Report - elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter

Report Overview

Visited public
2023-10-03 04:06:48
Tags
URL
elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Finishing URL
web-connectmz.cf/index.php
IP / ASN
198.54.115.12
#22612 NAMECHEAP-NET
Title
Symbiosis: A Cross-Chain Engine and Liquidity Protocol

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-02 18:12:06	1.7 kB	3.5 kB	142.250.74.67
web-connectmz.cf	unknown	unknown	2022-02-06 21:50:31	2023-09-11 13:55:22	1.0 kB	411 kB	172.67.195.120
framerusercontent.com	unknown	2019-04-29	2019-05-01 19:48:10	2023-09-29 13:04:40	1.4 kB	58 kB	143.204.55.79
jscdnweb.pages.dev	unknown	2020-09-02	2023-09-19 19:17:27	2023-09-20 00:42:20	437 B	1.8 MB	172.66.45.14
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-02 22:25:51	1.0 kB	27 kB	142.250.74.42
upload.wikimedia.org	2215	2003-03-16	2012-05-21 11:39:45	2023-10-02 08:26:31	475 B	2.2 kB	185.15.59.240
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-02 21:16:04	1.6 kB	81 kB	216.58.211.3
elittvplayer.com	unknown	2021-11-20	2021-11-20 20:42:41	2023-09-13 17:21:19	1.1 kB	20 kB	198.54.115.12
api.telegram.org	38509	2003-12-15	2015-06-25 12:09:00	2023-09-30 12:58:27	628 B	402 B	149.154.167.220
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-10-02 18:12:03	1.4 kB	123 kB	151.101.65.229
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-10-02 21:05:15	330 B	964 B	104.18.15.101
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-02 18:35:58	858 B	288 kB	104.17.24.14
ocsp.godaddy.com	698	1999-03-02	2012-05-20 21:28:57	2023-10-02 18:17:37	330 B	2.6 kB	192.124.249.22
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12 16:01:39	2023-10-02 21:02:57	340 B	863 B	143.204.48.16
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-10-02 18:43:43	2.7 kB	304 kB	104.16.126.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-08-04	medium	elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter	Optus

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js	ScriptElement	68 kB	2023-07-11	2025-05-08
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 17:54 Last Seen2025-05-08 21:23 Times Seen390 Hash 0aaaa3278d29d8b8d9b3795f60d3b836 519ef68609c1f595ee6a9cbb7660e4c8585a0d41 b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa Loading...

	web-connectmz.cf/index.php	ScriptElement	925 B	2023-09-03	2024-08-21
Pretty URL web-connectmz.cf/index.php IP 172.67.195.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-03 05:22 Last Seen2024-08-21 07:34 Times Seen11 Hash 10749f2f7371ac58d759eb15cebbf49a 7b179acb777dabdf59b8f163e50195d462c78fcd 977cfcd185c7e8bbd5e286f3ac2e343915fe066db04c98918baaf90ad6acec2a Loading...

	cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js	ScriptElement	323 kB	2023-03-07	2025-05-08
Pretty URL cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-05-08 21:23 Times Seen597 Hash ca1104de538caea2d54265fbe90916b4 d6c416e5d153f500f7ac66d25a2b73db45867ad4 10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0 Loading...

	cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js	ScriptElement	638 kB	2023-07-13	2025-05-08
Pretty URL cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 05:39 Last Seen2025-05-08 21:23 Times Seen403 Hash 1932881debf364cfed402e1d0c7a54e3 e53d84ee93cb7c4eae82bdce939e80307b2cb1b1 e95c1fc6aaa308b9bbfc7ba359f34b57c65e4932440416441fe7c8864ccbdd84 Loading...

	unknown	Function	1.5 kB	2023-06-07	2025-04-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-07 22:44 Last Seen2025-04-05 12:45 Times Seen382 Hash 1884ef3dcd9482d5f21c955b13eab060 bce91cb9cb511d0cd0a19f8f0fc5bfe03f3fbabf 938cde8b9179eff487eed4b7e1d743302676b96ee0286cc8c2e095160e147db6 Loading...

	web-connectmz.cf/index.php	ScriptElement	1.1 kB	2024-08-21	2024-08-21
Pretty URL web-connectmz.cf/index.php IP 172.67.195.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:19 Last Seen2024-08-21 05:19 Times Seen1 Hash cf5cbfb20ba01b1c1f420b4526402e96 62e24821a044a86142092b755d83ebf5ada0aa16 55cefea1a49d8a8ee80540f481c8417c1cc47dc474711831250465ed2d248f5c Loading...

	unpkg.com/@web3modal/ethereum@2.6.2	ImportedModule	237 B	2023-07-04	2025-04-18
Pretty URL unpkg.com/@web3modal/ethereum@2.6.2 IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-07-04 01:31 Last Seen2025-04-18 11:42 Times Seen125 Hash fad3fe239fd356bc775d0b30587a6e4f ae832884e1984b9e1fc2290d02acd59a54a23d5f 094505bbeb108003566526df8766f6fd81d6b8370ff7a8ca028231b03a1ea5e8 Loading...

	unpkg.com/@web3modal/html@2.6.2/dist/cdn/bundle-b8834a0a.js	ImportedModule	37 kB	2023-07-04	2025-03-09
Pretty URL unpkg.com/@web3modal/html@2.6.2/dist/cdn/bundle-b8834a0a.js IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-07-04 01:31 Last Seen2025-03-09 17:46 Times Seen54 Hash f32d774c4e65c2cac328d7757c3d6593 569303988803333c963252244985d6c9a3ad8437 d34ca4f2119f427ff0b01cddb7c7f154ee76c1e019e90046d1e10fbeaa80dc5b Loading...

	unpkg.com/@web3modal/html@2.6.2	ImportedModule	100 B	2023-07-04	2025-03-09
Pretty URL unpkg.com/@web3modal/html@2.6.2 IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-07-04 01:31 Last Seen2025-03-09 17:46 Times Seen40 Hash 71732cecb51f228b975df19459f80d6b cc0bade975a82a5bbe7819324469a88fb00e7476 2a44a9669de7ad5f44abd353e880db9bafcba4222e1efcff5151ae3d3afea669 Loading...

	jscdnweb.pages.dev/chair.js	ScriptElement	1.8 MB	2024-08-21	2024-08-21
Pretty URL jscdnweb.pages.dev/chair.js IP 172.66.45.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 05:19 Last Seen2024-08-21 05:19 Times Seen1 Hash 0204e1bddbfb728de6fa4fc6fd17addb 02b1bfabba76c1e8f53e9302d6eb9c4511a36ffb 38098d89694b4e7afc5e1ec5f222719e5e38f861f05056dba2c59119c6d61149 Loading...

	unknown	Function	34 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-09 01:36 Times Seen67022 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js	ScriptElement	760 kB	2023-03-13	2025-05-08
Pretty URL cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:48 Last Seen2025-05-08 21:23 Times Seen735 Hash 71f8c498e792c6179d4e2840228f777a b651545587f6257345dc3de9ddaa444b10dedf3e a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73 Loading...

	unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js	ImportedModule	263 kB	2023-07-04	2025-04-18
Pretty URL unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-07-04 01:31 Last Seen2025-04-18 11:42 Times Seen178 Hash 7d8348176a8bb75544030d3f2be92d49 03d81ce4b033dd99566148c33f77b56fa37e2135 89e11baee7d5cf5645ec30f3b92208f4497867d4cab79823180d9be9021b79d9 Loading...

HTTP Transactions (34)

URL IP Response Size

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8b5e4f3cc6bc5f0a99ce8cc7dc0a3da4
3f5d72a47193ec5ec25950dd5ff9fcf89bc0671f
0be8850b8a46360cc5aacea9c75f42628feb1da7bc97212456f5d4e6d685bc43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 03 Oct 2023 04:06:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 03 Oct 2023 01:15:25 GMT
Expires: Tue, 10 Oct 2023 01:15:24 GMT
Etag: "3f5d72a47193ec5ec25950dd5ff9fcf89bc0671f"
Cache-Control: max-age=593934,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8102501058aa5696-OSL

ocsp.pki.goog/gts1c3

142.250.74.67

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e5f6e486c8889a5acbd7d70a581183ba
d405bd576e9d403941292dd76fba7df0314cbe86
b4dfaae022a707cd4f7135ba4ff1a6627b426e49d9a636e585be06a9b7fbbef0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 03 Oct 2023 04:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

142.250.74.42

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1114 bytes)
Hash
a16fe0541ade8ee3d105c1ae0de00bcd
0944b9c3b1fd911f24f9b8e04736a3e72ed58b7e
764fc1ff5e6b38a24528c71384d0d3ccb1aa00a836a17e81af7a830e958aa39c

HTTP Headers

GET /css2?family=Roboto:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elittvplayer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 03 Oct 2023 04:06:30 GMT
date: Tue, 03 Oct 2023 04:06:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/4/4b/Cloudflare_Logo.svg

185.15.59.240

200 OK

1.1 kB

URL GET HTTP/2
upload.wikimedia.org/wikipedia/commons/4/4b/Cloudflare_Logo.svg
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint91:D4:DD:DD:2F:F9:18:E0:19:07:D8:6B:C7:54:54:F1:1A:8F:2C:DC
ValidityThu, 27 Oct 2022 00:00:00 GMT - Fri, 17 Nov 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1282), with CRLF line terminators
Size
1.1 kB (1085 bytes)
Hash
96d1034eeb5030037d35cef580e500c4
fe98bd4813947f1e98e0484f13056ecb3f2234f1
c530b1a42e8e554fddfe8dd0210d6d1a53772d35a9c42be3f960c7d56edc77de

HTTP Headers

GET /wikipedia/commons/4/4b/Cloudflare_Logo.svg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elittvplayer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:30 GMT
server: ATS/9.1.4
etag: W/96d1034eeb5030037d35cef580e500c4
content-type: image/svg+xml
x-object-meta-sha1base36: tqmopw82mq0784hevwsnt11wm3vlng1
last-modified: Thu, 19 May 2022 02:20:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cache: cp3078 hit, cp3078 miss
x-cache-status: hit-local
server-timing: cache;desc="hit-local", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
content-length: 1085
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.67

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
32f2305a36b37feb95f082367d6e8964
9eb1ecece89eb335dfa3be60f006503592455da5
0d68b687e8760f8f620648ce22b0f7450d09a1bf2dbb49db79b9266166e88547

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 03 Oct 2023 04:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.67

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
32f2305a36b37feb95f082367d6e8964
9eb1ecece89eb335dfa3be60f006503592455da5
0d68b687e8760f8f620648ce22b0f7450d09a1bf2dbb49db79b9266166e88547

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 03 Oct 2023 04:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://elittvplayer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Sep 2023 15:25:53 GMT
expires: Fri, 27 Sep 2024 15:25:53 GMT
cache-control: public, max-age=31536000
age: 391237
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter

198.54.115.12

200 OK

18 kB

URL User Request GET HTTP/2
elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
IP
198.54.115.12:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectwww.elittvplayer.com
FingerprintA6:6E:DD:31:DF:3D:31:B9:D0:C1:2B:C8:E3:22:36:10:02:B2:81:E7
ValidityMon, 21 Nov 2022 00:00:00 GMT - Tue, 21 Nov 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
18 kB (17976 bytes)
Hash
68320e331da7098a13d07c78b5677705
6591b0cdb0ebec5d8f9bdb2b72c34952aabcd81d
e45550e324ec28b3424115b88db740793a97c0ca40d6bfd0c6f63d747f8e11ae

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Optus

HTTP Headers

GET /cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter HTTP/1.1
Host: elittvplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.1.33
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 03 Oct 2023 04:06:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.67

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
32f2305a36b37feb95f082367d6e8964
9eb1ecece89eb335dfa3be60f006503592455da5
0d68b687e8760f8f620648ce22b0f7450d09a1bf2dbb49db79b9266166e88547

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 03 Oct 2023 04:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.22

2.1 kB

URL
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
2.1 kB (2108 bytes)
Hash
cd3f21f7ff67c55426ca965d086ff128
566960427bc4572998d829539eb48178d13a5871
98b31637ade257f3018a9f3d3078bd8e61a40fa447d50ab12a52388adc30f38b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 03 Oct 2023 04:06:30 GMT
Content-Type: application/ocsp-response
Content-Length: 2108
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 02 Oct 2023 18:45:53 GMT
Expires: Tue, 03 Oct 2023 18:45:53 GMT
ETag: "566960427bc4572998d829539eb48178d13a5871"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

api.telegram.org/bot5012014330:AAGtPyoCzaK0-lum1XbvhnOH1wUWrjF8XPc/sendMessage?chat_id=1459095103&text=%3Cb%3E%D0%91%D1%8B%D0%BB%20%D0%BF%D0%B5%D1%80%D0%B5%D1%85%D0%BE%D0%B4%3A%20%3C%2Fb%3Eelittvplayer.com&parse_mode=HTML

149.154.167.220

401 Unauthorized

58 B

URL GET HTTP/2
api.telegram.org/bot5012014330:AAGtPyoCzaK0-lum1XbvhnOH1wUWrjF8XPc/sendMessage?chat_id=1459095103&text=%3Cb%3E%D0%91%D1%8B%D0%BB%20%D0%BF%D0%B5%D1%80%D0%B5%D1%85%D0%BE%D0%B4%3A%20%3C%2Fb%3Eelittvplayer.com&parse_mode=HTML
IP
149.154.167.220:443
ASN
#62041 Telegram Messenger Inc

Requested by
https://elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Certificate
IssuerGoDaddy.com, Inc.
Subjectapi.telegram.org
Fingerprint8A:10:B5:B9:B1:57:AB:DA:19:74:5B:AB:62:1F:38:03:72:FE:8E:47
ValiditySun, 26 Mar 2023 07:39:18 GMT - Fri, 26 Apr 2024 07:39:18 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
6ae1b54e98226870d93f3305dbe946d4
5d4d6a7d7c61697e96f98fd8f40f3cdedfad8ace
5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948

HTTP Headers

GET /bot5012014330:AAGtPyoCzaK0-lum1XbvhnOH1wUWrjF8XPc/sendMessage?chat_id=1459095103&text=%3Cb%3E%D0%91%D1%8B%D0%BB%20%D0%BF%D0%B5%D1%80%D0%B5%D1%85%D0%BE%D0%B4%3A%20%3C%2Fb%3Eelittvplayer.com&parse_mode=HTML HTTP/1.1
Host: api.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elittvplayer.com/
Origin: https://elittvplayer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 401 Unauthorized
server: nginx/1.18.0
date: Tue, 03 Oct 2023 04:06:30 GMT
content-type: application/json
content-length: 58
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
X-Firefox-Spdy: h2

elittvplayer.com/favicon.ico

198.54.115.12

404 Not Found

2.0 kB

URL GET HTTP/2
elittvplayer.com/favicon.ico
IP
198.54.115.12:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Certificate
IssuerSectigo Limited
Subjectwww.elittvplayer.com
FingerprintA6:6E:DD:31:DF:3D:31:B9:D0:C1:2B:C8:E3:22:36:10:02:B2:81:E7
ValidityMon, 21 Nov 2022 00:00:00 GMT - Tue, 21 Nov 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2044)
Size
2.0 kB (2000 bytes)
Hash
ae93dd336dd80f9815a1c7fb7184e398
fa0ee4c6eef49c1ac973583a861108d7657b16f2
a89db72a867a76f4bd7c6b3bcdd8002fb6c785934cc3a437ae156174e0678e2d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: elittvplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
last-modified: Thu, 24 Oct 2019 18:35:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2000
date: Tue, 03 Oct 2023 04:06:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js

104.17.24.14

200 OK

147 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65470)
Size
147 kB (147285 bytes)
Hash
1932881debf364cfed402e1d0c7a54e3
e53d84ee93cb7c4eae82bdce939e80307b2cb1b1
e95c1fc6aaa308b9bbfc7ba359f34b57c65e4932440416441fe7c8864ccbdd84

HTTP Headers

GET /ajax/libs/web3/4.0.3/web3.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 147285
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ad8555-23f55"
last-modified: Tue, 11 Jul 2023 16:37:41 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6491032
expires: Sun, 22 Sep 2024 04:06:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eLdXUmcFXTfbxyaHp9ek4ny2OLA9W0WSSAxnQlxEcgCQ08Ekr35KAdLuT6n77EdewGyu8A%2B1r6qmPEl1YaBi4XDEu4gYh6zsiL7ZzQAp5aCNMmoGeWmKPipoOiFhoddc4daEElv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 810250425d6356bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.min.css

151.101.65.229

200 OK

4.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.min.css
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (23850)
Size
4.6 kB (4573 bytes)
Hash
d849077e8b4cc93dd5c925165f2cded4
496b8e753292cc78d4964d94eee5c250d53ca13a
ee3512f8c59eaa415d996f68ce467b98f6a0cfe42631bb0196df90dccb04f855

HTTP Headers

GET /npm/sweetalert2@11.7.16/dist/sweetalert2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.7.16
x-jsd-version-type: version
etag: W/"5d2b-SWuOdTKSzHjUlk2U7uXCUNU8oTo"
content-encoding: br
accept-ranges: bytes
date: Tue, 03 Oct 2023 04:06:37 GMT
age: 2401612
x-served-by: cache-fra-eddf8230093-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4573
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js

104.17.24.14

200 OK

139 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
139 kB (139139 bytes)
Hash
71f8c498e792c6179d4e2840228f777a
b651545587f6257345dc3de9ddaa444b10dedf3e
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73

HTTP Headers

GET /ajax/libs/ethers/5.7.2/ethers.umd.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 139139
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "649429ee-21f83"
last-modified: Thu, 22 Jun 2023 11:01:02 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2820557
expires: Sun, 22 Sep 2024 04:06:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7x2KbT71Ufy3fDZYIUBAjx3L0VrX6c9SbftbkC2qBLEew6HjKREWeJrLsotXH3V%2FINqT0xgAJHgTGC28hJTLZjJaaV9O%2FGaBys7orPXoOg13WmikFgS%2F4sVc%2B2%2BmRwE6basOSZOy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 810250425d6a56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js

151.101.65.229

200 OK

97 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (43040)
Size
97 kB (96826 bytes)
Hash
ca1104de538caea2d54265fbe90916b4
d6c416e5d153f500f7ac66d25a2b73db45867ad4
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0

HTTP Headers

GET /gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
content-encoding: br
accept-ranges: bytes
date: Tue, 03 Oct 2023 04:06:37 GMT
age: 6768
x-served-by: cache-fra-etou8220058-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 96826
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.67

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e5f6e486c8889a5acbd7d70a581183ba
d405bd576e9d403941292dd76fba7df0314cbe86
b4dfaae022a707cd4f7135ba4ff1a6627b426e49d9a636e585be06a9b7fbbef0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 03 Oct 2023 04:06:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js

151.101.65.229

200 OK

19 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (43691)
Size
19 kB (19370 bytes)
Hash
0aaaa3278d29d8b8d9b3795f60d3b836
519ef68609c1f595ee6a9cbb7660e4c8585a0d41
b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa

HTTP Headers

GET /npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.16
x-jsd-version-type: version
etag: W/"10917-UZ72hgnB9ZXuapy7dmDkyFhaDUE"
content-encoding: br
accept-ranges: bytes
date: Tue, 03 Oct 2023 04:06:37 GMT
age: 1823926
x-served-by: cache-fra-eddf8230055-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19370
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e75e8580837013915368d7cace6b9839
5782d709ce1c44f604d24bb077e855d3603907ee
aafdf86fe5deb0b3f85fe7b8eae2109cb6df6dde816a9ef4090deea41e1bcd2a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 03 Oct 2023 04:06:38 GMT
Server: ECAcc (amb/6AC3)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bd8ccU1O2UfTqieRTgZyGPaF2iZR4gXCTF-lY4liO27zBLvG554gyA==

framerusercontent.com/images/fVFMFwoDyPOsicoxcavlZR5vPM.webp

143.204.55.79

200 OK

15 kB

URL GET HTTP/2
framerusercontent.com/images/fVFMFwoDyPOsicoxcavlZR5vPM.webp
IP
143.204.55.79:443
ASN
#16509 AMAZON-02

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerAmazon
Subjectframerusercontent.com
FingerprintCF:C8:99:1A:13:F2:84:B3:2A:B6:7E:80:8D:5C:8D:0A:8A:35:7D:71
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 15 Feb 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
15 kB (15181 bytes)
Hash
c5fc1357bc5cc4837630c89c480d1b40
29d080b3679741f735e7dbfbeb56c125b6b19f38
9228eb1f5e7b6b656ef25af751457bfa67cf49821802704411e3c77c96bcfba0

HTTP Headers

GET /images/fVFMFwoDyPOsicoxcavlZR5vPM.webp HTTP/1.1
Host: framerusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: CloudFront
date: Thu, 28 Sep 2023 00:49:47 GMT
x-amzn-trace-id: root=1-6514cdab-37189fc36a0ec0b628386b07;sampled=1;lineage=f456f256:0
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amzn-requestid: a0287caf-0cf4-4de3-8e99-f70208e981e2
vary: Accept
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9xhBQd8VkW-86TdhJ7xLA3Z7duuG5rt5daB0fyDjFo6paWXKhBDs-Q==
age: 443810
X-Firefox-Spdy: h2

web-connectmz.cf/isfGB272qOpPewxPbbiwesDHRM.svg

172.67.195.120

200 OK

48 kB

URL GET HTTP/3
web-connectmz.cf/isfGB272qOpPewxPbbiwesDHRM.svg
IP
172.67.195.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectweb-connectmz.cf
Fingerprint77:9F:82:2D:1C:69:C5:00:CC:5D:B2:6C:32:61:D4:F3:72:E1:C2:71
ValidityThu, 24 Aug 2023 17:26:45 GMT - Wed, 22 Nov 2023 17:26:44 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3708), with no line terminators
Size
48 kB (48004 bytes)
Hash
5228ab338ba8fa631f2754883547fedb
eb17fff80feac61b78cf236428386c7680686ce6
6720d63e6fe19c2862075a49a475886d2d804548ba4d569308c1f6b03421dd61

HTTP Headers

GET /isfGB272qOpPewxPbbiwesDHRM.svg HTTP/1.1
Host: web-connectmz.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/index.php
Cookie: __ddg1_=cj2tOaAGX5iExFMtbSfl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 03 Oct 2023 04:06:38 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Aug 2023 16:14:08 GMT
etag: W/"64e781d0-e7c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBw5sCEA9Uf8dJ0LjzsiY9cz59JO9DG9%2FkPH%2BM%2B2q3qhaWvJEHaHOZIHmZM2imukLsiwfWXHMjHkZUV9GMsHNx7y7PgwS8aK9qA6JLfXJEpyrtnOUGCg3Sddxp4LrvqFnAGI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8102504a493356a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.211.3

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0\012- data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 15:50:22 GMT
expires: Wed, 25 Sep 2024 15:50:22 GMT
cache-control: public, max-age=31536000
age: 562576
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/@web3modal/html@2.6.2/dist/cdn/bundle.js

104.16.126.175

200 OK

100 B

URL GET HTTP/2
unpkg.com/@web3modal/html@2.6.2/dist/cdn/bundle.js
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
b4b5d5ff79644b3d6069471fae466654
065d913e55a0e38fd3179560d1d18feacebba4cd
bdece4e5332ed83afc43b3433269201a262a476705f600bda497ca2f1d7c705a

HTTP Headers

GET /@web3modal/html@2.6.2/dist/cdn/bundle.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
Referer: https://jscdnweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:38 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"64-zAut6XWoKlu+eBkyRGmoj7AOdHY"
via: 1.1 fly.io
fly-request-id: 01H95SKTKDX2E01SQXY119X6K9-fra
cf-cache-status: HIT
age: 2820503
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8102504d8ea3568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

framerusercontent.com/images/QT0xEkS4D8Q1KtGLHeVivMDwuw.webp

143.204.55.79

200 OK

19 kB

URL GET HTTP/2
framerusercontent.com/images/QT0xEkS4D8Q1KtGLHeVivMDwuw.webp
IP
143.204.55.79:443
ASN
#16509 AMAZON-02

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerAmazon
Subjectframerusercontent.com
FingerprintCF:C8:99:1A:13:F2:84:B3:2A:B6:7E:80:8D:5C:8D:0A:8A:35:7D:71
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 15 Feb 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
19 kB (19274 bytes)
Hash
898b56ab6a6e1d474f03cab390d8d93a
43e4f4c44912e03f10d4ab462c77958af303c2ec
38c32915fd5008a2961d3b6e3d81479611ba6ba27d8d49061e50aefedf3e6fc1

HTTP Headers

GET /images/QT0xEkS4D8Q1KtGLHeVivMDwuw.webp HTTP/1.1
Host: framerusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: CloudFront
date: Fri, 22 Sep 2023 19:21:28 GMT
x-amzn-trace-id: root=1-650de938-4f0787cb1e19014d712dc174;sampled=1;lineage=f456f256:0
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amzn-requestid: 893440f1-40f7-48b3-98ea-298c2c2b2af3
vary: Accept
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8u7xqzWu1DzfUz2XA2e3Qfm8ZrCr4LtGo8TReN67-PwhGYWvJcHXJA==
age: 895509
X-Firefox-Spdy: h2

unpkg.com/@web3modal/ethereum@2.6.2

104.16.126.175

302 Found

237 B

URL GET HTTP/2
unpkg.com/@web3modal/ethereum@2.6.2
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
237 B (237 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@web3modal/ethereum@2.6.2 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Referer: https://jscdnweb.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 03 Oct 2023 04:06:38 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
location: /@web3modal/ethereum@2.6.2/dist/cdn/bundle.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H962YG43YJA9T9EWKBMKG0XP-fra
cf-cache-status: HIT
age: 2810718
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8102504d4e87568b-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap

142.250.74.42

200 OK

25 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text
Size
25 kB (24716 bytes)
Hash
c7aa4f10bbb047762b6f58a616400b57
ea50578965fa7174f0f9230aa02bd2f73c886f3b
dd8fa02c367beac9dd142d3c9aec67825430a6eb8d5e43a955d39bbbb04209fc

HTTP Headers

GET /css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 03 Oct 2023 04:06:37 GMT
date: Tue, 03 Oct 2023 04:06:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js

104.16.126.175

200 OK

263 kB

URL GET HTTP/2
unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (18875)
Size
263 kB (262939 bytes)
Hash
7d8348176a8bb75544030d3f2be92d49
03d81ce4b033dd99566148c33f77b56fa37e2135
89e11baee7d5cf5645ec30f3b92208f4497867d4cab79823180d9be9021b79d9

HTTP Headers

GET /@web3modal/ethereum@2.6.2/dist/cdn/bundle-fdcfd0d2.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"4031b-A9gc5LAz3ZlWYUjDP3e1b6N+ITU"
via: 1.1 fly.io
fly-request-id: 01H9603FXB0TT20CD3YW7HCTEJ-fra
cf-cache-status: HIT
age: 2813700
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8102504e4ee0568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://elittvplayer.com/cgibin/newlevel/x1sv8q/YWJ1c2VAb3B0dXNuZXQuY29t?pid=Patch&c=MobileFooter
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://elittvplayer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Sep 2023 04:50:55 GMT
expires: Fri, 27 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 429335
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jscdnweb.pages.dev/chair.js

172.66.45.14

200 OK

1.8 MB

URL GET HTTP/2
jscdnweb.pages.dev/chair.js
IP
172.66.45.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectjscdnweb.pages.dev
FingerprintCE:4E:00:50:1A:8D:8C:92:1F:40:37:61:3B:9B:90:51:E1:43:CC:93
ValidityTue, 19 Sep 2023 16:15:54 GMT - Mon, 18 Dec 2023 16:15:53 GMT

File type

Size
1.8 MB (1822177 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /chair.js HTTP/1.1
Host: jscdnweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5499b70309fd598a45bbf851f968530a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zR4s2yNR%2BWRa2rIyPCKvdvlWEfcPsMAbS9PRqGZStYOv2uhQIYJkPHzymFn5eOoTRPQLEuHwzIMvUajweYTSmkCSjJwmz71ljhXwaCSodZMvgIyoJiNrIJ4k2AjIH6OuB6wx6p8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 810250430aaeb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle.js

104.16.126.175

200 OK

237 B

URL GET HTTP/2
unpkg.com/@web3modal/ethereum@2.6.2/dist/cdn/bundle.js
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
237 B (237 bytes)
Hash
1d637044576e5dc3a29be6cdf29ee8c6
49e6e7ed7d8109177d1c3c697333e37b47c25d61
a0e7a144bc96c58bcd7286346ced0b997b3d7da2c1707e1e3ae6808181bfe544

HTTP Headers

GET /@web3modal/ethereum@2.6.2/dist/cdn/bundle.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
Referer: https://jscdnweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:38 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"ed-roMohOGYS54fwikNAqzVmlSiPV8"
via: 1.1 fly.io
fly-request-id: 01H95SKTM6XJMFJ4XA1P1EHN6T-fra
cf-cache-status: HIT
age: 2820503
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8102504d9ea5568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/@web3modal/html@2.6.2

104.16.126.175

302 Found

100 B

URL GET HTTP/2
unpkg.com/@web3modal/html@2.6.2
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
100 B (100 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@web3modal/html@2.6.2 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Referer: https://jscdnweb.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 03 Oct 2023 04:06:38 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
location: /@web3modal/html@2.6.2/dist/cdn/bundle.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H95YK4HZD2R6496WG27VE116-fra
cf-cache-status: HIT
age: 2815284
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8102504d3e62568b-OSL
X-Firefox-Spdy: h2

framerusercontent.com/images/Mn0RHM30ABY8ppw8tBNTPuhsQ.webp

143.204.55.79

200 OK

20 kB

URL GET HTTP/2
framerusercontent.com/images/Mn0RHM30ABY8ppw8tBNTPuhsQ.webp
IP
143.204.55.79:443
ASN
#16509 AMAZON-02

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerAmazon
Subjectframerusercontent.com
FingerprintCF:C8:99:1A:13:F2:84:B3:2A:B6:7E:80:8D:5C:8D:0A:8A:35:7D:71
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 15 Feb 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
20 kB (20524 bytes)
Hash
6973ae79b054640df87c556b2a3b919d
327d111ccdf400163cfa9a70f2d04d4cfbbf86c4
93d4abc2293013ae3822e97df41b518d04d9bcb3785ed8d1248f4c659bc1c960

HTTP Headers

GET /images/Mn0RHM30ABY8ppw8tBNTPuhsQ.webp HTTP/1.1
Host: framerusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web-connectmz.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
server: CloudFront
date: Sat, 16 Sep 2023 00:39:31 GMT
x-amzn-trace-id: root=1-6504f942-0f8c71381d55aa2824ec14ff;sampled=1;lineage=f456f256:0
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amzn-requestid: 04141119-4e57-4bbf-9ca0-80eb900ffb3d
vary: Accept
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OklZpsWnucndsVvj0SA86Ze3W5tQAuWUFlhClQQ_EIfOQbNrQt2TBg==
age: 1481226
X-Firefox-Spdy: h2

web-connectmz.cf/index.php

172.67.195.120

200 OK

362 kB

URL User Request GET HTTP/2
web-connectmz.cf/index.php
IP
172.67.195.120:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectweb-connectmz.cf
Fingerprint77:9F:82:2D:1C:69:C5:00:CC:5D:B2:6C:32:61:D4:F3:72:E1:C2:71
ValidityThu, 24 Aug 2023 17:26:45 GMT - Wed, 22 Nov 2023 17:26:44 GMT

File type

Size
362 kB (361937 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index.php HTTP/1.1
Host: web-connectmz.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elittvplayer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: __ddg1_=cj2tOaAGX5iExFMtbSfl; Domain=.web-connectmz.cf; HttpOnly; Path=/; Expires=Wed, 02-Oct-2024 04:06:36 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4mieA9mC92aFMlea3N2%2B7VkDNQe60VcEU4yhe2SKKvzxyxKXKC7iejHC6z8p%2BO4cHt2tKi3QDMidQIVS4oKXLcWy32PUHzvXPAqBa%2BVfWob9Q4DNvzq5l19IKC4T9dmqM03"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 810250400f89b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/@web3modal/html@2.6.2/dist/cdn/bundle-b8834a0a.js

104.16.126.175

200 OK

37 kB

URL GET HTTP/2
unpkg.com/@web3modal/html@2.6.2/dist/cdn/bundle-b8834a0a.js
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://web-connectmz.cf/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30984)
Size
37 kB (36892 bytes)
Hash
f32d774c4e65c2cac328d7757c3d6593
569303988803333c963252244985d6c9a3ad8437
d34ca4f2119f427ff0b01cddb7c7f154ee76c1e019e90046d1e10fbeaa80dc5b

HTTP Headers

GET /@web3modal/html@2.6.2/dist/cdn/bundle-b8834a0a.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://web-connectmz.cf
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Oct 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"901c-VpMDmIgDMzyWMlIkSYXWyaOthDc"
via: 1.1 fly.io
fly-request-id: 01H95W6TX99364QQ5XJHXK2AGN-fra
cf-cache-status: HIT
age: 2817785
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8102504e3edf568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash