trk.trackingbakflow.com/t/MTA0Ml80ODc5/
35.241.7.124302 Found 0 B URL HTTP/1.1 trk.trackingbakflow.com/t/MTA0Ml80ODc5/
IP 35.241.7.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/MTA0Ml80ODc5/ HTTP/1.1
Host: trk.trackingbakflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 11 Mar 2023 19:08:37 GMT
Content-Length: 0
Location: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
X-Rt: 2
Set-Cookie: sess_63e4ffa8d7ba0c205e0ad2fb=628e2a0db4dcd908805a29af; expires=Sat, 18 Mar 2023 19:08:38 GMT; path=/; HttpOnly
Via: 1.1 google
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3995
Expires: Sat, 11 Mar 2023 20:15:13 GMT
Date: Sat, 11 Mar 2023 19:08:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 99824e6e553dd5649b1d199589a6dab2
00b2c24f6ef22620045c3b2ef7a63ea9ac8cc0a2
3a4695284040436fd256023da7d39bab8b16f8a2d4f7105c0f995f610dcab2d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A4695284040436FD256023DA7D39BAB8B16F8A2D4F7105C0F995F610DCAB2D2"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Sat, 11 Mar 2023 21:54:01 GMT
Date: Sat, 11 Mar 2023 19:08:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1a564ae484daef6a82bb08116ad794eb
f75350abf28a42c16324901035889a1f3af700a1
225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16801
Expires: Sat, 11 Mar 2023 23:48:40 GMT
Date: Sat, 11 Mar 2023 19:08:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 11 Mar 2023 18:09:09 GMT
content-type: application/json
age: 3570
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9YwcFpq4KUshUVzmUO+TkV3Kd/CyPncJLgpyfT7NeDXVsdPSl6/10iLgoLn+Z5EWzp5lwm2RH4c=
x-amz-request-id: R7XWP51H4Y19CJFM
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 11 Mar 2023 18:45:39 GMT
age: 1380
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 19:08:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
141.98.90.18200 OK 8.5 kB URL HTTP/1.1 www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1483), with CRLF, LF line terminators
Hash 21aa564da60edae553104655472db0ce
b2f944c52f04d4d8f3d2a7b3daf4299639674290
3fce5502c3c688d9901d7e1fc30aabe2268c915d75aa5348c1ff37f7f728bafa
GET /?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb= HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
code.jquery.com/jquery-3.4.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 19:08:39 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1678561719.dop021.sk1.t,1678561719.cds001.sk1.hn,1678561719.cds201.sk1.c
X-Firefox-Spdy: h2
www.webgamesgroup.com/css/115-appear.css
141.98.90.18200 OK 8.4 kB URL HTTP/1.1 www.webgamesgroup.com/css/115-appear.css
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type assembler source, ASCII text
Hash 23b99fe2e5c615ac1ef51629fab25f15
e068f53b93d351be14beb1de30db054b22ebb84f
ea5114c245c56727cfb23e31eb03ae159d2fe6d81ddaa665d8ccfef20cfec781
GET /css/115-appear.css HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: text/css
Content-Length: 8380
Connection: keep-alive
Last-Modified: Mon, 08 Aug 2022 15:25:19 GMT
ETag: "62f12adf-20bc"
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/omC5kdcviWw
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/omC5kdcviWw
IP 142.250.74.131:0
Hash 37454095496e14c9770e79150ec18186
4be2b2ece5ca11d88807aa60730876c39dac1a49
4983d923dffdfd4069ca6d7e9b104fdc84e2d2f253678fb5750fd4e94237a89f
POST /s/gts1p5/omC5kdcviWw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 19:08:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pushworld2.xyz/ace-push.js
104.21.94.95200 OK 4.4 kB URL HTTP/2 pushworld2.xyz/ace-push.js
IP 104.21.94.95:0
File type ASCII text, with very long lines (2087)
Hash 535f5f80958e4acda08101fde2bd8a40
535fdf05f44369ca536331a9bced558f83712313
08f70d83329561cdeb7b8b43c4627731eff49b060e8b59aa63a908f6dd059d60
GET /ace-push.js HTTP/1.1
Host: pushworld2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 19:08:39 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=13985
etag: W/"1d946c8565586a1"
last-modified: Wed, 22 Feb 2023 14:17:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kjU5LmaSv8Qds3FmmIu21nTHx6oLZUcwdlm8EK6WVfOCh7LVAasS2NtTiuESFbfHw%2F3L75zYaMG05RhStpdeAdXENAS9uUEP1EJ1vZFtrzCfN%2Bni4PrlwJekXRvXZFfpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66165afe891bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 11 Mar 2023 19:06:46 GMT
age: 113
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.webgamesgroup.com/js/115-thestand.js
141.98.90.18200 OK 1.1 kB URL HTTP/1.1 www.webgamesgroup.com/js/115-thestand.js
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type HTML document, ASCII text, with very long lines (1129)
Hash 6bd3a51644f9d3cb41a0aad680b0c151
df7a955505dcbdfebe3751b88d10b1136d560450
a158cc809400a61ce49004d39e4b585991d3fd4e935b08cca314ea4b79f65c0b
Analyzer Verdict Alert fortinet Phishing
GET /js/115-thestand.js HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: application/javascript
Content-Length: 1130
Connection: keep-alive
Last-Modified: Mon, 08 Aug 2022 15:27:25 GMT
ETag: "62f12b5d-46a"
Accept-Ranges: bytes
www.webgamesgroup.com/css/115-index.css
141.98.90.18200 OK 20 kB URL HTTP/1.1 www.webgamesgroup.com/css/115-index.css
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type assembler source, ASCII text
Hash 6ae419a5fb07c8cced13599e71682c4f
f1a5b083482903ed50660a347a0e3f4b5e377bc8
e39f9c5306e877772e01001eb10f5234fde62624a77c67cf2bc5f85a0132b241
GET /css/115-index.css HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: text/css
Content-Length: 19628
Connection: keep-alive
Last-Modified: Mon, 08 Aug 2022 15:23:05 GMT
ETag: "62f12a59-4cac"
Accept-Ranges: bytes
www.webgamesgroup.com/images/secure1.png
141.98.90.18200 OK 3.2 kB URL HTTP/1.1 www.webgamesgroup.com/images/secure1.png
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7154d5a363fcfa8553caabf2998c98f2
d6880dce09104e5a5316f6663d7a72852d7b2a2f
6fa1996e350236b3b2427804baff4672e991bb1ee942cd749b62f43134c81369
GET /images/secure1.png HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: image/png
Content-Length: 3217
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2019 10:01:16 GMT
ETag: "5dfc9bec-c91"
Accept-Ranges: bytes
www.webgamesgroup.com/images/secure2.png
141.98.90.18200 OK 2.9 kB URL HTTP/1.1 www.webgamesgroup.com/images/secure2.png
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 7730bc66025ca4d800d235089631ff10
b09ea5503764c03fecb0022af532e4ffa6d33be1
e9846a5c43ea69813d973e44146575a5ef3a76616f7c22c5c163b7bcf82bfea9
GET /images/secure2.png HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: image/png
Content-Length: 2916
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2019 10:01:16 GMT
ETag: "5dfc9bec-b64"
Accept-Ranges: bytes
www.webgamesgroup.com/images/682730_euro299.png
141.98.90.18200 OK 23 kB URL HTTP/1.1 www.webgamesgroup.com/images/682730_euro299.png
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 187 x 183, 8-bit/color RGBA, non-interlaced\012- data
Hash 698f18cf92fc929ad5668ad688c722e4
f03db49b45715ecc5da28dfed85cc679228513bc
65f6b038a82062a29a469beec77f391509139ea833d374a0547188c9a80218b5
GET /images/682730_euro299.png HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: image/png
Content-Length: 23142
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 12:12:28 GMT
ETag: "639b0f2c-5a66"
Accept-Ranges: bytes
www.webgamesgroup.com/images/iPhone-14-No-Background.png
141.98.90.18200 OK 84 kB URL HTTP/1.1 www.webgamesgroup.com/images/iPhone-14-No-Background.png
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 231 x 395, 8-bit/color RGBA, non-interlaced\012- data
Hash c7cb0aa148baac3cdfa83df0599918f9
22d30c875f0e9d8e54ee9ae9354509c6ac314146
dc8d45a19c23fa4a7056a9fcb5c869d6c44ef3314658c676fcb8071e7c574eba
GET /images/iPhone-14-No-Background.png HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: image/png
Content-Length: 84088
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 14:54:10 GMT
ETag: "63dd2012-14878"
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d960a8d21b339ab0d7987e3b1eb16fdc
08d4430c549151295ee4e1dc8f24dbd3d9456b0b
522b75aa714f87a716a9a693a7c3ed1cab6e5b1725f20a67df46dec2967b5960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "522B75AA714F87A716A9A693A7C3ED1CAB6E5B1725F20A67DF46DEC2967B5960"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5417
Expires: Sat, 11 Mar 2023 20:38:56 GMT
Date: Sat, 11 Mar 2023 19:08:39 GMT
Connection: keep-alive
www.webgamesgroup.com/images/secure3.png
141.98.90.18200 OK 3.0 kB URL HTTP/1.1 www.webgamesgroup.com/images/secure3.png
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 140 x 60, 8-bit colormap, non-interlaced\012- data
Hash 49ce47d7b75cd4c9ebf33a96ad588834
d331bf5584e6f00961942b7ce693093bfae7ea48
7c33a402486be20064bb9b175a03957ecbc0e7ad71ebb3b9887c22222412a1ff
GET /images/secure3.png HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: image/png
Content-Length: 2961
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2019 10:01:16 GMT
ETag: "5dfc9bec-b91"
Accept-Ranges: bytes
pushserve.xyz/api/v1/visit
20.50.64.3200 OK 0 B URL HTTP/2 pushserve.xyz/api/v1/visit
IP 20.50.64.3:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.webgamesgroup.com/
Origin: https://www.webgamesgroup.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 19:08:39 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
set-cookie: TiPMix=44.78882318633089; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 0
X-Firefox-Spdy: h2
www.webgamesgroup.com/images/iPhone-14-Pro-PNG-Photos.png
141.98.90.18200 OK 469 kB URL HTTP/1.1 www.webgamesgroup.com/images/iPhone-14-Pro-PNG-Photos.png
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 1207 x 630, 8-bit/color RGBA, non-interlaced\012- data
Size 469 kB (469246 bytes)
Hash 69c1fd8b56499704ce33d8116a7c7231
a684b2b21732e421572cf6e455428bab4a11fd19
6b5d58134ce4e048ff7777c6c31eab067218cb2fda3ef2a6a24bbd00f9cce308
GET /images/iPhone-14-Pro-PNG-Photos.png HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=1579f695a&transaction_id=640cd1b68d9b7003470e4fcf&info1=1042_&fb=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:39 GMT
Content-Type: image/png
Content-Length: 469246
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 14:55:13 GMT
ETag: "63dd2051-728fe"
Accept-Ranges: bytes
pushserve.xyz/api/v1/visit
20.50.64.3200 OK 1.4 kB URL HTTP/2 pushserve.xyz/api/v1/visit
IP 20.50.64.3:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1379), with no line terminators
Hash 385fd84dbe1f956e9147af4f59cd5f74
5f8af4d8bcab7d7cf9ef4e2389eeb9a0f300f243
1b07defc3d3b2be2fa243addb1217e7af977f44a17e51ec57a46cc8dd4d4a58a
Analyzer Verdict Alert fortinet Phishing
POST /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.webgamesgroup.com/
Content-type: application/json
Origin: https://www.webgamesgroup.com
Content-Length: 403
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sat, 11 Mar 2023 19:08:39 GMT
server: Kestrel
access-control-allow-origin: *
set-cookie: TiPMix=65.94660180724591; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 1379
X-Firefox-Spdy: h2
www.webgamesgroup.com/md-service-worker.js
141.98.90.18200 OK 130 B URL HTTP/1.1 www.webgamesgroup.com/md-service-worker.js
IP 141.98.90.18:0
ASN #61317 Ipxo Uk Limited
Hash 0c240e30215718c100547f25d0704fe8
2a198bb266a112e60c680daaffe20b5540a5e1a8
0679ce54472d3e6155664533b9ffc9f1c69f8cf45ab5360e32eb53d9f6c26c0c
Analyzer Verdict Alert fortinet Phishing
GET /md-service-worker.js HTTP/1.1
Host: www.webgamesgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sat, 11 Mar 2023 19:08:40 GMT
Content-Type: application/javascript
Content-Length: 130
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 09:08:51 GMT
ETag: "627b7d23-82"
Accept-Ranges: bytes
push.services.mozilla.com/
54.149.31.172101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.31.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yFcYQC7guayN1cdW0Jc7ig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G26UbtZJ9IbcwnpBYMbhY+/UEg8=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5788
Expires: Sat, 11 Mar 2023 20:45:09 GMT
Date: Sat, 11 Mar 2023 19:08:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5788
Expires: Sat, 11 Mar 2023 20:45:09 GMT
Date: Sat, 11 Mar 2023 19:08:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0af9826-fade-456f-baa4-11909578478d.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0af9826-fade-456f-baa4-11909578478d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e828c35d1a85eabbe81b801d6b1ad33
040b83c5c73a4b02c65e44408b8f2385e0002791
5c27268f33fc448dc3824ae0ad3ed411a204fbc076a3356b3381b2495036c6a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0af9826-fade-456f-baa4-11909578478d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7384
x-amzn-requestid: d70a1ba5-1bc7-427b-b1cf-cc93b97c2b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BlZLmGTmoAMF7lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ba249-05a5a68e7d2e2b343b802da1;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 21:34:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: AwAUbn-HKAtgtrxYTeDFUIYTT4oLbXJA9wEI1VPsuDJhUNKK3_UHRg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Mar 2023 21:50:49 GMT
age: 76672
etag: "040b83c5c73a4b02c65e44408b8f2385e0002791"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4074a978-99d0-47aa-8c85-466557c98632.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4074a978-99d0-47aa-8c85-466557c98632.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57a25c00fa7cdf85ee8a0c2c7747ec92
47f208a0c9379c760d2cd7bb3d825dcff10ecaf1
91398352ace48027b953778032d734318460d3a1c80ee674586bd2e8df241946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4074a978-99d0-47aa-8c85-466557c98632.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6461
x-amzn-requestid: 9a3e415b-c4d0-4160-941e-7cd26795e573
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BlZKREojIAMFTtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ba241-16c54b003338f3c90bd958fc;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HvTlSmLWd1U6wcxMNnArtsw4Cjy4ZgyMsqPz1sUlNDluHhvlmy8oIA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Mar 2023 21:50:49 GMT
age: 76672
etag: "47f208a0c9379c760d2cd7bb3d825dcff10ecaf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af6ca30-ca1c-47f5-b5d3-50da9648b6c5.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af6ca30-ca1c-47f5-b5d3-50da9648b6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c23372c93f0515a6133f5adc26c1712
3c8388cf727cb7007308ee0b42da57f5f0db489a
e24a8f21c65c6bc26698c85adb81f3712f4df9ab2dbe8075a77ea947640f8be6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af6ca30-ca1c-47f5-b5d3-50da9648b6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5512
x-amzn-requestid: db69d563-a267-49fd-a63a-9de5282ac108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BlZKRGW-IAMFmuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ba241-69cb4960369f1da8583e36db;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: pU47Uf1OAos6ZmhKohYesj3ZDaImrzXzul-FQ5DRSh_A25EK7S8GmA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Mar 2023 21:51:55 GMT
etag: "3c8388cf727cb7007308ee0b42da57f5f0db489a"
content-type: image/jpeg
age: 76606
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1d9563-2bb7-4a5d-bd0d-a3950608df7a.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1d9563-2bb7-4a5d-bd0d-a3950608df7a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad3d235a450782752b4d698aed69f5e5
dbe55775ec1fb59c27102c6d83a5aace982118bf
47e2d3149bda22636f5fea2b41123665c29148732152fad9cefcb3e5cc97dfba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1d9563-2bb7-4a5d-bd0d-a3950608df7a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6547
x-amzn-requestid: dabd0159-a37e-4dbd-8dcc-2e0edca6a52e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BZhygEY1IAMFq2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6406e342-0dd395d2452b24d97bf5bcee;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 07:09:54 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: lP11kbg00wpULg9PdAg3KMLdX8z57Q-MI-Hxa3cXye0TtDNErvjAnA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 13:19:08 GMT
age: 20973
etag: "dbe55775ec1fb59c27102c6d83a5aace982118bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76ea6f1d-d65b-4550-b727-09d6d7e7fab3.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76ea6f1d-d65b-4550-b727-09d6d7e7fab3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4d9295781f434de5c7731590c186d0c
c19364899056b4283f99b30df0074ad57e367be5
d35e5d7597d510f3de4b5d84ed5e3cbe22f54e5760a4f88e6e806b7a0386d973
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76ea6f1d-d65b-4550-b727-09d6d7e7fab3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7383
x-amzn-requestid: 8ea3fffc-3018-4b8f-8286-e4bd6f8757e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BjbaIGzOoAMF1Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ad90d-7c56ff1d305ea8cb3c2d8cdd;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 07:15:25 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: N_3qH36AsdQCYUle5th8sIU4rdDtsk9tEuxR8C2fRLBGcAZuXaBgVw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 16:47:33 GMT
age: 8468
etag: "c19364899056b4283f99b30df0074ad57e367be5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a3e2fcb-dbf5-4fe9-a56c-b36d9c8bdd3b.gif
34.120.237.76200 OK 510 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a3e2fcb-dbf5-4fe9-a56c-b36d9c8bdd3b.gif
IP 34.120.237.76:0
File type GIF image data, version 89a, 296 x 148\012- data
Size 510 kB (509554 bytes)
Hash 8aaaf2f10ef3b4bdba0a3e87363f431a
2395f71c326974fad24daac2eae607dda08a2c26
2612bdecbf6dc5e349d69c92bd557d35b41b3672d361f343d19123d0ce72de9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a3e2fcb-dbf5-4fe9-a56c-b36d9c8bdd3b.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 509554
x-amzn-requestid: 358fb422-72a7-4e2a-b173-2f57ec2b5f51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BfjO0HCGoAMFrrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64094bf8-2ac79d011c36a5ee28c36d64;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 03:01:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: zLT96BrXwF1sZAxojd9GWpDdKkDj741TruR6scOYhSZK2HljA_6fZA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 03:37:03 GMT
age: 55898
etag: "2395f71c326974fad24daac2eae607dda08a2c26"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 19:08:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 08/03/2021 15:44:07
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 72292ca7a393da9d388c402f68f6a70c
cdn-cache: HIT
cf-cache-status: HIT
age: 4457954
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a66165a4e3a0b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.bundle.min.js
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.bundle.min.js
IP 104.18.10.207:0
GET /bootstrap/4.5.2/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 19:08:39 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 11/06/2021 00:04:39
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 5f341eef5fe34a539eef0a1a4aa4b7a2
cdn-cache: HIT
cf-cache-status: HIT
age: 24008116
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a66165a6e590b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.8.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.8.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.8.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 19:08:39 GMT
content-type: text/css
x-amz-id-2: kUevwWVC7+ZA8dgkwn+HZv0bHm3V3ZMRf21iJcMuboHQpuqomZBxvE6OQ1rr8xRFYmzKhRBeiNo=
x-amz-request-id: 34H4XSXXRKFS10PT
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1029451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMKa3MyIv1ZyeYqojTIwx%2Btb%2BtoT5%2FA9qdEM3WEQ0vi2R6AOJgWuSdcANsNrKMN8VJygpKkqg57wfEidPbOTsBWqFC4pY8fve8sfkg%2FtfAaNfmIPPD2JTSv2HOFLU29HNmS3dERZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66165ac9f076fb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2