c2dc2755f60b409357ef37d7556df404101752
06904b99445cc25df886430a4adeaa3910984a757a948716afcc43648a984cd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06904B99445CC25DF886430A4ADEAA3910984A757A948716AFCC43648A984CD5"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 23:16:35 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11630
Expires: Mon, 30 Jan 2023 20:30:25 GMT
Date: Mon, 30 Jan 2023 17:16:35 GMT
Connection: keep-alive
free.nowgoal.plus/
23.224.77.10200 OK 12 kB IP 23.224.77.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5b165917621f8886d47074626c35535d
aebf80f07efa81d68922e869bb301498e19425c7
90a3156baec128bc51a6929cebf6f38517b938e6634399ffec30cf347f8a875a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:50 GMT
content-length: 12383
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.202.152.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.152.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5hcR+TpEABm8l/F9Jk4rRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ON7ENCU8bVvEe6Ye6gETjrxy/7c=
free.nowgoal.plus/Content/Com/theme.css?v=638105847200000000
23.224.77.10200 OK 1.0 kB URL HTTP/2 free.nowgoal.plus/Content/Com/theme.css?v=638105847200000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash fa7c4800ad17e7d8e36e9c85b65482e9
ec37b4791cde1fbdeb7943b3c8f69fedeba809cf
d6667d488445dc78e4967a6a51911ea4711365dc87d8684e9a8ca9e831578836
Analyzer Verdict Alert fortinet Phishing
GET /Content/Com/theme.css?v=638105847200000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 02:25:20 GMT
accept-ranges: bytes
etag: "068daee8833d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1012
X-Firefox-Spdy: h2
free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
23.224.77.10200 OK 23 kB URL HTTP/2 free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (338), with CRLF line terminators
Hash d84904c197ee5c8d4b9a595a21a88ea0
fad69ca96473897e5031d5296d813db2a4335daf
a5232e4e6978ac72a8a0d0459bce0c764e9d32f506bba2758f4bccbab858a261
GET /Content/Com/main.css?v=638106657070000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 00:55:07 GMT
accept-ranges: bytes
etag: "80e7dd7e4534d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 22938
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Com/jquery.min.js?v=637691366600000000
23.224.77.10200 OK 34 kB URL HTTP/2 free.nowgoal.plus/scripts/Com/jquery.min.js?v=637691366600000000
IP 23.224.77.10:0
File type ASCII text, with very long lines (32072), with CRLF line terminators
Hash 69e25f4d33a4082965995dfed5b1cd5a
c7fa7703bc0bf94a8d3e5bde1022bae62155afe3
88a4f58da905ec99f3a4405bd6ed938b16600be898c5a6156291525515e48b77
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Com/jquery.min.js?v=637691366600000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:04:20 GMT
accept-ranges: bytes
etag: "082ec2591bad71:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 34035
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/ng/config.js?v=638106983891957425
23.224.77.10200 OK 371 B URL HTTP/2 free.nowgoal.plus/scripts/ng/config.js?v=638106983891957425
IP 23.224.77.10:0
File type ASCII text, with very long lines (688), with no line terminators
Hash 8e4161eb4474a7f04cffbeb5dc77df92
4058b59c2cb3db0420ec82d14b8295619c436edb
dbd74f9cedb4d911862b1dac5d6f878c203fe800f15058684d6054bede4c46c3
GET /scripts/ng/config.js?v=638106983891957425 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 09:59:49 GMT
accept-ranges: bytes
etag: "b136f9969134d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 371
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/Public.js?v=638084410840000000
23.224.77.10200 OK 19 kB URL HTTP/2 free.nowgoal.plus/scripts/Main/Public.js?v=638084410840000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (649), with CRLF line terminators
Hash 4d8ff95211e51a94b5e267bd266754aa
31f067977a1a8c55f1b881f6e39421ebe7c628cc
ba8acad3ef8d53720822521260dc7ed4c72d7d659b454c3ba49c5d3064403789
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Main/Public.js?v=638084410840000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 04 Jan 2023 06:58:04 GMT
accept-ranges: bytes
etag: "0e63ae4920d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 19342
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/localDiff.js?v=638106078980000000
23.224.77.10200 OK 1.1 kB URL HTTP/2 free.nowgoal.plus/scripts/Main/localDiff.js?v=638106078980000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash b5b9cae764393c78f0e0c570af9915a8
ae0ea03fc9705f0e24c26b45804d2e63b66dd5cf
018d5ee42582526fdca7172afcfd83ccbd6fd8d2cc712c734522dd9dfa9bbd51
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Main/localDiff.js?v=638106078980000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 08:51:38 GMT
accept-ranges: bytes
etag: "0894e6be33d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1122
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/setting.js?v=637770638734614593
23.224.77.10200 OK 1.6 kB URL HTTP/2 free.nowgoal.plus/scripts/Main/setting.js?v=637770638734614593
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3f0ebcf35a099cade86e864e15ec6365
b6f7adc619ef37423d8e476dd32c50ad94f0fb3f
90c93915a2b181665922210736aef821ef817a6ea63f0ec557d455622acdf430
GET /scripts/Main/setting.js?v=637770638734614593 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 03:04:33 GMT
accept-ranges: bytes
etag: "80b61221aa2d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1554
X-Firefox-Spdy: h2
free.nowgoal.plus/Content/Com/header.less?v=638076474710000000
23.224.77.10200 OK 1.0 kB URL HTTP/2 free.nowgoal.plus/Content/Com/header.less?v=638076474710000000
IP 23.224.77.10:0
Hash 1722db9f9c03b5f2eabfc30b443d5b56
7bd9806c5a27d9d8ba270a360e24883ee384c765
6033647f4572c7f5d026b22ef249960ad3e13a0e7bdd1072abeb070095cf629a
GET /Content/Com/header.less?v=638076474710000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1029
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/ng/localDiff.js?v=638106080070000000
23.224.77.10200 OK 1.5 kB URL HTTP/2 free.nowgoal.plus/scripts/ng/localDiff.js?v=638106080070000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash d29ba5a049f72ceabdcb1ca26e9082f0
ceab79f5ab677eddf0843a6038eb183f4d1a19ed
54fc59fe1500191c8d8175bc8e753a8251c7f7b7898924d15a2c4fb8e1dcb504
GET /scripts/ng/localDiff.js?v=638106080070000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 08:53:27 GMT
accept-ranges: bytes
etag: "809dfc26bf33d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1487
X-Firefox-Spdy: h2
free.nowgoal.plus/Content/Com/com.less?v=638105847200000000
23.224.77.10200 OK 4.3 kB URL HTTP/2 free.nowgoal.plus/Content/Com/com.less?v=638105847200000000
IP 23.224.77.10:0
Hash 021b36be410ecec58eb0a5c0e37e9b1a
ee12e5d87f1d5b6410f08875587847b24a5c8fe3
9b5361e9a8dcfe343d68abc05ffdd5977cefc5acbdc4e29607eea53c71dc439c
GET /Content/Com/com.less?v=638105847200000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 4340
X-Firefox-Spdy: h2
free.nowgoal.plus/Scripts/i18n/rs_index_ng.js
23.224.77.10200 OK 2.3 kB URL HTTP/2 free.nowgoal.plus/Scripts/i18n/rs_index_ng.js
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (5895), with no line terminators
Hash cd6a7d1a45e3fc7b30247bbf3d0fce2f
0fe5aa0f152cb0cbecf0e399ea66f7e2d93b7042
ff7291cc01b728093a851002ed6ddb7a872c3cd4fac1a151ac5231518938378c
Analyzer Verdict Alert fortinet Phishing
GET /Scripts/i18n/rs_index_ng.js HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 09:59:49 GMT
accept-ranges: bytes
etag: "8058db969134d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2309
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/ng/serverDiff.js?v=637987435590000000
23.224.77.10200 OK 1.8 kB URL HTTP/2 free.nowgoal.plus/scripts/ng/serverDiff.js?v=637987435590000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 4601d7e0605ba3bbd9646c515c0b1286
1c24048c25e855ba35cfe4faef56d8e0f3294515
6f33e4fe70e6d132ce1be6cd373543855535a9027c63b32e127f4fe57303bc83
Analyzer Verdict Alert fortinet Phishing
GET /scripts/ng/serverDiff.js?v=637987435590000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 01:12:39 GMT
accept-ranges: bytes
etag: "80dde614d7c7d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1813
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/AdCheck.js?v=637772574871339630
23.224.77.10200 OK 408 B URL HTTP/2 free.nowgoal.plus/scripts/Main/AdCheck.js?v=637772574871339630
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 8f708037ffc39fd000ca1d4849af8060
e9f75e9f2402af41e49299de5723fdd10b9d3fe1
4eb844a663adf2cca1504e7788a0fa1d108f2462810b8f90aeba3fc8673e494c
GET /scripts/Main/AdCheck.js?v=637772574871339630 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 08 Jan 2022 08:51:27 GMT
accept-ranges: bytes
etag: "6e217ec6c4d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 408
X-Firefox-Spdy: h2
free.nowgoal.plus/scriptEx/ng/all_Ad.js?v=638106231532419554
23.224.77.10200 OK 3.1 kB URL HTTP/2 free.nowgoal.plus/scriptEx/ng/all_Ad.js?v=638106231532419554
IP 23.224.77.10:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash a6b994a2b70fe96af4937ff250d0625b
37a3ae1786bc1b7ff3649326e455de2a3f6f0132
d8bf9975a6f06b325b2e828c45b273a3224b9e4bb32b9f250bb12af38377836e
Analyzer Verdict Alert fortinet Phishing
GET /scriptEx/ng/all_Ad.js?v=638106231532419554 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 13:05:53 GMT
accept-ranges: bytes
etag: "80ceb46ae233d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3143
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/defaultBlank.js?v=638022265090000000
23.224.77.10200 OK 233 B URL HTTP/2 free.nowgoal.plus/scripts/Main/defaultBlank.js?v=638022265090000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 874c9221a7b2ab877ea3947fe80d52c7
d6f01bacfed09a92a8c950ddb1916de6bb84b277
c660710367753df75e8369baf3fdded38e311fa975fb65e6c2807900e56f9c4b
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Main/defaultBlank.js?v=638022265090000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 08:41:49 GMT
accept-ranges: bytes
etag: "8084e07484e7d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 233
X-Firefox-Spdy: h2
free.nowgoal.plus/images/down.jpg
23.224.77.10200 OK 694 B URL HTTP/2 free.nowgoal.plus/images/down.jpg
IP 23.224.77.10:0
File type PNG image data, 31 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 0dd3f6effc30efe477bba91f05ddfd05
157bb68ee971b4f134602ec5328b9a1887b1ee5c
42ddafe5ac3e426a3855f5ab725b4c5d55657c39befcbb06ed55a1a4662b387e
GET /images/down.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sun, 03 Oct 2021 03:24:24 GMT
accept-ranges: bytes
etag: "9d2e502a6b8d71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 694
X-Firefox-Spdy: h2
free.nowgoal.plus/Content/Com/eventStyle.less?v=638105847200000000
23.224.77.10200 OK 2.3 kB URL HTTP/2 free.nowgoal.plus/Content/Com/eventStyle.less?v=638105847200000000
IP 23.224.77.10:0
Hash 662ecf9668c312c16bab43fc8b5e1a30
f540e57d8ae7ea6e036429a8c3fc3276f68bacca
aa5bea9a7c9192ea972079a37469313b030477d112898becb1034ac699a4bafb
Analyzer Verdict Alert fortinet Phishing
GET /Content/Com/eventStyle.less?v=638105847200000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2262
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114102211.jpg
23.224.77.10200 OK 2.5 kB URL HTTP/2 free.nowgoal.plus/mn/20220114102211.jpg
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Hash ed74c99ca87a5a533a17fc525b0c72fd
bd753103dda325623e6e023b5858b4830ca78d31
5deb25150876ca2c6ee06c672ce09c3e96cb6e00ec4cfdc0973ac6a0a64cfee0
GET /mn/20220114102211.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:22:11 GMT
accept-ranges: bytes
etag: "11cd8689ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2466
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/soccer/soccer_common.js?v=638097467710000000
23.224.77.10200 OK 2.5 kB URL HTTP/2 free.nowgoal.plus/scripts/Main/soccer/soccer_common.js?v=638097467710000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (793), with CRLF line terminators
Hash a39c63d3080df4933989a6256105a2d3
22fbd993fa590f575637ae6b8c4f9e9f10aaa2f2
6beb07f738efcbe721e12cf3e2e97f4bcbe3355edeb675303c665955bce7f600
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Main/soccer/soccer_common.js?v=638097467710000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 09:39:31 GMT
accept-ranges: bytes
etag: "80b54eee92bd91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2463
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114095612.jpg
23.224.77.10200 OK 3.4 kB URL HTTP/2 free.nowgoal.plus/mn/20220114095612.jpg
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 96x91, components 3\012- data
Hash 7f66a24e601aad5167a4ae40c2b120be
e3fe378f5e5470b4243e7b07719c4aae4d54aa27
d2f7a6580957669d7a7ca0a6451063133ceaf3abe369a4e01e81847537e97da5
GET /mn/20220114095612.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 01:56:12 GMT
accept-ranges: bytes
etag: "a1d322e8e98d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3381
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/soccer/flash.js?v=638105151340000000
23.224.77.10200 OK 8.7 kB URL HTTP/2 free.nowgoal.plus/scripts/Main/soccer/flash.js?v=638105151340000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (496), with CRLF line terminators
Hash b78a7c4cb0fe9734f6ebebdffaba172f
14a81bab6296b911dcf55ac1543a138c5517936f
2f977ea3cd26a2ee2441c53a46d46a4efc03b6119e550fd14b50ae96da17d189
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Main/soccer/flash.js?v=638105151340000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 28 Jan 2023 07:05:34 GMT
accept-ranges: bytes
etag: "0735deae632d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 8660
X-Firefox-Spdy: h2
free.nowgoal.plus/images/ng/Logo.png
23.224.77.10200 OK 5.6 kB URL HTTP/2 free.nowgoal.plus/images/ng/Logo.png
IP 23.224.77.10:0
File type PNG image data, 325 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash a8c78d12dfb5310d76423cd92f15616c
880392a5e3b183d63ee6a3be30c5e398f53595ea
396643a74ddd88dacbb5fcfd585d66b67fac36723b1e2aad78c5c8dc319122d0
GET /images/ng/Logo.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 26 Nov 2021 00:58:18 GMT
accept-ranges: bytes
etag: "b19f65b360e2d71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 5614
X-Firefox-Spdy: h2
free.nowgoal.plus/images/top.gif
23.224.77.10200 OK 498 B URL HTTP/2 free.nowgoal.plus/images/top.gif
IP 23.224.77.10:0
File type GIF image data, version 89a, 31 x 29\012- data
Hash 9353fbbf91e2a0f692070218928555c9
3f614a60d25cd29b04cd8cdb0fc6cf927844ed1c
bbc9ecd1b1e1a480793c777810f4a873ea82a5dde914f1a494874d36c3f8e4a0
GET /images/top.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "e17e839805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 498
X-Firefox-Spdy: h2
free.nowgoal.plus/images/fb.gif
23.224.77.10200 OK 432 B URL HTTP/2 free.nowgoal.plus/images/fb.gif
IP 23.224.77.10:0
File type GIF image data, version 89a, 31 x 31\012- data
Hash b325c0a955b5d4d6ac51aa2537af38a3
9552f708f9ec3ef4bb24b9a4b288bbcf10cac120
fd72bcdd135629be85c27176a6e105edacdf66a29912fa631866ab1db7896a7b
GET /images/fb.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "28216439805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 432
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220722101215.png
23.224.77.10200 OK 21 kB URL HTTP/2 free.nowgoal.plus/mn/20220722101215.png
IP 23.224.77.10:0
File type PNG image data, 200 x 275, 8-bit/color RGBA, non-interlaced\012- data
Hash b5df32b769c2af7c3266f28fbea3e318
05074c685f07e49f80d03a185d1f76869e5256f2
2a8e8685c1d9c8fd6c0664035b37c757940e5127e7652671b21ef8b4396ff142
GET /mn/20220722101215.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 22 Jul 2022 02:12:31 GMT
accept-ranges: bytes
etag: "8011987f709dd81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 21156
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114095736.png
23.224.77.10200 OK 13 kB URL HTTP/2 free.nowgoal.plus/mn/20220114095736.png
IP 23.224.77.10:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash b0b3979fac40d2f2e294ab93859bc06f
c85ae4358900a206b87d13cfe553ffb7d7711db0
5249e2fdc69e6d6a2046adbeeee705dfe51976b9e273d082999df20c3e6d69c8
GET /mn/20220114095736.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 01:57:36 GMT
accept-ranges: bytes
etag: "96e49a1aea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 12703
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114100201.png
23.224.77.10200 OK 5.6 kB URL HTTP/2 free.nowgoal.plus/mn/20220114100201.png
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Hash 4ec773253cb9a3b80b14632d4f8caa05
c10f27017de5515debf12fabd3ee48895b8bccae
84614a65aa7d0ae4c7aae275a2870489a789c700e74e28022ea312244d09251e
GET /mn/20220114100201.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:02:01 GMT
accept-ranges: bytes
etag: "d98075b8ea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 5557
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114100151.jpg
23.224.77.10200 OK 12 kB URL HTTP/2 free.nowgoal.plus/mn/20220114100151.jpg
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 367x365, components 3\012- data
Hash edd49146c4fb388c8b7e237b36db4812
d181048d76759cf2fb9922ec64dc57a9775b92ae
e381e92dca417d128db749cc029acb72ca5d1219f91ab43dee016f947e2de39a
GET /mn/20220114100151.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:01:51 GMT
accept-ranges: bytes
etag: "d48a78b2ea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 12521
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114100358.png
23.224.77.10200 OK 2.2 kB URL HTTP/2 free.nowgoal.plus/mn/20220114100358.png
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 56x83, components 3\012- data
Hash 115c788b601f0b707df5242f6c04a881
bf77bb79c7176e2b298dade69e1b1039a45ef24e
62c0a994aec0283a954b5d5b034b9dac8300f37a7f36447cd8bc3be0e42f3c06
GET /mn/20220114100358.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:03:58 GMT
accept-ranges: bytes
etag: "dd1943feea8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2230
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114100431.png
23.224.77.10200 OK 3.9 kB URL HTTP/2 free.nowgoal.plus/mn/20220114100431.png
IP 23.224.77.10:0
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash fe07e7db2938f44a83a88ed8aa1b80f3
247e53fefa8295a66429746ae02b2154b6321d25
530b87bdc0c3cf8cbe83b999100114090f8e31ac7c64bcd64ff83449e4ac7a74
GET /mn/20220114100431.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:04:31 GMT
accept-ranges: bytes
etag: "502da211eb8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3878
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20221006082112.jpg
23.224.77.10200 OK 2.6 kB URL HTTP/2 free.nowgoal.plus/mn/20221006082112.jpg
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Hash d3df0971d415bc337fda1c394dec26cc
dc6b88266906ce17d111f8f043db623eca567c94
38e68952b28a6a5d00f02e4edabd4c08ff3c4fef75d8441c1ff3a1147559f3f0
GET /mn/20221006082112.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 06 Oct 2022 00:21:16 GMT
accept-ranges: bytes
etag: "e5bbbc8c19d9d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2551
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114102258.jpg
23.224.77.10200 OK 2.5 kB URL HTTP/2 free.nowgoal.plus/mn/20220114102258.jpg
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Hash e463c9c160695e987ec4b8fb8fbdfa27
792b1467b27e6fed28acca83120ac543d99097bb
e926bc774bac21366664ce2ff9a689b2b37502dbcb40be368e9b249fe07f35bd
GET /mn/20220114102258.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:22:58 GMT
accept-ranges: bytes
etag: "fa3d86a5ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2532
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114102335.jpg
23.224.77.10200 OK 2.4 kB URL HTTP/2 free.nowgoal.plus/mn/20220114102335.jpg
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Hash ca61d3071be8c51d71d01e2e23f54af5
ef1b99d25f8f456927f96f9afe83e8699d4d88bc
0687f97bf077ee41591eb9d88ad314f62be56ba282855a44bbfe264876ca6011
GET /mn/20220114102335.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:23:35 GMT
accept-ranges: bytes
etag: "ebaedfbbed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2448
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114102419.png
23.224.77.10200 OK 3.2 kB URL HTTP/2 free.nowgoal.plus/mn/20220114102419.png
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Hash 153e0e261bd4ff72acd0870674523378
1f460765aca815e75f6f2ecc5e5dfb015b8a5ed7
a17aacd60ac06a9540500b139a1474683407b901ff94a3e7229e9c1aab03cd5a
GET /mn/20220114102419.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 14 Jan 2022 02:24:19 GMT
accept-ranges: bytes
etag: "489cfd5ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 3187
X-Firefox-Spdy: h2
free.nowgoal.plus/mn/20220114102508.jpg
23.224.77.10200 OK 2.1 kB URL HTTP/2 free.nowgoal.plus/mn/20220114102508.jpg
IP 23.224.77.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 83x83, components 3\012- data
Hash ab8a116d27b0a35602867d702c7bb793
9752eb1be90a38511a6a5be6fd917f4cffdda2eb
6b1b0f96499d91b3599aa6b4d85fe85fded207a1d620d1ac9ab152a8099644d2
GET /mn/20220114102508.jpg HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 02:25:08 GMT
accept-ranges: bytes
etag: "4d2e2f3ed8d81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2118
X-Firefox-Spdy: h2
free.nowgoal.plus/images/Ng/loading.gif
23.224.77.10200 OK 938 B URL HTTP/2 free.nowgoal.plus/images/Ng/loading.gif
IP 23.224.77.10:0
File type GIF image data, version 89a, 230 x 18\012- data
Hash 93d039289c483a2ffc08399182398ab3
b197a8fd906b6c052d8af37475fd494d53bb3aae
b0759537a47d4a3e943db9d4b15bbc2f61776892d554cea95feee02962d132b5
GET /images/Ng/loading.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Thu, 01 Dec 2022 08:02:08 GMT
accept-ranges: bytes
etag: "04063355b5d91:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 938
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/soccer/soccer.js?v=638106114720000000
23.224.77.10200 OK 39 kB URL HTTP/2 free.nowgoal.plus/scripts/Main/soccer/soccer.js?v=638106114720000000
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (563), with CRLF line terminators
Hash 1e980c57fa7aa740907c37f9ccf8d9ae
b528ba0e5dcf5e7330d3a96e32711c4120e0de35
331c5226bdd527aa3d22351b65f2abbd2b48cef94344409737787d5f7a4ea708
GET /scripts/Main/soccer/soccer.js?v=638106114720000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sun, 29 Jan 2023 09:51:12 GMT
accept-ranges: bytes
etag: "0a84938c733d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 39098
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/fly_ad.js?v=637774946286063125
23.224.77.10200 OK 769 B URL HTTP/2 free.nowgoal.plus/scripts/Main/fly_ad.js?v=637774946286063125
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 364c8cac30ea93a836cf69e476fe748e
39ef83a7e619518eac16ebdb53631456904c55f2
9a9494a239c74e5d3c199a934587a0675394722e9c96149016c25cda5d03352d
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Main/fly_ad.js?v=637774946286063125 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 02:43:48 GMT
accept-ranges: bytes
etag: "15e6cf956d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 769
X-Firefox-Spdy: h2
free.nowgoal.plus/images/share/Facebook.png
23.224.77.10200 OK 686 B URL HTTP/2 free.nowgoal.plus/images/share/Facebook.png
IP 23.224.77.10:0
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 3195d651673232fe24d8c9378480125c
7ad9fc9f9c16e4edb54ff664da829916cff2153d
62499f4f1de1b6f9a99cebc4bbf0ea8d9458dd3962d3812f131d787c5f0053f3
GET /images/share/Facebook.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "c6d3c139805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 686
X-Firefox-Spdy: h2
free.nowgoal.plus/images/share/Twitter.png
23.224.77.10200 OK 1.2 kB URL HTTP/2 free.nowgoal.plus/images/share/Twitter.png
IP 23.224.77.10:0
File type PNG image data, 37 x 33, 8-bit/color RGBA, interlaced\012- data
Hash 7c18e680e5772f5f0ed19f8272e29cde
d52ccb21f1bfbf9ec5e2d1d94badcdcf2830278c
9f836b4c3ae18adb1cf0c7059ad6eb21801b8c5bc0f0154ba0d976381d3d081f
GET /images/share/Twitter.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "8cf2c539805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1169
X-Firefox-Spdy: h2
free.nowgoal.plus/images/share/Telegram.png
23.224.77.10200 OK 550 B URL HTTP/2 free.nowgoal.plus/images/share/Telegram.png
IP 23.224.77.10:0
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f457f7b1fa5ddfb7a80c59f81387fef
f2831102cbc118e9a4db486988682eba5b766996
5db1c6c8969058eeca9e687db0b91df177ae14392cd80a7348a19ad9e90daeff
GET /images/share/Telegram.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 20 May 2022 00:31:23 GMT
accept-ranges: bytes
etag: "807fc2eee06bd81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 550
X-Firefox-Spdy: h2
free.nowgoal.plus/images/share/Tiktok.png
23.224.77.10200 OK 782 B URL HTTP/2 free.nowgoal.plus/images/share/Tiktok.png
IP 23.224.77.10:0
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 7428d0a1016b0a0215740ff4582904a6
24786b79cc9e27a00f2e962d2edfdd3522247742
459133e31773a1efe061b3aef51ad5c47a0593952c5aa41158ba066c3f6f07f9
GET /images/share/Tiktok.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "3179c739805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 782
X-Firefox-Spdy: h2
free.nowgoal.plus/ajax/IPchecker/?1675099009000
23.224.77.10200 OK 120 B URL HTTP/2 free.nowgoal.plus/ajax/IPchecker/?1675099009000
IP 23.224.77.10:0
File type very short file (no magic)
Hash 33d3779889f4a7f1c358ce308935ff7a
e072eb28f47d466d15353a644346b90f90ef9a90
660e01048e5820ad2665bba09bb409432858bb1eb674fcca35855d4e5f7955d8
Analyzer Verdict Alert fortinet Phishing
GET /ajax/IPchecker/?1675099009000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 120
X-Firefox-Spdy: h2
free.nowgoal.plus/images/theme.png
23.224.77.10200 OK 946 B URL HTTP/2 free.nowgoal.plus/images/theme.png
IP 23.224.77.10:0
File type PNG image data, 48 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 397053c2a835338a0cf25359d74da748
0924155b26e220e3adf041b8270712819c837ef1
dda3cfad11cf76c9b36c7baf81e96038f1a9dee5398708c9970d6240a15779ba
GET /images/theme.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "6185e439805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 946
X-Firefox-Spdy: h2
free.nowgoal.plus/Images/telegram.png
23.224.77.10200 OK 605 B URL HTTP/2 free.nowgoal.plus/Images/telegram.png
IP 23.224.77.10:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b4343402a7f4f12380e84c2d361dda60
7cc297bea8ee4edde9606d9fe7a54ee6ea7223d6
317e42bed86cc985b998213d0212db938f96553747ad02b6dd2922c33c1767d9
GET /Images/telegram.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 20 May 2022 00:31:23 GMT
accept-ranges: bytes
etag: "807fc2eee06bd81:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 605
X-Firefox-Spdy: h2
free.nowgoal.plus/images/twitter.png
23.224.77.10200 OK 631 B URL HTTP/2 free.nowgoal.plus/images/twitter.png
IP 23.224.77.10:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f63e2090ec3c17d50dd945521c95ac9
c323e5f40a1ff27cb95e740d492a202d51714506
b0999f9fe2598dea15023f7eabefbb8b3b6e21c5e100cf879a8a726f97ce2053
GET /images/twitter.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "c3beee39805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 631
X-Firefox-Spdy: h2
free.nowgoal.plus/images/light.png
23.224.77.10200 OK 487 B URL HTTP/2 free.nowgoal.plus/images/light.png
IP 23.224.77.10:0
File type PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash a5657c32924627af2438b423d9fbc15b
14e393119fadb249357743a3deed59b5f01d60bc
337d84f8ad5bca57e4d9473a6070c1e34065ea30b12e7d3bff7b043a53d7c7f6
GET /images/light.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "b3259139805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 487
X-Firefox-Spdy: h2
free.nowgoal.plus/images/Baseball.png
23.224.77.10200 OK 784 B URL HTTP/2 free.nowgoal.plus/images/Baseball.png
IP 23.224.77.10:0
File type PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Hash cfec8c0c0e9cbbc8025264b7031f13ac
725daf814226b71cf4474749d65c0f918c648aff
d33bc849aa4441c1622521a25b49963e9508ec0b218663c3d0a666c75e24fc60
GET /images/Baseball.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:54 GMT
accept-ranges: bytes
etag: "f6cf1939805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 784
X-Firefox-Spdy: h2
free.nowgoal.plus/images/soccer.png
23.224.77.10200 OK 960 B URL HTTP/2 free.nowgoal.plus/images/soccer.png
IP 23.224.77.10:0
File type PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Hash fec4155d32e2c286a73fc9c7746d71c5
b0906075dee7d9a61fb46b3c2f6a7fee2557af62
ed12dcfd139deea9c957f749a674b348eaf08d94f97549139ab97cd144751b59
GET /images/soccer.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "25bfcb39805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 960
X-Firefox-Spdy: h2
free.nowgoal.plus/images/basketball.png
23.224.77.10200 OK 990 B URL HTTP/2 free.nowgoal.plus/images/basketball.png
IP 23.224.77.10:0
File type PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Hash 70df2eb5358ad9ca017a8be5e6696a10
19c2554b2a5ddce71aa05d3f45517f19837a7f8d
1fe085353adf78b3218ddb992fbad1765289c666c8f7290758ace1fdc3c7bcfe
GET /images/basketball.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:54 GMT
accept-ranges: bytes
etag: "2b451a39805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 990
X-Firefox-Spdy: h2
free.nowgoal.plus/images/Tennis.png
23.224.77.10200 OK 1.0 kB URL HTTP/2 free.nowgoal.plus/images/Tennis.png
IP 23.224.77.10:0
File type PNG image data, 60 x 60, 4-bit colormap, non-interlaced\012- data
Hash 1917ab37ebc8aeedc0a5fdb860716f5b
c8ea76a97ce2cfdc910af6d85585bd66124a0b8a
83f04e03d526fdc8732b91d358377619ed08bd58fea2ad281ddbe607fcc946bb
GET /images/Tennis.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "f0c1e339805fd71:0"
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 1012
X-Firefox-Spdy: h2
free.nowgoal.plus/gf/data/bf_us.js?1675099009000
23.224.77.10200 OK 7.3 kB URL HTTP/2 free.nowgoal.plus/gf/data/bf_us.js?1675099009000
IP 23.224.77.10:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 446f549b4e3fc1ae87467767220c11ca
32488a233a045e7dff3ee5a5e8e333d2d43da2a4
da258816ac652aad719796f11ca8f2bcbf452afbdb6120da91d7f532ac19f2fe
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/bf_us.js?1675099009000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:39 GMT
accept-ranges: bytes
etag: "80f53b9dce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 7275
X-Firefox-Spdy: h2
free.nowgoal.plus/images/f.png
23.224.77.10200 OK 460 B URL HTTP/2 free.nowgoal.plus/images/f.png
IP 23.224.77.10:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e970584c5a71f22d9270c7ef21d6556
9f544f8997d321b302e9b1ce65478bc697ff357b
69febd66fb9f29c616a0cb895f008d8a14a7e4394874a5ad7afa803a82f1179f
GET /images/f.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "f6616139805fd71:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 460
X-Firefox-Spdy: h2
free.nowgoal.plus/sound/sound4.mp3
23.224.77.10206 Partial Content 4.2 kB URL HTTP/2 free.nowgoal.plus/sound/sound4.mp3
IP 23.224.77.10:0
File type MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Hash de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41
Analyzer Verdict Alert fortinet Phishing
GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2
free.nowgoal.plus/sound/red.mp3
23.224.77.10206 Partial Content 11 kB URL HTTP/2 free.nowgoal.plus/sound/red.mp3
IP 23.224.77.10:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash 7a817f2e5a2d18cfe59761388e4df45a
fda89f4f09f8efa091a33a15f4d6bcc35daa8205
819fa2f72fa9658146fed0fc9c2a07dccbce39a7bdadbcca75225b0aba2b8bf8
Analyzer Verdict Alert fortinet Phishing
GET /sound/red.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "bde44625f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 10591
content-range: bytes 0-10590/10591
X-Firefox-Spdy: h2
free.nowgoal.plus/sound/sound4.mp3
23.224.77.10206 Partial Content 4.2 kB URL HTTP/2 free.nowgoal.plus/sound/sound4.mp3
IP 23.224.77.10:0
File type MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Hash de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41
Analyzer Verdict Alert fortinet Phishing
GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2
free.nowgoal.plus/sound/sound4.mp3
23.224.77.10206 Partial Content 4.2 kB URL HTTP/2 free.nowgoal.plus/sound/sound4.mp3
IP 23.224.77.10:0
File type MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Hash de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41
Analyzer Verdict Alert fortinet Phishing
GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2
free.nowgoal.plus/sound/sound4.mp3
23.224.77.10206 Partial Content 4.2 kB URL HTTP/2 free.nowgoal.plus/sound/sound4.mp3
IP 23.224.77.10:0
File type MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Hash de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41
Analyzer Verdict Alert fortinet Phishing
GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2
free.nowgoal.plus/sound/sound4.mp3
23.224.77.10206 Partial Content 4.2 kB URL HTTP/2 free.nowgoal.plus/sound/sound4.mp3
IP 23.224.77.10:0
File type MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Hash de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41
Analyzer Verdict Alert fortinet Phishing
GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2
free.nowgoal.plus/sound/sound4.mp3
23.224.77.10206 Partial Content 4.2 kB URL HTTP/2 free.nowgoal.plus/sound/sound4.mp3
IP 23.224.77.10:0
File type MPEG ADTS, layer III, v2.5, 16 kbps, 11.025 kHz, Monaural\012- data
Hash de98145be16779f6c7408564238e0fe1
d2b62f8a685365bff09ef7c7cc0f3b0172d7784c
f4f9928d08b27dff79543856a5c8b742e7a9373f7348f655c56eb2cabca88f41
Analyzer Verdict Alert fortinet Phishing
GET /sound/sound4.mp3 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Tue, 21 Jul 2020 00:37:42 GMT
accept-ranges: bytes
etag: "35cf4725f75ed61:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 4167
content-range: bytes 0-4166/4167
X-Firefox-Spdy: h2
free.nowgoal.plus/gf/data/odds/en/goal8.xml?1675099010000
23.224.77.10200 OK 3.9 kB URL HTTP/2 free.nowgoal.plus/gf/data/odds/en/goal8.xml?1675099010000
IP 23.224.77.10:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (8313), with no line terminators
Hash 08271a077f97551049ae1a3c5344bd98
dddb0b72b70ffb24e18da6f1d28c76ec24b544ad
0e03c0b30433b31981570010bc992c9bdc7b5ef488519b05233fc29ef12dac42
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/odds/en/goal8.xml?1675099010000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:48 GMT
accept-ranges: bytes
etag: "538b19a3ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 3870
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b3c508c2e8edfb108120f3dca28a1c43
9e4c2606f1a5c9586ef370fbcf23c38cb9827348
1e9aa3a414849ba35f95481513432d8ebf9c934eee0b380ed94f4b15829b0396
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E9AA3A414849BA35F95481513432D8EBF9C934EEE0B380ED94F4B15829B0396"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21418
Expires: Mon, 30 Jan 2023 23:13:35 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b3c508c2e8edfb108120f3dca28a1c43
9e4c2606f1a5c9586ef370fbcf23c38cb9827348
1e9aa3a414849ba35f95481513432d8ebf9c934eee0b380ed94f4b15829b0396
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E9AA3A414849BA35F95481513432D8EBF9C934EEE0B380ED94F4B15829B0396"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16085
Expires: Mon, 30 Jan 2023 21:44:42 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f279e1cb12802f1f1436935b041a307
4c86893c034ebf10bdeeeb018bca20da0ab4f69d
c31db9a5b4557c765b97686f83d7332ae5d5e5b7824b403bf65c92665f817071
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31DB9A5B4557C765B97686F83D7332AE5D5E5B7824B403BF65C92665F817071"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17087
Expires: Mon, 30 Jan 2023 22:01:24 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f279e1cb12802f1f1436935b041a307
4c86893c034ebf10bdeeeb018bca20da0ab4f69d
c31db9a5b4557c765b97686f83d7332ae5d5e5b7824b403bf65c92665f817071
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31DB9A5B4557C765B97686F83D7332AE5D5E5B7824B403BF65C92665F817071"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17135
Expires: Mon, 30 Jan 2023 22:02:12 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f279e1cb12802f1f1436935b041a307
4c86893c034ebf10bdeeeb018bca20da0ab4f69d
c31db9a5b4557c765b97686f83d7332ae5d5e5b7824b403bf65c92665f817071
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31DB9A5B4557C765B97686F83D7332AE5D5E5B7824B403BF65C92665F817071"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17188
Expires: Mon, 30 Jan 2023 22:03:05 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 30 Jan 2023 19:08:41 GMT
Date: Mon, 30 Jan 2023 17:16:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 68860
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 69430
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 69915
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvqpQI-tR9W2NwvIgoi8loQaD--rOgVYFdLdkdlaXMhe4ts9mYqahg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:50:16 GMT
age: 69981
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 05:47:49 GMT
age: 41328
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 68200
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
free.nowgoal.plus/gf/tvlive/tvlive_en_fb.txt?1675099010000
23.224.77.10200 OK 1.1 kB URL HTTP/2 free.nowgoal.plus/gf/tvlive/tvlive_en_fb.txt?1675099010000
IP 23.224.77.10:0
File type ASCII text, with very long lines (3604), with no line terminators
Hash d6dd2716f2dbce2c242507fbf81d54bb
21dc8f2500763826c12676763cea83bc097c34d2
c99a1f6de37220b58db00d309c7a3832dc7f909e0649e029af640082e39d838a
GET /gf/tvlive/tvlive_en_fb.txt?1675099010000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 16:01:47 GMT
accept-ranges: bytes
etag: W/"8027cb27c434d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 1087
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20220912084941.gif
104.22.54.149200 OK 37 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20220912084941.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 353 x 45\012- data
Hash c6dc37552e6ccbc61e3e3123c933e9b4
a98000678fe4709a2337a535804f5012a9288dbb
a654dfc5ee9bfe282a87571c31f2a74b57522cd9f7ce60ccd3c79ea77873e674
GET /mn/20220912084941.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 36792
last-modified: Mon, 12 Sep 2022 00:49:51 GMT
etag: "5047c89041c6d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e63b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20220815092912.gif
104.22.54.149200 OK 38 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20220815092912.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 350 x 45\012- data
Hash 4018e461acd3cf7e463fcd54cd6412bf
9cda3d0c0f8d39abdeb8b9d4472284b3ec7c4667
de980d19431ed8876ed3e10e8222b45c4eaeabdb8ddb6775b3e1f1b45b91825b
GET /mn/20220815092912.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 37765
last-modified: Mon, 15 Aug 2022 01:29:27 GMT
etag: "722c47546b0d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e73b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20230114094103.gif
104.22.54.149200 OK 49 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20230114094103.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 70 x 136\012- data
Hash b95830c0689f5de1fc2c0532a740c78c
bc4e1b64cf01278b6e1900813027cdf5f9487363
760d434b26cfc38d0ccd987661cbf7f0f0694948ab9edffb13d933a1b4b17257
GET /mn/20230114094103.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 49229
last-modified: Sat, 14 Jan 2023 01:41:15 GMT
etag: "66be6b4ab927d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e6ab51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20220815164508.gif
104.22.54.149200 OK 49 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20220815164508.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 350 x 45\012- data
Hash 007d93b2d5d18aaa4f21b7c4657f5db1
56c123f5a9fdcbe6bae2fa764bc32c283c68cb83
6c8843a9fb27b8aa515ab8c85a8804850caec2a5b28ab327fe1982120f86f295
GET /mn/20220815164508.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 49146
last-modified: Tue, 15 Nov 2022 08:47:39 GMT
etag: "28475ebcef8d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e76b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20221122172459.gif
104.22.54.149200 OK 39 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20221122172459.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 70 x 270\012- data
Hash c6c2becde8646b9de715256400ced4c6
4048bad08cce6e804a37e75847a12881c05d4597
368b2bf7c8ac2427770274dbe38c2e0d5cf4f99fe73a4fce5aabb666599f0314
GET /mn/20221122172459.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 38783
last-modified: Tue, 22 Nov 2022 09:24:52 GMT
etag: "42edc44654fed81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e68b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20220912085015.gif
104.22.54.149200 OK 33 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20220912085015.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 353 x 45\012- data
Hash aed7d9a9d797762c3450de8ceec6a9a4
90d478607cb4c869624b4e2dce2f259929a84c22
c1733cb835ac376f8dc10af7a2251fc893ca2b89e2f2ad5ac2e1bf08225d0fcb
GET /mn/20220912085015.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 33347
last-modified: Mon, 12 Sep 2022 00:50:22 GMT
etag: "f4a3a4a341c6d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e5e8cb51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20220912085024.gif
104.22.54.149200 OK 38 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20220912085024.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 710 x 45\012- data
Hash 700e34a9a366daf58992f7332fc97941
19be701d841871a125f005b1d969dd93d1b1dd2c
61ce5bf4f429b9860db486de57c2b1ce83f6242bdf7036b01cc5a80aed8be4ea
GET /mn/20220912085024.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 37668
last-modified: Mon, 12 Sep 2022 00:50:35 GMT
etag: "fa7026ab41c6d81:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e6e97b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20221207092916.gif
104.22.54.149200 OK 23 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20221207092916.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 710 x 45\012- data
Hash 8b38f269462cbf4dc4e6a584445ff83a
d0af94c8e8013f0cd751f1566d765f6d3c98bdf4
f6500273cea76f942438406f2c0158042ed5c1cfa3090531b64ccabe42d55dea
GET /mn/20221207092916.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 23244
last-modified: Wed, 07 Dec 2022 01:29:19 GMT
etag: "b9a33254db9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e6e99b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20221207092815.gif
104.22.54.149200 OK 51 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20221207092815.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 70 x 270\012- data
Hash 6ae4d7b2a94784c562b2775b8085247a
bd1d9734bf1ae8997486914d1f282b6dfb9a40b0
d47fbcc2861b20e88c9ef7f5e8451c1725ee0bc2c14fac5078933a015a873d2b
GET /mn/20221207092815.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 51096
last-modified: Wed, 07 Dec 2022 01:28:21 GMT
etag: "e55f5f31db9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e66b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20230118101812.gif
104.22.54.149200 OK 49 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20230118101812.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 350 x 45\012- data
Hash 301f3b2efd4e55e66050c59540a36b7d
9aa9a927f3bdb724c51c8913f382d2a199f1e2eb
dc5b73733cc998cc793455a2c351d4e6a8eb5cd4984016e28670dff7ef0a4ec2
GET /mn/20230118101812.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 48953
last-modified: Wed, 18 Jan 2023 02:18:28 GMT
etag: "ad44d126e32ad91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e4e6cb51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20230114093509.gif
104.22.54.149200 OK 51 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20230114093509.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 155 x 80\012- data
Hash 90e08f6a14abef2bfeb7be0e3898e53b
ffa6ee7d4d780c5d40afae9e62dd8708289b58aa
c7b56697ee499273e37491c77b67c046891ac50fd6c36235323fa1f68201824f
GET /mn/20230114093509.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 50849
last-modified: Sat, 14 Jan 2023 01:35:23 GMT
etag: "20889a78b827d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e7ec7b51e-OSL
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20230114093657.gif
104.22.54.149200 OK 39 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20230114093657.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 155 x 80\012- data
Hash 3304663b524687c5e4c5aced759a4dc6
98f1ca20341dcb154b4fb5e24d61f3ca525d4f2b
195fdde42ab07f75a49c1369643af22527245bddd1f4eabb8ab3d30b99ee82f6
GET /mn/20230114093657.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:37 GMT
content-type: image/gif
content-length: 38736
last-modified: Sat, 14 Jan 2023 01:37:11 GMT
etag: "e16afdb8b827d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb3e5e7ab51e-OSL
X-Firefox-Spdy: h2
user.nowgoal6.com//sso/ssologinpcjs?opr=2
128.14.140.86200 OK 36 B URL HTTP/1.1 user.nowgoal6.com//sso/ssologinpcjs?opr=2
IP 128.14.140.86:0
File type ASCII text, with no line terminators
Hash ed3173eb9f7d973bd0f46fb7dc62ce2d
9c0106a087d87b95963b2af3205ccb2ebb3d1763
136055a8be430942f15c65799930f9a91a96e62f77c3a56354d142e1eabbf223
GET //sso/ssologinpcjs?opr=2 HTTP/1.1
Host: user.nowgoal6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 17:16:37 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 36
Connection: keep-alive
Cache-Control: private
user.nowgoal6.com//sso/ssologinpcjs/
128.14.140.86200 OK 184 B URL HTTP/1.1 user.nowgoal6.com//sso/ssologinpcjs/
IP 128.14.140.86:0
File type ASCII text, with no line terminators
Hash f7cd3faf5d1b377461d2457b8b2927f3
143193da767fd938564820c8267267040198b2ea
ae739d429ae241109dda7b2a03cc35bcc862d2518bf979bd8cfae62581f4914d
GET //sso/ssologinpcjs/ HTTP/1.1
Host: user.nowgoal6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 17:16:37 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private
Content-Encoding: gzip
free.nowgoal.plus/ajax/GetTipsCount
23.224.77.10200 OK 316 B URL HTTP/2 free.nowgoal.plus/ajax/GetTipsCount
IP 23.224.77.10:0
File type JSON data\012- , ASCII text, with very long lines (724), with no line terminators
Hash 6ea5a8a695e2e28c1d73564c931b8f67
3f7007e53bc49847a79f9d5eaf2dd1cba7065fa7
a156e6bdc2faf5f5f796a233101485d83c1687c7b94625ddbaff9a56ad97e239
Analyzer Verdict Alert fortinet Phishing
GET /ajax/GetTipsCount HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 316
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 391
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "63d71410-1d7"
Last-Modified: Mon, 30 Jan 2023 16:57:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 93e097027f2d53e4c41ac3a4ef1b210c
83cb79e5ced32851d1c3513e4a9ab65bc9a31e93
6bcc8888fed5f48846a37f451d0517dba26cec5cf90d72082a80ab77abf05598
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/plusone.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash f8971f3ad662af35a2ca6871f8c78482
35a0b814d6ecec8deacc9aea87ce9be62b15d92b
a438d380bab44504b1ff13673a0e041c6ac6645d03926e7f076465d1fe049765
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Mon, 30 Jan 2023 17:16:38 GMT
expires: Mon, 30 Jan 2023 17:16:38 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash f1804c3911300670354afe11e728c241
9f56de8082c410112a948c42df4d3c54e29f60ce
3fb5ff9ecb952fe0b73240585a3754cb0dfa829b660c2d779a087c6d3152772d
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2ba9501498ccf17da9195a44437c7903
etag: "bdf4498e1f60b655bde454a4c1c4beb8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 30 Jan 2023 17:24:50 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 8YBMOREwBnA1Sv4R5yjCQQ==
x-fb-debug: paSIHG2HmjC+t5EvgePrkq3WW5PAF1aV4pINqHbGrrRyh3PQfNpoMnxDvX02ksuqCF50SKmbOX/djPW0u8BTPw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Mon, 30 Jan 2023 17:16:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "63d71410-1d7"
Last-Modified: Mon, 30 Jan 2023 16:57:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
free.nowgoal.plus/favicon.ico
23.224.77.10200 OK 894 B URL HTTP/2 free.nowgoal.plus/favicon.ico
IP 23.224.77.10:0
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Hash f2c460278a525c8493fc1277d6c9dea9
042799b382fc3516ef6c2af357102c5aa790b253
6d65dcb67d6d8a2cb63106d1bf5087325fa39e1c1188eb1a4bba9cf19df18583
GET /favicon.ico HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Wed, 06 Dec 2017 07:53:03 GMT
accept-ranges: bytes
etag: "8019503e676ed31:0"
date: Mon, 30 Jan 2023 17:16:52 GMT
content-length: 894
X-Firefox-Spdy: h2
free.nowgoal.plus/images/star_off.png
23.224.77.10200 OK 413 B URL HTTP/2 free.nowgoal.plus/images/star_off.png
IP 23.224.77.10:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 931f64d9452b946774c4bb0083e37095
0d6166952f782dcceba76832be4762482c2f3edf
3b4be8d81d0ae7b06868b4942eeb9b3db9306c25f2f86a8111a6fee95e655d24
GET /images/star_off.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "b6d9d139805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 413
X-Firefox-Spdy: h2
free.nowgoal.plus/images/star_on.png
23.224.77.10200 OK 364 B URL HTTP/2 free.nowgoal.plus/images/star_on.png
IP 23.224.77.10:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d8dc74ae8d8effcd784602f68eae3df4
2392b48820ca8c335bdb6e5cc731a62cc583558a
a0b9944042ea8b2e34bd4140b939d86a7f3c58410cbb524bceffd456f22572fb
GET /images/star_on.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:56 GMT
accept-ranges: bytes
etag: "21c4d239805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 364
X-Firefox-Spdy: h2
free.nowgoal.plus/images/Ng/tv.png
23.224.77.10200 OK 527 B URL HTTP/2 free.nowgoal.plus/images/Ng/tv.png
IP 23.224.77.10:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 68fa07d04f53f93a56a9cb175504593b
a7ef2d6f523bb14da0565da4297d963516dd4c2d
a031ba1e03e1e530ca68f5bcfa92cbab71428bf5de95b4e3d58041dbd03b242e
GET /images/Ng/tv.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 25 Dec 2021 07:26:26 GMT
accept-ranges: bytes
etag: "5cfbe9b960f9d71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 527
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20230106171945.gif
104.22.54.149200 OK 27 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20230106171945.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 710 x 35\012- data
Hash 0c121857b3f55a40d0d80b6b9b4e7df4
9fad3d990896a01fc444516c51a2659eab9ff5bf
fa864c2d2da99366e15ac103eec0df211b651da4211f6edd11de625facdab250
GET /mn/20230106171945.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:38 GMT
content-type: image/gif
content-length: 26960
last-modified: Fri, 06 Jan 2023 09:20:15 GMT
etag: "e3425916b021d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb423cb3b51e-OSL
X-Firefox-Spdy: h2
free.nowgoal.plus/images/allno.png
23.224.77.10200 OK 249 B URL HTTP/2 free.nowgoal.plus/images/allno.png
IP 23.224.77.10:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 967c95fd2a51105486fe25afd5e7aac0
9ffdd20bdaab8cec448907c54554d55560e0b068
f93679a9d7a471ef56720ee40c8377412bb8502dc9bba7bab675b5c0fcf8026e
GET /images/allno.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/eventStyle.less?v=638105847200000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 06 Oct 2021 09:04:20 GMT
accept-ranges: bytes
etag: "082ec2591bad71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 249
X-Firefox-Spdy: h2
free.nowgoal.plus/images/analysis.png
23.224.77.10200 OK 272 B URL HTTP/2 free.nowgoal.plus/images/analysis.png
IP 23.224.77.10:0
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 906cd7e3a205f329a038fd4d6fc50551
0c539c7ed33a3f84d36f80de2704ec1ac974bbd1
6088ea08d5cb46523ebb6a717c78a2bbd55377550fa7e572fab0fcb1e0485bbd
GET /images/analysis.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:54 GMT
accept-ranges: bytes
etag: "3e3fa39805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 272
X-Firefox-Spdy: h2
free.nowgoal.plus/images/odds.png
23.224.77.10200 OK 336 B URL HTTP/2 free.nowgoal.plus/images/odds.png
IP 23.224.77.10:0
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash ffe7e4dea5a87a5860a64aa39137b3a7
6e086cac01692fe304a41d212c1307e6efa43fcd
9986365d6b4f15bdbe1a11668a5ffd125faa4f0afbbd630a456f2b3551926fd1
GET /images/odds.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/Com/main.css?v=638106657070000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jun 2021 11:43:55 GMT
accept-ranges: bytes
etag: "71ab139805fd71:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 336
X-Firefox-Spdy: h2
free.nowgoal.plus/images/ng/t5.png
23.224.77.10200 OK 325 B URL HTTP/2 free.nowgoal.plus/images/ng/t5.png
IP 23.224.77.10:0
File type PNG image data, 16 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 554758bef9afc93ba4376d56c844fa30
cdb329fcc293318b8ad9292f26f5cd1cd37ed652
726278f740f7ae7ff2329997a2a5c7154c7191f1665c37e0803c295f464a454e
GET /images/ng/t5.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 03 Jan 2023 06:52:15 GMT
accept-ranges: bytes
etag: "80f9cbe93f1fd91:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 325
X-Firefox-Spdy: h2
free.nowgoal.plus/images/ng/matchdata.png
23.224.77.10200 OK 422 B URL HTTP/2 free.nowgoal.plus/images/ng/matchdata.png
IP 23.224.77.10:0
File type PNG image data, 19 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 20c08f93a02befbdc3c016233adcabac
484ee34900129e562d9902be457121dff7968915
9764eb98d55d7f7f7a2729513ab303ec937887dc6db560928b0b8cf0adeb5fe2
GET /images/ng/matchdata.png HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 03 Jan 2023 06:52:15 GMT
accept-ranges: bytes
etag: "80f9cbe93f1fd91:0"
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 422
X-Firefox-Spdy: h2
img_nowgoal.thscore.fun/mn/20230106171146.gif
104.22.54.149200 OK 49 kB URL HTTP/2 img_nowgoal.thscore.fun/mn/20230106171146.gif
IP 104.22.54.149:0
File type GIF image data, version 89a, 710 x 35\012- data
Hash 0b8aceebde29b538133523431ee15ff8
7dd3f4f74429f4e204a214d58368a06e26700668
fc69d8324a372149351cf04d163573b06f17c8de5f0f8c6233c0eada91599c20
GET /mn/20230106171146.gif HTTP/1.1
Host: img_nowgoal.thscore.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:38 GMT
content-type: image/gif
content-length: 48568
last-modified: Fri, 06 Jan 2023 09:12:11 GMT
etag: "a299cf5ae21d91:0"
x-powered-by: ASP.NET
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bdb423cbcb51e-OSL
X-Firefox-Spdy: h2
free.nowgoal.plus/gf/data/odds/en/runOddsData_8.txt?1675099011000
23.224.77.10200 OK 4.4 kB URL HTTP/2 free.nowgoal.plus/gf/data/odds/en/runOddsData_8.txt?1675099011000
IP 23.224.77.10:0
File type ASCII text, with very long lines (19594), with no line terminators
Hash 7f5fed498ed3d6130727163a7fcd3cd6
2eea047b80368a4fcc852a80233a0bf38cca6831
1cbaa983222c5c57bcee6cd11298402f2bdfa26a27719af766e441e66be4e865
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/odds/en/runOddsData_8.txt?1675099011000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:51 GMT
accept-ranges: bytes
etag: W/"80363a4ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 4392
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffree.nowgoal.plus HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 502403
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 8dd38092d440d9d71039ccaf8e78b5e8
d164d292dd948c30e5b871dd15027a730d421987
78d10840c0ea8608c44ecc6cd96e3a8249cd1088841a782a82b79c976daf7468
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4469
Cache-Control: max-age=133454
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Etag: "63d7504f-138"
Expires: Wed, 01 Feb 2023 06:20:52 GMT
Last-Modified: Mon, 30 Jan 2023 05:06:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
free.nowgoal.plus/Scripts/Ng/tongji.js
23.224.77.10200 OK 383 B URL HTTP/2 free.nowgoal.plus/Scripts/Ng/tongji.js
IP 23.224.77.10:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 52b10dba1ca91c8c1c7d2db5dbae253e
2e17d7d65a7470af7be3ce0248a1c5511c0b1287
dc00b2578fcf9bbe1e6d5b9c08ef8e641e99cca4bbf77a34106371ec5097e31f
Analyzer Verdict Alert fortinet Phishing
GET /Scripts/Ng/tongji.js HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 01:44:48 GMT
accept-ranges: bytes
etag: "0e87f4848a5d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 383
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=1338bcecb1b4d4f2aab38c7a95102770a4e0d05a
104.244.42.136200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=1338bcecb1b4d4f2aab38c7a95102770a4e0d05a
IP 104.244.42.136:0
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=1338bcecb1b4d4f2aab38c7a95102770a4e0d05a HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:16:38 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Mon, 30 Jan 2023 17:16:38 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 220c52135798ed9c
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 113
x-connection-hash: a02881afecad6a776fb5ad318dbded1cad3f5ff4055a21f56509f582554c7631
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-77FSGHPJTH
142.250.74.40200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-77FSGHPJTH
IP 142.250.74.40:0
File type ASCII text, with very long lines (27699)
Hash a33f71483b63cf362f194cbdd5c05eab
2e049326e2c6d36193ef9897ac575ff3e7a47bd0
e87e366ef8e620ee58c64fd0c372c703d88800b21672f99e8de9578505ac9ca6
GET /gtag/js?id=G-77FSGHPJTH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:38 GMT
expires: Mon, 30 Jan 2023 17:16:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:16:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
free.nowgoal.plus/gf/data/change_en.xml?1675099011000
23.224.77.10200 OK 257 B URL HTTP/2 free.nowgoal.plus/gf/data/change_en.xml?1675099011000
IP 23.224.77.10:0
File type XML document, ASCII text, with no line terminators
Hash 708190e9f982863aa97552ce26b2bef0
4c1801a630b4f22478b4a9d7379ca9b287c738c9
f2406d4d9ae4130c9321598b69c423bfe64e4637e15a839c84857b97563d51de
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/change_en.xml?1675099011000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:38 GMT
accept-ranges: bytes
etag: W/"7842cd9cce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:53 GMT
content-length: 257
X-Firefox-Spdy: h2
free.nowgoal.plus/images/in.gif
23.224.77.10200 OK 88 B URL HTTP/2 free.nowgoal.plus/images/in.gif
IP 23.224.77.10:0
File type GIF image data, version 89a, 3 x 8\012- data
Hash 654680cdd2420d99f2dae65391535241
a73743af5591ec33aca3bce09cc03df9d90eb10f
c4514603172ef7d32b0b391f2925506f1529fb39257079a12cdc2cf74c9c8fba
GET /images/in.gif HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Mon, 20 Jun 2022 02:19:02 GMT
accept-ranges: bytes
etag: "0ef6d1b4c84d81:0"
date: Mon, 30 Jan 2023 17:16:54 GMT
content-length: 88
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 89086667f6ed6d6b5cd0560f56590bce
3713db85315606d927b997c1da8ba9a7e04255e1
dfccfc12b8d43ed87ab681feb045bc0673b7b16250f22dcd7c8a108f4663b749
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:16:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 15:40:14 GMT
ETag: "3713db85315606d927b997c1da8ba9a7e04255e1"
Last-Modified: Mon, 30 Jan 2023 15:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2073
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bdb4b2eb0b506-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-77FSGHPJTH>m=2oe1p0&_p=480335195&cid=1016697391.1675099012&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099012&sct=1&seg=0&dl=https%3A%2F%2Ffree.nowgoal.plus%2F&dt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-77FSGHPJTH>m=2oe1p0&_p=480335195&cid=1016697391.1675099012&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099012&sct=1&seg=0&dl=https%3A%2F%2Ffree.nowgoal.plus%2F&dt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-77FSGHPJTH>m=2oe1p0&_p=480335195&cid=1016697391.1675099012&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099012&sct=1&seg=0&dl=https%3A%2F%2Ffree.nowgoal.plus%2F&dt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://free.nowgoal.plus
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://free.nowgoal.plus
date: Mon, 30 Jan 2023 17:16:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?0394be8d23ef30dfa25c2fe6e78fb15b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0394be8d23ef30dfa25c2fe6e78fb15b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (698)
Hash 308b5964345949eb03f10ba26b18707a
e1339484139276a16ca2b99557aef785fc567922
0776bbc252a0a6d6ee3af505eebf786428a1634d6428b6b8129a108b66ad7a38
GET /hm.js?0394be8d23ef30dfa25c2fe6e78fb15b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:16:39 GMT
Etag: d92d278128efc1f68897773f9666faae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8F1D47B82290C9BC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2011361190&si=0394be8d23ef30dfa25c2fe6e78fb15b&v=1.3.0&lv=1&sn=24414&r=0&ww=1280&u=https%3A%2F%2Ffree.nowgoal.plus%2F&tt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2011361190&si=0394be8d23ef30dfa25c2fe6e78fb15b&v=1.3.0&lv=1&sn=24414&r=0&ww=1280&u=https%3A%2F%2Ffree.nowgoal.plus%2F&tt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2011361190&si=0394be8d23ef30dfa25c2fe6e78fb15b&v=1.3.0&lv=1&sn=24414&r=0&ww=1280&u=https%3A%2F%2Ffree.nowgoal.plus%2F&tt=NowGoal%20Live%20Football%20Score%20%7C%20Sport%20Live%20Skor%20%7C%20Live%20Streaming%20Bola HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:16:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5D4201A596EB6A20; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
free.nowgoal.plus/gf/data/panlu_kr.js?1675099013000
23.224.77.10200 OK 4.8 kB URL HTTP/2 free.nowgoal.plus/gf/data/panlu_kr.js?1675099013000
IP 23.224.77.10:0
File type ASCII text, with CRLF line terminators
Hash 7117b587ce042e68c9e83cd42bcbe59c
e96c3d411688f8439346e6737915019ee8352c1b
4b1fa58c126b93a7af11df78a2305bef466da23a83c2ec047b0c3df5a2bb022a
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/panlu_kr.js?1675099013000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:03:31 GMT
accept-ranges: bytes
etag: W/"80b38cc7cc34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:55 GMT
content-length: 4840
X-Firefox-Spdy: h2
free.nowgoal.plus/gf/data/sbCorner.js?1675099013000
23.224.77.10200 OK 4.0 kB URL HTTP/2 free.nowgoal.plus/gf/data/sbCorner.js?1675099013000
IP 23.224.77.10:0
File type ASCII text, with very long lines (14648), with no line terminators
Hash 428081aa8713155a89a666ed62e1c72c
3f04aa49b713d8a9fcaafdb3691ce101135fc287
70aeb5a61d04bcfd979f9b709e5377c535813841e07eaca6ccee41b1eec1b6f6
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/sbCorner.js?1675099013000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:44 GMT
accept-ranges: bytes
etag: "0e636a0ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:55 GMT
content-length: 4004
X-Firefox-Spdy: h2
free.nowgoal.plus/gf/data/odds/en/ch_goal8.xml?1675099014000
23.224.77.10200 OK 1.0 kB URL HTTP/2 free.nowgoal.plus/gf/data/odds/en/ch_goal8.xml?1675099014000
IP 23.224.77.10:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1819), with no line terminators
Hash 41e109fad79a40d096a703c8f58dc658
92c61b97848cda78cd47585963d26fe52f8f224a
3b64b45d2b521290a473732e6cde36200408af9c19ea729df591252ccd906663
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/odds/en/ch_goal8.xml?1675099014000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:45 GMT
accept-ranges: bytes
etag: W/"c9ec5da1ce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:56 GMT
content-length: 1040
X-Firefox-Spdy: h2
free.nowgoal.plus/gf/data/change_en.xml?1675099014000
23.224.77.10200 OK 257 B URL HTTP/2 free.nowgoal.plus/gf/data/change_en.xml?1675099014000
IP 23.224.77.10:0
File type XML document, ASCII text, with no line terminators
Hash 708190e9f982863aa97552ce26b2bef0
4c1801a630b4f22478b4a9d7379ca9b287c738c9
f2406d4d9ae4130c9321598b69c423bfe64e4637e15a839c84857b97563d51de
Analyzer Verdict Alert fortinet Phishing
GET /gf/data/change_en.xml?1675099014000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Cookie: Hidden_MatchID=_; Hidden_SclassID=_; Filter_Type=0; _ga_77FSGHPJTH=GS1.1.1675099012.1.0.1675099012.0.0.0; _ga=GA1.1.1016697391.1675099012; Hm_lvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014; Hm_lpvt_0394be8d23ef30dfa25c2fe6e78fb15b=1675099014
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/xml
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 17:16:38 GMT
accept-ranges: bytes
etag: W/"7842cd9cce34d91:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:56 GMT
content-length: 257
X-Firefox-Spdy: h2
free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000
23.224.77.10200 OK 0 B URL HTTP/2 free.nowgoal.plus/Content/ng/diff.less?v=638106732790000000
IP 23.224.77.10:0
GET /Content/ng/diff.less?v=638106732790000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 06 Feb 2023 17:16:51 GMT
vary: *
x-aspnet-version: 4.0.30319
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 2926
X-Firefox-Spdy: h2
free.nowgoal.plus/scripts/Main/soccer/soccer_fliter.js?v=638017643370000000
23.224.77.10200 OK 0 B URL HTTP/2 free.nowgoal.plus/scripts/Main/soccer/soccer_fliter.js?v=638017643370000000
IP 23.224.77.10:0
Analyzer Verdict Alert fortinet Phishing
GET /scripts/Main/soccer/soccer_fliter.js?v=638017643370000000 HTTP/1.1
Host: free.nowgoal.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free.nowgoal.plus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 00:18:57 GMT
accept-ranges: bytes
etag: "80eee56050e3d81:0"
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:16:51 GMT
content-length: 6648
X-Firefox-Spdy: h2