Report - v88ag.com/

Report Overview

Submitted URL
v88ag.com/
IP
18.138.91.122
ASN
#16509 AMAZON-02
Submitted
2023-05-22 09:56:45
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
v88ag.com	unknown	unknown	2019-04-16	2023-03-14	466 B	102 B	18.138.91.122
fpc.detecas.com	unknown	2012-10-09	2022-05-25	2023-04-30	3.0 kB	76 kB	54.230.111.76
sc.casemed.net	unknown	unknown	2021-08-13	2023-04-01	426 B	955 B	18.244.114.10
sc.saceted.com	unknown	unknown	2021-08-14	2023-04-01	426 B	955 B	216.137.44.106
stcdn.agbong88.com	unknown	unknown	2022-06-18	2023-04-01	459 B	597 B	104.18.15.215
www.v88ag.com	unknown	unknown	2022-11-11	2023-03-12	11 kB	446 kB	104.18.15.215
sc.detecas.com	234730	unknown	2012-11-28	2023-04-01	3.8 kB	67 kB	13.224.132.93
fpp.detecas.com	unknown	unknown	No data	No data	5.0 kB	2.1 kB	210.57.28.209
stcdn.b8ag.com	unknown	unknown	2022-06-18	2023-04-01	455 B	593 B	104.18.15.215

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-22	medium	v88ag.com/
2023-05-22	medium	www.v88ag.com/assets/bundles/bootstrap-ex.min.css?v=KbvPSJ7Uu02TFSCH60JaPlCqjhY
2023-05-22	medium	www.v88ag.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
2023-05-22	medium	www.v88ag.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
2023-05-22	medium	www.v88ag.com/
2023-05-22	medium	www.v88ag.com/assets/styles/images/mode/y9.svg

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	fpc.detecas.com/api/scr/Alpha789Y	3.8 kB	2023-05-22	2023-05-22
Pretty URL fpc.detecas.com/api/scr/Alpha789Y IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen1 Hash f6ee3b8df48ea58721564a2d987bdb8a ba95debf10a4f8b83ef636e494b17b8a1ad1864a 69befcc22b6769b49d99a63f562d816c0298bfe6c61a9108cfe2688178e34fda Loading...

	sc.detecas.com/di/activator.ashx	64 kB	2023-05-22	2023-05-22
Pretty URL sc.detecas.com/di/activator.ashx IP 13.224.132.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen1 Hash ffff2b177558f1334c4fc7caf8d407a3 7e37e9d6b82536c1266fea483bc8607a968a69e9 2fb90542eaf50a017f9d875ac6479e3cbd73dc075fda110a962a166ad002d8e8 Loading...

	fpc.detecas.com/api/scr/2023042703/hl	2.0 kB	2023-05-22	2023-05-22
Pretty URL fpc.detecas.com/api/scr/2023042703/hl IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen2 Hash c5ecd5a4baaa5d78b11b51eec2765f2c a15504ac74cb0cce6f4be3f8bc4efbc883b0e518 d2af4e0852aabb7c49a07520a91fd18ff6e73c37eb936c65e788220d9d215ae3 Loading...

	sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmislTFcuIyLDoCE1HsKMwpo7TsOBccO3wpPDscObw78RwrnCmw8vecO6YcK2wrLCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOtSVlwwpfCuzxhwogoCSrCtMKnccOxJ8KyMxtAw4XCgcKSwrbCmMKNw6jCjcOWw6FBwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0wwrd4Vw0mOMOtw4o5wpAwwr%2FDt8K0woHChcKpwpHCrhUPwr3Dslk3XMK1EcOqwr0iVXwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKJw6HCoMOPw7LCncOGw5PDt8O0wqDDmMKINMKPwrfDpMOXw5Bgw4Aef3NPwoDCviXDvcKXwpHDjEvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTS0zw5ZRwpBYMnszwq7CqR8QwoVZwrQSAAzCq8OAUy9MBgoCADZWwrjDjVpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFntDdTrCqR4vwp3Cv3Ibw7jCgcKWCB5qZ0ITwpHDnsK5w5EIwoPChsOVCUkHw7%2FDpsOOMFDDjsONw4wiF8Kzw6vChcK3TQ8Gwr8yTsOcI8Kyw5bCpQ45w5fDsVYCwoHCkzFjwrLCnsOVJcOSw5TCsxtSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7DyvDlsKGbsKEwq0kw4MMOTxcEMO%2Bw4Z%2FwpXCtR8Nw7gnwpg3w7fDrwXDr8O6EsKowq7DoMKVw6vCl8OAw5k%2BSyxEHsKfek4Zw4JAw7LChUBiw5rDrGAXO0fDtcKbCcO8w7E%2Bw5zDr05ddTRhwprDoTLCnRTDikAmw7fCrg7CmcK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkRQiJsOCGsKRwqJhZF%2FDl2ovwqjDlMKHNExRw4VRw7ViAsOMwoMAVlg%2Bwoscw6hKGcKcJWoEw5vClXrCuVxUwqbDlsO0fgnDiTgNFsKXNTpbBsOew50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8OhSAc%2Bw4YP&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D	104 B	2023-05-22	2023-05-22
Pretty URL sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmislTFcuIyLDoCE1HsKMwpo7TsOBccO3wpPDscObw78RwrnCmw8vecO6YcK2wrLCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOtSVlwwpfCuzxhwogoCSrCtMKnccOxJ8KyMxtAw4XCgcKSwrbCmMKNw6jCjcOWw6FBwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0wwrd4Vw0mOMOtw4o5wpAwwr%2FDt8K0woHChcKpwpHCrhUPwr3Dslk3XMK1EcOqwr0iVXwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKJw6HCoMOPw7LCncOGw5PDt8O0wqDDmMKINMKPwrfDpMOXw5Bgw4Aef3NPwoDCviXDvcKXwpHDjEvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTS0zw5ZRwpBYMnszwq7CqR8QwoVZwrQSAAzCq8OAUy9MBgoCADZWwrjDjVpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFntDdTrCqR4vwp3Cv3Ibw7jCgcKWCB5qZ0ITwpHDnsK5w5EIwoPChsOVCUkHw7%2FDpsOOMFDDjsONw4wiF8Kzw6vChcK3TQ8Gwr8yTsOcI8Kyw5bCpQ45w5fDsVYCwoHCkzFjwrLCnsOVJcOSw5TCsxtSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7DyvDlsKGbsKEwq0kw4MMOTxcEMO%2Bw4Z%2FwpXCtR8Nw7gnwpg3w7fDrwXDr8O6EsKowq7DoMKVw6vCl8OAw5k%2BSyxEHsKfek4Zw4JAw7LChUBiw5rDrGAXO0fDtcKbCcO8w7E%2Bw5zDr05ddTRhwprDoTLCnRTDikAmw7fCrg7CmcK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkRQiJsOCGsKRwqJhZF%2FDl2ovwqjDlMKHNExRw4VRw7ViAsOMwoMAVlg%2Bwoscw6hKGcKcJWoEw5vClXrCuVxUwqbDlsO0fgnDiTgNFsKXNTpbBsOew50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8OhSAc%2Bw4YP&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D IP 13.224.132.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen2 Hash 5b9920f92ecbbb0a375a79cbe076f76c 7feb47844ba4a5208c97b3c7a0f00d88fb9a485c f4dd770a1fe72cdd8786d4fa88071c71f4881871a6e5559fe3594d15d7b72a2c Loading...

	www.v88ag.com/assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI	143 kB	2023-04-02	2023-05-22
Pretty URL www.v88ag.com/assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI IP 104.18.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-02 21:26:25 Last Seen2023-05-22 11:56:53 Times Seen2 Hash 30a2c07d239bed7c6a483904acde4445 265d09ba84492bdaae1e96fb2350cc2118160585 9cf7b5e69273b58379fbbce68ca21ea69fd5317f9481503d2680aa239d6d39e2 Loading...

	fpc.detecas.com/api/scr/2023042703/ce	3.0 kB	2023-05-22	2023-05-22
Pretty URL fpc.detecas.com/api/scr/2023042703/ce IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen1 Hash 15b5afe5e762ace3372df353b88197ea 2adb3c713e1aa683ba85ba6dac7946d92e40b896 9a72473149d21bc9d00ff2e36a68165401bc2b77592a1b089ed070e21737fa32 Loading...

	fpc.detecas.com/api/scr/2023042703/bi	1.3 kB	2023-05-22	2023-05-22
Pretty URL fpc.detecas.com/api/scr/2023042703/bi IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen2 Hash 82fc62698882652a3404de7baeedf6ad 1481317593c76dbfdbaf419f3ac951e72733ae7d 6ffa4b3c50449e89fe7b53c44e302fcd40bbb150917621991089e1d0424ab49d Loading...

	fpc.detecas.com/api/scr/2023042703/fp	45 kB	2023-05-22	2023-05-22
Pretty URL fpc.detecas.com/api/scr/2023042703/fp IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen1 Hash 022590937603d6920b10dc3e6131faf2 1c3e5088dd883ab7f648ff44e208d1e5d60e9efe f576d20696332eb5800bc58341bf1ff4074f1c5fdc1eb2b146761d826dc073ad Loading...

	www.v88ag.com/assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640	1.3 kB	2023-04-02	2023-05-22
Pretty URL www.v88ag.com/assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640 IP 104.18.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-02 21:26:25 Last Seen2023-05-22 11:56:53 Times Seen2 Hash 70e41636411199ebc4faa704ee4c330e 80e96f15e73778e4632b949015eb5f632221b331 ddc2aa663b73108b327f9db8c687198ea6f4a2aefdde30cdcb8a0353f8211e80 Loading...

	www.v88ag.com/	0 B	2023-03-07	2024-04-23
Pretty URL www.v88ag.com/ IP 104.18.15.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 14:46:44 Times Seen37020838 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	fpc.detecas.com/api/scr/2023042703/crt	18 kB	2023-05-22	2023-05-22
Pretty URL fpc.detecas.com/api/scr/2023042703/crt IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 11:56:53 Last Seen2023-05-22 11:56:53 Times Seen2 Hash 4c68d51ff16a44961b851c077edd4144 12c1a646bfb3c918f1da0f580dc8bc77ef7dbb29 229b07f087f60eb8ff8feb1e9a7ecda9464d4c66e4970c039a130a14acdc8a7d Loading...

		Size	First Seen	Last Seen
	#1 Eval - d32b5e72c27f3754718ccfceb69636b8	23 B	2023-03-07	2024-02-12
Pretty Observations First Seen2023-03-07 12:55:32 Last Seen2024-02-12 01:56:44 Times Seen8 Hash d32b5e72c27f3754718ccfceb69636b8 2a25fe0073ca2e38d5ae4d522e1a0c034fb6eca6 5177947ff2cfaa7fbcd75029a5c6f49fcedfe2c75283ec424ac78e30313c6e18 Loading...

	#2 Eval - 5affbeec13c5d9dacc3a3e45d0d8c684	26 B	2023-03-07	2024-02-12
Pretty Observations First Seen2023-03-07 12:55:32 Last Seen2024-02-12 01:56:44 Times Seen8 Hash 5affbeec13c5d9dacc3a3e45d0d8c684 65c23ae88fe925aff99d5e57c697a6bf11be16bc 5976c71bc9ff7d91d5bd4f4fecdec167fbf2d608b27ce34412e9010e75138cc0 Loading...

	#3 Eval - 8a924f9376157bbff120eb7fbeff7e1c	28 B	2023-03-07	2024-02-12
Pretty Observations First Seen2023-03-07 12:55:32 Last Seen2024-02-12 01:56:44 Times Seen8 Hash 8a924f9376157bbff120eb7fbeff7e1c e2ef4152b99ef28f7dd17622945a16db390f1a43 836fda26d86bb5faf05b428e8a1dbb092f52d956b487358768195f208086c09c Loading...

	#4 Eval - c3ef083e8e71e8de48d9700df1a58bc2	29 B	2023-03-07	2024-02-12
Pretty Observations First Seen2023-03-07 12:55:32 Last Seen2024-02-12 01:56:44 Times Seen8 Hash c3ef083e8e71e8de48d9700df1a58bc2 0254fa686423363d2671af06c8f7d3eeb5342e9a dc04e4ff47db087c390fddac59993d5b05c6f4575630d769c327491b5d85757f Loading...

	#5 Eval - 9eefc3334936084f0dcff61c44c62994	27 B	2023-03-07	2023-05-22
Pretty Observations First Seen2023-03-07 12:55:32 Last Seen2023-05-22 11:56:53 Times Seen6 Hash 9eefc3334936084f0dcff61c44c62994 7c4be48f953e5297378747d480e0ff6b4117cd0f 44074c38ab380125e256a3eaea554519b27e47f494b8abb22dadd137c60b6b90 Loading...

	#6 Eval - 2d4f5d6bd06922715b0004b44efe5fef	25 B	2023-03-07	2024-02-12
Pretty Observations First Seen2023-03-07 12:55:32 Last Seen2024-02-12 01:56:45 Times Seen8 Hash 2d4f5d6bd06922715b0004b44efe5fef e0398ff007931bc52cac9a5410be1ec6c9aa739f d9d9b52f3a6e4089c68adcc1b44f412e730fab1b25ec8e75d8d2b042fb6e52fc Loading...

HTTP Transactions (35)

URL IP Response Size

v88ag.com/

18.138.91.122

301 Moved Permanently

0 B

URL User Request GET HTTP/2
v88ag.com/
IP
18.138.91.122:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.v88ag.com
FingerprintE7:63:5A:84:56:B0:97:23:5B:12:2F:A2:C5:CC:FF:C8:9C:63:FD:DF
ValidityThu, 06 Apr 2023 17:17:03 GMT - Wed, 05 Jul 2023 17:17:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-length: 0
location: https://www.v88ag.com
X-Firefox-Spdy: h2

www.v88ag.com/assets/bundles/bootstrap-ex.min.css?v=KbvPSJ7Uu02TFSCH60JaPlCqjhY

104.18.15.215

200 OK

8.2 kB

URL GET HTTP/2
www.v88ag.com/assets/bundles/bootstrap-ex.min.css?v=KbvPSJ7Uu02TFSCH60JaPlCqjhY
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
8.2 kB (8193 bytes)
Hash
c354c0908f3cfeaaa23d09f2c9143e55
55e0d2d9ca8851e9978c0f19d2110c8489b879e2
6127e07eaeaa983f4f0a391f6e6d98c21dd92094d6ef18ca764b6f4398e2d391

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/bundles/bootstrap-ex.min.css?v=KbvPSJ7Uu02TFSCH60JaPlCqjhY HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:30 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"KbvPSJ7Uu02TFSCH60JaPlCqjhY"
last-modified: Thu, 11 May 2023 02:04:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7cb430867b08b4f7-OSL
X-Firefox-Spdy: h2

www.v88ag.com/assets/styles/images/sprites2.png

104.18.15.215

200 OK

6.0 kB

URL GET HTTP/2
www.v88ag.com/assets/styles/images/sprites2.png
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
PNG image data, 115 x 116, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5981 bytes)
Hash
086f86511b0813d1d729762d4abd4240
d5dc9fccead81ab85acd0d770bf39bd8b2c7f0a0
c79966b969c421b3c2ce86193262adaddf406717f7899a071204bc62975b2a57

HTTP Headers

GET /assets/styles/images/sprites2.png HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:31 GMT
content-type: image/png
content-length: 5981
etag: "1d983acf3150e5d"
last-modified: Thu, 11 May 2023 02:04:42 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cb4308fd97db4f7-OSL
X-Firefox-Spdy: h2

fpc.detecas.com/api/scr/gjt

54.230.111.76

200 OK

0 B

URL GET HTTP/2
fpc.detecas.com/api/scr/gjt
IP
54.230.111.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectfpc.detecas.com
Fingerprint32:00:05:6F:78:15:D6:E5:F4:C2:F5:B8:70:68:C9:F2:E7:72:25:FC
ValiditySun, 21 May 2023 01:10:36 GMT - Sat, 19 Aug 2023 01:10:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/scr/gjt HTTP/1.1
Host: fpc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control
Referer: https://www.v88ag.com/
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Mon, 22 May 2023 09:56:31 GMT
access-control-allow-headers: cache-control
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
timing-allow-origin: *
via: mly, 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-mly-id: 2fd47cbc1fd02596b43b4e94d01c5fdc
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PhADAHngcECRk7TT0-1rLrTa18mJnw6iA2Dg6UP9liIW9CFlSb1Wjw==
X-Firefox-Spdy: h2

www.v88ag.com/assets/styles/images/crossword.png

104.18.15.215

200 OK

44 kB

URL GET HTTP/2
www.v88ag.com/assets/styles/images/crossword.png
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
PNG image data, 400 x 400, 4-bit colormap, non-interlaced\012- data
Size
44 kB (43694 bytes)
Hash
b5c5ab66d8331513696fe3ec992187a0
84bc265bc6c53141f9656878b371ca93543090c0
2f23f323330dd47e39b3af4892097e56ef0cabf5980e4c2ed794f58d4f629437

HTTP Headers

GET /assets/styles/images/crossword.png HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:31 GMT
content-type: image/png
content-length: 43694
etag: "1d983acf315b3ae"
last-modified: Thu, 11 May 2023 02:04:42 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cb4308fc96bb4f7-OSL
X-Firefox-Spdy: h2

www.v88ag.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf

104.18.15.215

200 OK

217 kB

URL GET HTTP/2
www.v88ag.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans\012- data
Size
217 kB (217360 bytes)
Hash
629a55a7e793da068dc580d184cc0e31
3564ed0b5363df5cf277c16e0c6bedc5a682217f
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/styles/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:31 GMT
content-type: application/x-font-ttf
content-length: 217360
etag: "1d983acf3164810"
last-modified: Thu, 11 May 2023 02:04:42 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cb4309009c2b4f7-OSL
X-Firefox-Spdy: h2

sc.detecas.com/di/hc.html

13.224.132.93

200 OK

205 B

URL GET HTTP/2
sc.detecas.com/di/hc.html
IP
13.224.132.93:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectsc.detecas.com
Fingerprint1F:69:93:01:83:6F:DC:5B:AE:6D:CF:07:8A:82:7F:24:28:18:76:8D
ValidityFri, 05 May 2023 01:16:44 GMT - Thu, 03 Aug 2023 01:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
205 B (205 bytes)
Hash
6c89fc3e0ef5e5eb775aca0f85c7d8d8
372873c4a9e257debfcfbdf33385a7067590f362
efe1741d430f0a9a3774437ed8fcd9338b64a006420570aa89bc652cc7a823d4

HTTP Headers

GET /di/hc.html HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Mon, 22 May 2023 09:56:33 GMT
cache-control: max-age=86400
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 2f4e5a72eeac30e4d9491781ea4482a8.cloudfront.net (CloudFront)
x-mly-id: 777db73c28e91cda3b9de3fe5b60f43a
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: yJS6Bls7AromAY0NP6NkbrMkzc8o0_Gf2xWujJJz3Ny2EdIJy6fphA==
X-Firefox-Spdy: h2

sc.casemed.net/di/hc.html

18.244.114.10

200 OK

205 B

URL GET HTTP/2
sc.casemed.net/di/hc.html
IP
18.244.114.10:443
ASN
#0

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectsc.casemed.net
FingerprintC2:33:81:21:1C:15:1C:67:FD:D4:A7:02:EE:C3:CB:BE:09:7F:4B:4A
ValiditySat, 08 Apr 2023 01:01:21 GMT - Fri, 07 Jul 2023 01:01:20 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
205 B (205 bytes)
Hash
6c89fc3e0ef5e5eb775aca0f85c7d8d8
372873c4a9e257debfcfbdf33385a7067590f362
efe1741d430f0a9a3774437ed8fcd9338b64a006420570aa89bc652cc7a823d4

HTTP Headers

GET /di/hc.html HTTP/1.1
Host: sc.casemed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Mon, 22 May 2023 09:56:33 GMT
cache-control: max-age=86400
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 fe3f25790bc50bc3d0e9d4585a26a248.cloudfront.net (CloudFront)
x-mly-id: f36890f46510ff2f064034be046eb6e7
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR50-P6
x-amz-cf-id: LMJA6FtFs5meNHyj_FpaKPGX1aUrN0Qw1MtyxwS23chy19xY9MEfeA==
X-Firefox-Spdy: h2

sc.saceted.com/di/hc.html

216.137.44.106

200 OK

205 B

URL GET HTTP/2
sc.saceted.com/di/hc.html
IP
216.137.44.106:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectsc.saceted.com
FingerprintB9:27:2A:39:E6:6E:C1:6A:06:FC:5C:17:79:55:1A:64:EE:5B:B5:A5
ValiditySun, 09 Apr 2023 01:07:35 GMT - Sat, 08 Jul 2023 01:07:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
205 B (205 bytes)
Hash
6c89fc3e0ef5e5eb775aca0f85c7d8d8
372873c4a9e257debfcfbdf33385a7067590f362
efe1741d430f0a9a3774437ed8fcd9338b64a006420570aa89bc652cc7a823d4

HTTP Headers

GET /di/hc.html HTTP/1.1
Host: sc.saceted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Mon, 22 May 2023 09:56:33 GMT
cache-control: max-age=86400
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 dc934eeca08c60e0878cc8271c2e7428.cloudfront.net (CloudFront)
x-mly-id: 974efe096a8bb04ffd5c316ce9c09c62
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: eORQVs5cgMttHXNTd4aXGg47t_FrSBt3T4R6l6536ktUKMA4DeBDYQ==
X-Firefox-Spdy: h2

fpc.detecas.com/api/scr/2023042703/bi

54.230.111.76

200 OK

870 B

URL GET HTTP/2
fpc.detecas.com/api/scr/2023042703/bi
IP
54.230.111.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectfpc.detecas.com
Fingerprint32:00:05:6F:78:15:D6:E5:F4:C2:F5:B8:70:68:C9:F2:E7:72:25:FC
ValiditySun, 21 May 2023 01:10:36 GMT - Sat, 19 Aug 2023 01:10:35 GMT

File type
ASCII text, with very long lines (1255)
Size
870 B (870 bytes)
Hash
82fc62698882652a3404de7baeedf6ad
1481317593c76dbfdbaf419f3ac951e72733ae7d
6ffa4b3c50449e89fe7b53c44e302fcd40bbb150917621991089e1d0424ab49d

HTTP Headers

GET /api/scr/2023042703/bi HTTP/1.1
Host: fpc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 22 May 2023 09:56:34 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding, version, Accept-Encoding
content-encoding: gzip
timing-allow-origin: *
via: mly, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-mly-id: 1864386e3c43725f045d2d3c2621bac3
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 826Qmm70EzrynMNKF9GLcwmeTgVBpsGieRZQNnfE0biMSihNtNB-zw==
X-Firefox-Spdy: h2

fpc.detecas.com/api/scr/2023042703/hl

54.230.111.76

200 OK

1.2 kB

URL GET HTTP/2
fpc.detecas.com/api/scr/2023042703/hl
IP
54.230.111.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectfpc.detecas.com
Fingerprint32:00:05:6F:78:15:D6:E5:F4:C2:F5:B8:70:68:C9:F2:E7:72:25:FC
ValiditySun, 21 May 2023 01:10:36 GMT - Sat, 19 Aug 2023 01:10:35 GMT

File type
ASCII text, with very long lines (2027)
Size
1.2 kB (1151 bytes)
Hash
c5ecd5a4baaa5d78b11b51eec2765f2c
a15504ac74cb0cce6f4be3f8bc4efbc883b0e518
d2af4e0852aabb7c49a07520a91fd18ff6e73c37eb936c65e788220d9d215ae3

HTTP Headers

GET /api/scr/2023042703/hl HTTP/1.1
Host: fpc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 22 May 2023 09:56:34 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding, version, Accept-Encoding
content-encoding: gzip
timing-allow-origin: *
via: mly, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-mly-id: e3992b27061632c8986fea098e632480
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NHdOCckQ-PYnPMUWFwvLqDJ21TO74H-Ukm4UhFVjCm8E9EXsMn4-Ww==
X-Firefox-Spdy: h2

fpp.detecas.com/api/bi

210.57.28.209

200 OK

0 B

URL POST HTTP/1.1
fpp.detecas.com/api/bi
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/bi HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.v88ag.com/
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
date: Mon, 22 May 2023 09:56:35 GMT
access-control-allow-headers: authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

fpp.detecas.com/api/hl

210.57.28.209

204 No Content

0 B

URL OPTIONS HTTP/1.1
fpp.detecas.com/api/hl
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/hl HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.v88ag.com/
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
date: Mon, 22 May 2023 09:56:35 GMT
access-control-allow-headers: authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

fpp.detecas.com/api/fp

210.57.28.209

200 OK

0 B

URL POST HTTP/1.1
fpp.detecas.com/api/fp
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/fp HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.v88ag.com/
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
date: Mon, 22 May 2023 09:56:36 GMT
access-control-allow-headers: authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

fpp.detecas.com/api/etg/7/49fc0e25ea9b4c4c807690da61dfd7a3/9cdd3192-8147-4006-9482-353d2a5c8a2e

210.57.28.209

200 OK

0 B

URL GET HTTP/1.1
fpp.detecas.com/api/etg/7/49fc0e25ea9b4c4c807690da61dfd7a3/9cdd3192-8147-4006-9482-353d2a5c8a2e
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/etg/7/49fc0e25ea9b4c4c807690da61dfd7a3/9cdd3192-8147-4006-9482-353d2a5c8a2e HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Content-Type: text/plain
Cache-Control: max-age=31536000, immutable, no-cache
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache

HTTP/1.1 200 OK
content-length: 0
date: Mon, 22 May 2023 09:56:36 GMT
access-control-allow-origin: *
cache-control: max-age=600, private
etag: 9cdd3192-8147-4006-9482-353d2a5c8a2e
vary: Accept-Encoding
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

fpp.detecas.com/api/ce

210.57.28.209

204 No Content

0 B

URL OPTIONS HTTP/1.1
fpp.detecas.com/api/ce
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/ce HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSIsIm5iZiI6MTY4NDc0OTM5MiwiZXhwIjoxNjg0NzUyOTkyLCJpYXQiOjE2ODQ3NDkzOTIsImlzcyI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSJ9.iUO_22cdfHy_KX1uP-_ypVNOys7HbgsHbvSWygQCnLI
Content-Length: 174
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
content-length: 0
date: Mon, 22 May 2023 09:56:35 GMT
access-control-allow-origin: *
cache-control: max-age=600, private
vary: Accept-Encoding
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

fpp.detecas.com/api/bi

210.57.28.209

200 OK

0 B

URL POST HTTP/1.1
fpp.detecas.com/api/bi
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/bi HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSIsIm5iZiI6MTY4NDc0OTM5MiwiZXhwIjoxNjg0NzUyOTkyLCJpYXQiOjE2ODQ3NDkzOTIsImlzcyI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSJ9.iUO_22cdfHy_KX1uP-_ypVNOys7HbgsHbvSWygQCnLI
Content-Length: 258
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
content-length: 0
date: Mon, 22 May 2023 09:56:36 GMT
access-control-allow-origin: *
cache-control: max-age=600, private
vary: Accept-Encoding
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

fpp.detecas.com/api/hl

210.57.28.209

204 No Content

0 B

URL OPTIONS HTTP/1.1
fpp.detecas.com/api/hl
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/hl HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSIsIm5iZiI6MTY4NDc0OTM5MiwiZXhwIjoxNjg0NzUyOTkyLCJpYXQiOjE2ODQ3NDkzOTIsImlzcyI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSJ9.iUO_22cdfHy_KX1uP-_ypVNOys7HbgsHbvSWygQCnLI
Content-Length: 322
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
content-length: 0
date: Mon, 22 May 2023 09:56:35 GMT
access-control-allow-origin: *
cache-control: max-age=600, private
vary: Accept-Encoding
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

fpp.detecas.com/api/fp

210.57.28.209

200 OK

0 B

URL POST HTTP/1.1
fpp.detecas.com/api/fp
IP
210.57.28.209:443
ASN
#4637 Telstra Global

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subject*.detecas.com
FingerprintB7:BD:73:7B:1A:5E:16:DF:CC:5E:9C:76:CC:C8:61:EE:B2:80:0F:8C
ValidityFri, 07 Apr 2023 03:27:53 GMT - Thu, 06 Jul 2023 03:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/fp HTTP/1.1
Host: fpp.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88ag.com/
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSIsIm5iZiI6MTY4NDc0OTM5MiwiZXhwIjoxNjg0NzUyOTkyLCJpYXQiOjE2ODQ3NDkzOTIsImlzcyI6Ii8vZnBjLmRldGVjYXMuY29tL2FwaSJ9.iUO_22cdfHy_KX1uP-_ypVNOys7HbgsHbvSWygQCnLI
Content-Length: 2906
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
content-length: 0
date: Mon, 22 May 2023 09:56:36 GMT
access-control-allow-origin: *
cache-control: max-age=600, private
vary: Accept-Encoding
set-cookie: serverid=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmislTFcuIyLDoCE1HsKMwpo7TsOBccO3wpPDscObw78RwrnCmw8vecO6YcK2wrLCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOtSVlwwpfCuzxhwogoCSrCtMKnccOxJ8KyMxtAw4XCgcKSwrbCmMKNw6jCjcOWw6FBwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0wwrd4Vw0mOMOtw4o5wpAwwr%2FDt8K0woHChcKpwpHCrhUPwr3Dslk3XMK1EcOqwr0iVXwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKJw6HCoMOPw7LCncOGw5PDt8O0wqDDmMKINMKPwrfDpMOXw5Bgw4Aef3NPwoDCviXDvcKXwpHDjEvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTS0zw5ZRwpBYMnszwq7CqR8QwoVZwrQSAAzCq8OAUy9MBgoCADZWwrjDjVpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFntDdTrCqR4vwp3Cv3Ibw7jCgcKWCB5qZ0ITwpHDnsK5w5EIwoPChsOVCUkHw7%2FDpsOOMFDDjsONw4wiF8Kzw6vChcK3TQ8Gwr8yTsOcI8Kyw5bCpQ45w5fDsVYCwoHCkzFjwrLCnsOVJcOSw5TCsxtSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7DyvDlsKGbsKEwq0kw4MMOTxcEMO%2Bw4Z%2FwpXCtR8Nw7gnwpg3w7fDrwXDr8O6EsKowq7DoMKVw6vCl8OAw5k%2BSyxEHsKfek4Zw4JAw7LChUBiw5rDrGAXO0fDtcKbCcO8w7E%2Bw5zDr05ddTRhwprDoTLCnRTDikAmw7fCrg7CmcK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkRQiJsOCGsKRwqJhZF%2FDl2ovwqjDlMKHNExRw4VRw7ViAsOMwoMAVlg%2Bwoscw6hKGcKcJWoEw5vClXrCuVxUwqbDlsO0fgnDiTgNFsKXNTpbBsOew50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8OhSAc%2Bw4YP&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D

13.224.132.93

200 OK

104 B

URL GET HTTP/2
sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmislTFcuIyLDoCE1HsKMwpo7TsOBccO3wpPDscObw78RwrnCmw8vecO6YcK2wrLCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOtSVlwwpfCuzxhwogoCSrCtMKnccOxJ8KyMxtAw4XCgcKSwrbCmMKNw6jCjcOWw6FBwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0wwrd4Vw0mOMOtw4o5wpAwwr%2FDt8K0woHChcKpwpHCrhUPwr3Dslk3XMK1EcOqwr0iVXwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKJw6HCoMOPw7LCncOGw5PDt8O0wqDDmMKINMKPwrfDpMOXw5Bgw4Aef3NPwoDCviXDvcKXwpHDjEvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTS0zw5ZRwpBYMnszwq7CqR8QwoVZwrQSAAzCq8OAUy9MBgoCADZWwrjDjVpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFntDdTrCqR4vwp3Cv3Ibw7jCgcKWCB5qZ0ITwpHDnsK5w5EIwoPChsOVCUkHw7%2FDpsOOMFDDjsONw4wiF8Kzw6vChcK3TQ8Gwr8yTsOcI8Kyw5bCpQ45w5fDsVYCwoHCkzFjwrLCnsOVJcOSw5TCsxtSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7DyvDlsKGbsKEwq0kw4MMOTxcEMO%2Bw4Z%2FwpXCtR8Nw7gnwpg3w7fDrwXDr8O6EsKowq7DoMKVw6vCl8OAw5k%2BSyxEHsKfek4Zw4JAw7LChUBiw5rDrGAXO0fDtcKbCcO8w7E%2Bw5zDr05ddTRhwprDoTLCnRTDikAmw7fCrg7CmcK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkRQiJsOCGsKRwqJhZF%2FDl2ovwqjDlMKHNExRw4VRw7ViAsOMwoMAVlg%2Bwoscw6hKGcKcJWoEw5vClXrCuVxUwqbDlsO0fgnDiTgNFsKXNTpbBsOew50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8OhSAc%2Bw4YP&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D
IP
13.224.132.93:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectsc.detecas.com
Fingerprint1F:69:93:01:83:6F:DC:5B:AE:6D:CF:07:8A:82:7F:24:28:18:76:8D
ValidityFri, 05 May 2023 01:16:44 GMT - Thu, 03 Aug 2023 01:16:43 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
5b9920f92ecbbb0a375a79cbe076f76c
7feb47844ba4a5208c97b3c7a0f00d88fb9a485c
f4dd770a1fe72cdd8786d4fa88071c71f4881871a6e5559fe3594d15d7b72a2c

HTTP Headers

GET /di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmislTFcuIyLDoCE1HsKMwpo7TsOBccO3wpPDscObw78RwrnCmw8vecO6YcK2wrLCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOtSVlwwpfCuzxhwogoCSrCtMKnccOxJ8KyMxtAw4XCgcKSwrbCmMKNw6jCjcOWw6FBwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0wwrd4Vw0mOMOtw4o5wpAwwr%2FDt8K0woHChcKpwpHCrhUPwr3Dslk3XMK1EcOqwr0iVXwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKJw6HCoMOPw7LCncOGw5PDt8O0wqDDmMKINMKPwrfDpMOXw5Bgw4Aef3NPwoDCviXDvcKXwpHDjEvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTS0zw5ZRwpBYMnszwq7CqR8QwoVZwrQSAAzCq8OAUy9MBgoCADZWwrjDjVpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFntDdTrCqR4vwp3Cv3Ibw7jCgcKWCB5qZ0ITwpHDnsK5w5EIwoPChsOVCUkHw7%2FDpsOOMFDDjsONw4wiF8Kzw6vChcK3TQ8Gwr8yTsOcI8Kyw5bCpQ45w5fDsVYCwoHCkzFjwrLCnsOVJcOSw5TCsxtSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7DyvDlsKGbsKEwq0kw4MMOTxcEMO%2Bw4Z%2FwpXCtR8Nw7gnwpg3w7fDrwXDr8O6EsKowq7DoMKVw6vCl8OAw5k%2BSyxEHsKfek4Zw4JAw7LChUBiw5rDrGAXO0fDtcKbCcO8w7E%2Bw5zDr05ddTRhwprDoTLCnRTDikAmw7fCrg7CmcK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkRQiJsOCGsKRwqJhZF%2FDl2ovwqjDlMKHNExRw4VRw7ViAsOMwoMAVlg%2Bwoscw6hKGcKcJWoEw5vClXrCuVxUwqbDlsO0fgnDiTgNFsKXNTpbBsOew50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8OhSAc%2Bw4YP&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 104
server: nginx
date: Mon, 22 May 2023 09:56:36 GMT
cache-control: private, max-age=2592000
last-modified: Fri, 07 May 2021 09:43:21 GMT
etag: 406658ccf85b6996b3938730cb991ea57f1da1fba4c2bd69cb55b07b09668d1e
set-cookie: SameSite=None; Secure
(global.c3)=406658ccf85b6996b3938730cb991ea57f1da1fba4c2bd69cb55b07b09668d1e; expires=Sun, 22-May-2033 09:56:36 GMT; path=/
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 84e2de61192ccb090a6d645d1117e3ea.cloudfront.net (CloudFront)
x-mly-id: 7be59bd4405745f84a26d966b3be30e9
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: rGO824tgK3lqpQgoGl-hJIspItF_B60OSM_n3L-cOh1TtH6cyt7ecA==
X-Firefox-Spdy: h2

www.v88ag.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k

104.18.15.215

200 OK

9.4 kB

URL GET HTTP/2
www.v88ag.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
ASCII text, with very long lines (9455), with no line terminators
Size
9.4 kB (9431 bytes)
Hash
6ffb12aad04b988736c391aa08c3371c
a16a0826e7cfc25d9128c207e99d012f95c80091
4ceb7b688132b0c3465233fd991ccf9a261664e8877b241196a36cbe0d325e79

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:31 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"aLpigf5SDzKO_s6iMJWann6NT6k"
last-modified: Thu, 11 May 2023 02:04:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7cb430867b0bb4f7-OSL
X-Firefox-Spdy: h2

www.v88ag.com/assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640

104.18.15.215

200 OK

1.3 kB

URL GET HTTP/2
www.v88ag.com/assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1279), with no line terminators
Size
1.3 kB (1253 bytes)
Hash
eeb1e45be8f63fb5418c6e382822ff75
f846ff3cc34bb70d46d5146c8d488c4730aa6e85
fe51effefe51e0aef12db08942d788600a6c35dafdf83ca02063c7ff7b11c3ac

HTTP Headers

GET /assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640 HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:30 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"5vBF7QsZhkjzfmvu0AMbv2w2640"
last-modified: Thu, 11 May 2023 02:04:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7cb430867b15b4f7-OSL
X-Firefox-Spdy: h2

www.v88ag.com/favicon.ico

104.18.15.215

200 OK

1.2 kB

URL GET HTTP/2
www.v88ag.com/favicon.ico
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
23a27fbf4dc1a97dc2b7d27ab763c3c2
142dab028705bce2748867f60bd871208ccc51f8
208479e9579799b5c17a89b4b7ffb7a0895eff3b6a8240c213cff121c54a655b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=; hidLanguage=en-US; LANGUAGE=en-US
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:33 GMT
content-type: image/x-icon
etag: W/"1d983dd8cf4be7e"
last-modified: Thu, 11 May 2023 07:52:36 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cb430984e58b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fpc.detecas.com/api/scr/2023042703/fp

54.230.111.76

200 OK

45 kB

URL GET HTTP/2
fpc.detecas.com/api/scr/2023042703/fp
IP
54.230.111.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectfpc.detecas.com
Fingerprint32:00:05:6F:78:15:D6:E5:F4:C2:F5:B8:70:68:C9:F2:E7:72:25:FC
ValiditySun, 21 May 2023 01:10:36 GMT - Sat, 19 Aug 2023 01:10:35 GMT

File type

Size
45 kB (44839 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/scr/2023042703/fp HTTP/1.1
Host: fpc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 22 May 2023 09:56:34 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding, version, Accept-Encoding
content-encoding: gzip
timing-allow-origin: *
via: mly, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-mly-id: 73c2d0987443413eeec76ebcc868168d
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2GtWvkiuTodDZyYmhmuFe9VnlcKe4v22Bhpcu775h5XOitz0L7y6Lg==
X-Firefox-Spdy: h2

fpc.detecas.com/api/scr/2023042703/crt

54.230.111.76

200 OK

18 kB

URL GET HTTP/2
fpc.detecas.com/api/scr/2023042703/crt
IP
54.230.111.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectfpc.detecas.com
Fingerprint32:00:05:6F:78:15:D6:E5:F4:C2:F5:B8:70:68:C9:F2:E7:72:25:FC
ValiditySun, 21 May 2023 01:10:36 GMT - Sat, 19 Aug 2023 01:10:35 GMT

File type
ASCII text, with very long lines (18505)
Size
18 kB (18506 bytes)
Hash
4c68d51ff16a44961b851c077edd4144
12c1a646bfb3c918f1da0f580dc8bc77ef7dbb29
229b07f087f60eb8ff8feb1e9a7ecda9464d4c66e4970c039a130a14acdc8a7d

HTTP Headers

GET /api/scr/2023042703/crt HTTP/1.1
Host: fpc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 22 May 2023 09:56:33 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding, version, Accept-Encoding
content-encoding: gzip
timing-allow-origin: *
via: mly, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-mly-id: 7863c8bf019b91ab977fc199bc1e47fb
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TX8SfM2e-Jo0TZZwZvqhOn8HC7XheXPKUtWhNjU3S0bVl4NlyHfiqA==
X-Firefox-Spdy: h2

www.v88ag.com/assets/bundles/alpha.slider-captcha.css?v=2j9ergGXsmAi7zHzcasoWP4lzk8

104.18.15.215

200 OK

3.9 kB

URL GET HTTP/2
www.v88ag.com/assets/bundles/alpha.slider-captcha.css?v=2j9ergGXsmAi7zHzcasoWP4lzk8
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
ASCII text, with very long lines (3858), with no line terminators
Size
3.9 kB (3858 bytes)
Hash
6fa3915342aadd98f3708845d313e3f3
7acdd9618d7a7b65c46e7c5aff34e4f4ade64584
75baa72682d87076e5829c63a8794cc5107fd1ad410e9ddcc2a60766bfa13c8f

HTTP Headers

GET /assets/bundles/alpha.slider-captcha.css?v=2j9ergGXsmAi7zHzcasoWP4lzk8 HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:30 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"2j9ergGXsmAi7zHzcasoWP4lzk8"
last-modified: Thu, 11 May 2023 02:04:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7cb430867b0db4f7-OSL
X-Firefox-Spdy: h2

stcdn.agbong88.com/bundles/common/hc.css?v=1684749391221

104.18.15.215

200 OK

6 B

URL GET HTTP/2
stcdn.agbong88.com/bundles/common/hc.css?v=1684749391221
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.agbong88.com
FingerprintBD:69:15:97:03:9B:EE:29:30:7B:FF:9A:D3:10:B5:89:A4:26:CF:7D
ValidityWed, 12 Apr 2023 00:45:56 GMT - Tue, 11 Jul 2023 00:45:55 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
307cc22fa7769c09386c1c90fe36bbc6
0bdc3e3fac9af166a28963995cfee4d7d5911401
5f546eb4606b5c2b7d2a449a5cc2bbb477ed5a246c7051ce871b12f2dbfc8419

HTTP Headers

GET /bundles/common/hc.css?v=1684749391221 HTTP/1.1
Host: stcdn.agbong88.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:32 GMT
content-type: text/css
last-modified: Tue, 09 May 2023 02:34:06 GMT
etag: W/"6459b11e-6"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
set-cookie: __cf_bm=ncZWV_p3L.zKJ6Dae6S7x8Oj0PpWUtc926dB7wUfGgU-1684749392-0-Aaab/OzGxJzyWHcuT2TQRk9fckFWPHXyi2XbmSSV/K0dLoN7vGyVR4SaDyQWgL6eHGCRhW0768N7hiWeu5drz7o=; path=/; expires=Mon, 22-May-23 10:26:32 GMT; domain=.stcdn.agbong88.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7cb43092a87c0b69-OSL
X-Firefox-Spdy: h2

www.v88ag.com/assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI

104.18.15.215

200 OK

143 kB

URL GET HTTP/2
www.v88ag.com/assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type

Size
143 kB (143443 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:30 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"UNxL6IYV3VXJ2C_tpnkSWUkojUI"
last-modified: Thu, 11 May 2023 02:04:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7cb430867b13b4f7-OSL
X-Firefox-Spdy: h2

fpc.detecas.com/api/scr/Alpha789Y

54.230.111.76

200 OK

3.8 kB

URL GET HTTP/2
fpc.detecas.com/api/scr/Alpha789Y
IP
54.230.111.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectfpc.detecas.com
Fingerprint32:00:05:6F:78:15:D6:E5:F4:C2:F5:B8:70:68:C9:F2:E7:72:25:FC
ValiditySun, 21 May 2023 01:10:36 GMT - Sat, 19 Aug 2023 01:10:35 GMT

File type
ASCII text, with very long lines (3962), with no line terminators
Size
3.8 kB (3826 bytes)
Hash
2c6973e89dd5ffe7992f7ef267bf01d1
5e787b009d10112d374ea4751c502daba95feb11
2d911299e069bffa05c1a4278f5881ca3a4e201ba72376be675fcace2d8966de

HTTP Headers

GET /api/scr/Alpha789Y HTTP/1.1
Host: fpc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 22 May 2023 09:56:31 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding, version
timing-allow-origin: *
via: mly, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-mly-id: 0021c099aa7e6889943717765d7a0df2
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0hCVRsFFRNfLEs4tVZ4H7fK_BtbUjPGcw8ekGbv6z5WHjp3aFtOUlg==
X-Firefox-Spdy: h2

fpc.detecas.com/api/scr/2023042703/ce

54.230.111.76

200 OK

3.0 kB

URL GET HTTP/2
fpc.detecas.com/api/scr/2023042703/ce
IP
54.230.111.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectfpc.detecas.com
Fingerprint32:00:05:6F:78:15:D6:E5:F4:C2:F5:B8:70:68:C9:F2:E7:72:25:FC
ValiditySun, 21 May 2023 01:10:36 GMT - Sat, 19 Aug 2023 01:10:35 GMT

File type
ASCII text, with very long lines (3010), with no line terminators
Size
3.0 kB (2966 bytes)
Hash
cafd348444ce47d9053850dd540c45c2
282c45e1051955949307ca3c90729e91f21dba10
738dbcda6f34743501ba40ec7e5eb307160c7c93236b5a8483d5856df4985c2c

HTTP Headers

GET /api/scr/2023042703/ce HTTP/1.1
Host: fpc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 22 May 2023 09:56:34 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding, version, Accept-Encoding
content-encoding: gzip
timing-allow-origin: *
via: mly, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-mly-id: cb7e5c98096989a6bef4feb0e3f65e0b
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iUIy8aylL1NaD5DH0XuT-T8MRcwFF3hbAnDsnp2rqIYUoEu2vIyIww==
X-Firefox-Spdy: h2

www.v88ag.com/

104.18.15.215

200 OK

6.2 kB

URL User Request GET HTTP/2
www.v88ag.com/
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6713), with no line terminators
Size
6.2 kB (6240 bytes)
Hash
f295836e938b2cf334564ac52c1abc5b
c5c69d0bd539e88e476fbb447de1809553b5df31
67a0ae2b68bb27dbf4f94ff23c17f3cb07acf749d1554d40d25420cb852c417a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:29 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache,no-store
expires: -1
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __utms=19D7D7827B98F8ACD27566482C2786; expires=Tue, 23 May 2023 09:56:29 GMT; domain=www.v88ag.com; path=/; httponly
.AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; path=/; samesite=strict; httponly
.AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; path=/; samesite=lax; httponly
__cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=; path=/; expires=Mon, 22-May-23 10:26:29 GMT; domain=.www.v88ag.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7cb4307d0b7ab4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

sc.detecas.com/di/activator.ashx

13.224.132.93

200 OK

64 kB

URL GET HTTP/2
sc.detecas.com/di/activator.ashx
IP
13.224.132.93:443
ASN
#16509 AMAZON-02

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectsc.detecas.com
Fingerprint1F:69:93:01:83:6F:DC:5B:AE:6D:CF:07:8A:82:7F:24:28:18:76:8D
ValidityFri, 05 May 2023 01:16:44 GMT - Thu, 03 Aug 2023 01:16:43 GMT

File type

Size
64 kB (64352 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /di/activator.ashx HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
date: Mon, 22 May 2023 09:56:33 GMT
cache-control: private, max-age=600
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 84e2de61192ccb090a6d645d1117e3ea.cloudfront.net (CloudFront)
x-mly-id: e97d75f36eea4289f869edda9f84c851
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: lqM465Tv_kVuirJR8VlOY7FQr6OlxOtoaxVK-EDiBrtDnImziWD9VA==
X-Firefox-Spdy: h2

sc.detecas.com/di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0a241c98845aaf1fd87291dbec663d3c

0.0.0.0

0 B

URL POST
sc.detecas.com/di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0a241c98845aaf1fd87291dbec663d3c
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.v88ag.com/
Certificate
IssuerLet's Encrypt
Subjectsc.detecas.com
Fingerprint1F:69:93:01:83:6F:DC:5B:AE:6D:CF:07:8A:82:7F:24:28:18:76:8D
ValidityFri, 05 May 2023 01:16:44 GMT - Thu, 03 Aug 2023 01:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0a241c98845aaf1fd87291dbec663d3c HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2517
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.v88ag.com/assets/styles/images/mode/y9.svg

104.18.15.215

200 OK

645 B

URL GET HTTP/2
www.v88ag.com/assets/styles/images/mode/y9.svg
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.v88ag.com
FingerprintB8:48:17:F9:F4:3A:C0:41:45:64:A4:39:B0:10:B1:08:A3:E1:4B:01
ValidityWed, 12 Apr 2023 00:49:57 GMT - Tue, 11 Jul 2023 00:49:56 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (666), with no line terminators
Size
645 B (645 bytes)
Hash
cabc293033198b8e4731685baad7d87a
b12988fb0378b98fe804119ec300cb3eeaf1991f
a5026e2634384e14bd343f99e35b664d96018e987cda897865ac895b907847eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/styles/images/mode/y9.svg HTTP/1.1
Host: www.v88ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
Cookie: __utms=19D7D7827B98F8ACD27566482C2786; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QADGs0Csxn_BbLcmgwDmxl5BOqS8J-XjRRYBjU0dwt7roA2OMAPS7YONDaeD1sPhBUBFlvXm2a2fdK08OsfRC5-ryJIFMrVESU1JDO5G6M5R-j5_VWpqfXsdQwbWCg2NRo; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCQDZNv7JS%2FD4TbMn4Q9s8S%2BWeoYSFhhqeK3KbSQoGl8d3cqp17ZFzE%2F1tNHZxjxge9IwVb5zAenRIJPffp5o7Cv98jNF505S9C0aP0XZXdgs1YYvgc2bIRKccKQFtPDtIYT8QRiv5rfemZEPa1MfcJ; __cf_bm=SOcGShg_Vci09t4Q_B0BZrWTRjRHrABjjGU25qufNCs-1684749389-0-AbqEhDNwInmjktFmBv6FMJubSH1u2TiQYuU9pnR685FBH0FFggPRpze1Y7rPQz56G7XGLA3EsGiSmp/A/wotXDc=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:31 GMT
content-type: image/svg+xml
etag: W/"1d983acf3151b85"
last-modified: Thu, 11 May 2023 02:04:42 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cb4308fc979b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

stcdn.b8ag.com/bundles/common/hc.css?v=1684749391219

104.18.15.215

200 OK

6 B

URL GET HTTP/2
stcdn.b8ag.com/bundles/common/hc.css?v=1684749391219
IP
104.18.15.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.v88ag.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.b8ag.com
Fingerprint24:AB:A9:ED:10:90:40:CC:7E:E3:72:C0:59:FD:B2:92:5C:BE:1F:57
ValidityWed, 12 Apr 2023 00:46:06 GMT - Tue, 11 Jul 2023 00:46:05 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
307cc22fa7769c09386c1c90fe36bbc6
0bdc3e3fac9af166a28963995cfee4d7d5911401
5f546eb4606b5c2b7d2a449a5cc2bbb477ed5a246c7051ce871b12f2dbfc8419

HTTP Headers

GET /bundles/common/hc.css?v=1684749391219 HTTP/1.1
Host: stcdn.b8ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.v88ag.com
DNT: 1
Connection: keep-alive
Referer: https://www.v88ag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 09:56:33 GMT
content-type: text/css
last-modified: Tue, 09 May 2023 02:34:06 GMT
etag: W/"6459b11e-6"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
set-cookie: __cf_bm=fonvN1tUlBlbTIMd7o1ziq05VE8WtSMp9na1rsHRVXk-1684749393-0-AeZdtfirVG08R5gj57kjbLg+V8b4KeLqYXpv6SHycA2K+/jAbpQB6zGYZWBKV8q6d6QwZKEsvai1ujjFOx0wgiE=; path=/; expires=Mon, 22-May-23 10:26:33 GMT; domain=.stcdn.b8ag.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7cb43092aa51b51d-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML