Overview

URL www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
IP2.58.28.138
ASNIpxo Uk Limited
Location United Kingdom
Report completed2022-10-04 06:01:05 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-04 2 pushserve.xyz Sinkholed
2022-10-04 2 pushserve.xyz Sinkholed


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-03 09:28:50 UTC 104.18.20.226
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 02:04:45 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 143.204.55.115
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 54.148.242.254
mnemonic passive DNS pushworld2.xyz (1) 0 2021-11-14 12:16:25 UTC 2022-09-27 05:44:40 UTC 104.21.31.129 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS www.webgamesgroup.com (13) 0 2021-04-28 21:41:50 UTC 2022-10-03 05:58:13 UTC 2.58.28.138 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.25
mnemonic passive DNS cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2022-10-04 04:19:28 UTC 151.101.85.229
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-04 03:58:00 UTC 69.16.175.10
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS pushserve.xyz (2) 0 2022-08-01 06:48:16 UTC 2022-10-03 16:56:16 UTC 20.50.64.3 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 2.58.28.138

Date UQ / IDS / BL URL IP
2022-10-06 15:55:37 +0000
0 - 0 - 2 www.securepagenow.com/?gra=d82fd6480&transact (...) 2.58.28.138
2022-10-04 06:01:05 +0000
0 - 0 - 2 www.webgamesgroup.com/?gra=4aff53fe&transacti (...) 2.58.28.138
2022-09-18 17:59:59 +0000
0 - 0 - 2 www.securepagenow.com/?gra=e49cac4&transactio (...) 2.58.28.138
2022-09-16 14:35:59 +0000
0 - 0 - 2 www.securepagenow.com/?gra=e49cac4&transactio (...) 2.58.28.138
2022-09-08 15:28:04 +0000
0 - 0 - 2 www.securepagenow.com/?gra=108da0b3&transacti (...) 2.58.28.138

Last 5 reports on ASN: Ipxo Uk Limited

Date UQ / IDS / BL URL IP
2022-11-28 03:54:42 +0000
0 - 0 - 4 17pq.exactofferslink.com/t/9aa1b3eb815f/562d9 (...) 179.61.143.12
2022-11-27 23:24:42 +0000
0 - 0 - 4 0my.surveyrewards.fun/t/b11e64453ea7/9e44f39e (...) 179.61.143.208
2022-11-27 19:56:57 +0000
0 - 0 - 2 17pq.exactofferslink.com/o/LI8RVJ2C/63cef2a4- (...) 179.61.143.12
2022-11-27 19:15:14 +0000
0 - 0 - 4 17pq.exactofferslink.com/t/8f0d93c8664e/a75be (...) 179.61.143.12
2022-11-27 19:15:11 +0000
0 - 0 - 4 17pq.nowsubmission.com/ 179.61.143.121

Last 1 reports on domain: webgamesgroup.com

Date UQ / IDS / BL URL IP
2022-10-04 06:01:05 +0000
0 - 0 - 2 www.webgamesgroup.com/?gra=4aff53fe&transacti (...) 2.58.28.138

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-12 22:53:15 +0000
0 - 0 - 2 trk.back-trak.com/t/ODg3XzM4NDA/ 35.201.98.21


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (40)


Request Response
                                        
                                            GET /?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2= HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         2.58.28.138
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:54 GMT
Content-Length: 185
Connection: keep-alive
Location: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   185
Md5:    55ddfe7044cf0f3a257edb0ddeb20fb5
Sha1:   8998d4bf7cf3fcda93986d8451ac35410a840cd8
Sha256: 3e11dd6b24715dd0503dcf35302d987848f748ec38c686b8a11e575a12b6b254
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10081
Expires: Tue, 04 Oct 2022 08:48:55 GMT
Date: Tue, 04 Oct 2022 06:00:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 05:29:28 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KBZSZgx9gPPLKP0qQIHYA6lo6tt4JRqXbdcRa6Cq7bsrDMInCU8mqg==
Age: 1886


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sIDAVZHxoia-0Z_V3LjCBQitxaRGOZYTBczgFLEahH-tnwc4PyHM6A==
age: 1947
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 06:00:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2= HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1567), with CRLF, LF line terminators
Size:   4353
Md5:    3882b02dffcaed39a05e8ca7952b84c0
Sha1:   0424e5b6d338deaf22dc6185c233e349e6bcce5f
Sha256: d056dfd91b0796eb0e3f1b737ec3a59d98cac56926f3b8f46f0015b794b7ff2b
                                        
                                            GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.webgamesgroup.com
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 06:00:55 GMT
age: 16928208
x-served-by: cache-fra19178-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65326)
Size:   23906
Md5:    77348602be5574ea01c6e042f63a9b12
Sha1:   1a0d5e8fdf352f8e58351f85152be5d141547e11
Sha256: 57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
                                        
                                            GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.webgamesgroup.com
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 06:00:55 GMT
age: 14524719
x-served-by: cache-fra19179-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65299)
Size:   21785
Md5:    151629f36761d6fb6d0e0330239884a6
Sha1:   ebb9c30e5565793e2767735f0647bdf26fed4ab5
Sha256: 53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
                                        
                                            GET /jquery-3.5.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.webgamesgroup.com
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:00:55 GMT
content-encoding: gzip
content-length: 24606
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664863255.dop002.sk1.t,1664863255.cds262.sk1.hn,1664863255.cds202.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65245)
Size:   24606
Md5:    63f8c134408852106835db2f928cf0e0
Sha1:   7ca0035d2a05154f1f93e19793b2298973cc8733
Sha256: 2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:00:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3EF59A0559D0BACD687A24905F680851501F5006"
Expires: Tue, 04 Oct 2022 17:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 302
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754bb3309b83b4fa-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    c4ad7879476ace4eb0a6da3589489380
Sha1:   e2ae2fff68c07b869f08ac5599ddb8ff2a5fcb31
Sha256: 1cab44317436d2f6ed9ef0a4a6c3e01d97dd8ad27df1ed32b1815ee508ec8c9d
                                        
                                            GET /js/jquery-1.12.4.min.js HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 97163
Connection: keep-alive
Last-Modified: Thu, 19 Mar 2020 11:28:12 GMT
ETag: "5e73574c-17b8b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   97163
Md5:    4f252523d4af0b478c810c2547a63e19
Sha1:   5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
Sha256: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 05:29:33 GMT
Expires: Tue, 04 Oct 2022 06:11:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4y4_x7e4qF6te9orOlfuK_4LA4AAreQLzV5cWYxVSX9zqkMrVlBsPA==
Age: 1882


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /css/onlinewebfonts-local.css HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 918
Connection: keep-alive
Last-Modified: Wed, 06 Apr 2022 14:52:32 GMT
ETag: "624da930-396"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   918
Md5:    244fe164908b5bcad3b91f5bb6723467
Sha1:   5fb85b2065c1b63cac18132efbd2d36f9429c28e
Sha256: 0558b31ed6a71c6c04ff355090cf770f2bb5886293e911a2711e19e624aa907e
                                        
                                            GET /css/font-awesome.min.css HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 29062
Connection: keep-alive
Last-Modified: Thu, 19 Mar 2020 11:30:43 GMT
ETag: "5e7357e3-7186"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (28900)
Size:   29062
Md5:    bb53ad7bffecc0014d64553e96501dce
Sha1:   7cd5a3384333f95c3d37d9488ad82cd6c4b03761
Sha256: 7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
                                        
                                            GET /css/bootstrap-theme.min.css HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 23409
Connection: keep-alive
Last-Modified: Thu, 19 Mar 2020 11:29:58 GMT
ETag: "5e7357b6-5b71"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (23192)
Size:   23409
Md5:    46d96593303e4c8666f497bb7602c999
Sha1:   bcb96e31a2b8fed5575995fa0c58293e64972116
Sha256: a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
                                        
                                            GET /images/pricesticker_blue.png HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 10675
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 09:58:31 GMT
ETag: "6007fec7-29b3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 180 x 174, 8-bit/color RGBA, non-interlaced\012- data
Size:   10675
Md5:    e99501031116f60f2bc5e7410a393c45
Sha1:   ca23890b42f67860876b1b9a0ec5baa339e2dbbe
Sha256: 91b32e54f89d03d15b95847e0a8adafcc7d6c03365677a69dafab7e8131afce1
                                        
                                            GET /images/bg2-iphone12.png HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"607fe91c-70f"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   858
Md5:    434d46db98a339680b043aa70ed71b2c
Sha1:   eb19ded06b010b5a6130f037c434c0dd585d4550
Sha256: 48a885d5fe87d3538611ff11905a22ee5f2c78a9227239e8a7cc42de0cc1a90e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1293
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:00:55 GMT
Last-Modified: Tue, 04 Oct 2022 05:39:22 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css/4b94982a9603dd89cf49dd9bcb0f0d60.woff2 HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.webgamesgroup.com/css/onlinewebfonts-local.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 25640
Connection: keep-alive
Last-Modified: Thu, 05 May 2022 10:03:42 GMT
ETag: "6273a0fe-6428"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25640, version 1.0\012- data
Size:   25640
Md5:    eb25fdd50e1e75b8fd5b45bf063046d6
Sha1:   100995e792694242324ba59c92bdf75ebc97039c
Sha256: 3124716f835ce29e95cccfaf491bfd0e53d11961497c8114c96b6c3fc55dcf36
                                        
                                            GET /images/f1right-iphone12.png HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 247187
Connection: keep-alive
Last-Modified: Fri, 15 Jan 2021 10:32:52 GMT
ETag: "60016f54-3c593"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 674 x 825, 8-bit/color RGBA, non-interlaced\012- data
Size:   247187
Md5:    60809a280779eca41a89a07e9994411c
Sha1:   e0ab8b20156b28cdcf9e73eb26368789880fc7b3
Sha256: 42040965f7b5be9cd216bcf7657c02412370a9b9a5ba581ca93a7489e1a85745
                                        
                                            GET /images/main-iphone12.png HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Content-Length: 253761
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2022 15:31:09 GMT
ETag: "62f3cf3d-3df41"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 450 x 581, 8-bit/color RGBA, non-interlaced\012- data
Size:   253761
Md5:    6a0f0c19b1894ca1b819e73a7757f865
Sha1:   0f123d6ce90b9174769d7f6780c6cc106336571c
Sha256: 8b21159a14406e3d99571132ee32a6bb674645300a86ed56dbe7aff171708f19
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d7HxrJw6RCrYQjRNBjgQPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.242.254
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 80G8JMyURBPHTyufd/i7OEYvABQ=

                                        
                                            GET /images/ HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/?gra=4aff53fe&transaction_id=633bcbfe76176c034807c282&info1=628e2a0db4dcd908805a29af_&info2=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         2.58.28.138
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:00:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"607fe91c-70f"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   858
Md5:    434d46db98a339680b043aa70ed71b2c
Sha1:   eb19ded06b010b5a6130f037c434c0dd585d4550
Sha256: 48a885d5fe87d3538611ff11905a22ee5f2c78a9227239e8a7cc42de0cc1a90e
                                        
                                            OPTIONS /api/v1/visit HTTP/1.1 
Host: pushserve.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.webgamesgroup.com/
Origin: https://www.webgamesgroup.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         20.50.64.3
HTTP/2 204 No Content
                                        
date: Tue, 04 Oct 2022 06:00:55 GMT
server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
set-cookie: TiPMix=49.890968060645335; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:00:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:00:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:00:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:00:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:00:57 GMT
Connection: keep-alive

                                        
                                            GET /ace-push.js HTTP/1.1 
Host: pushworld2.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.31.129
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:00:55 GMT
etag: W/"1d8a66307301f52"
last-modified: Tue, 02 Aug 2022 11:28:46 GMT
cf-cache-status: BYPASS
set-cookie: TiPMix=50.25253924685734; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None x-ms-routing-name=self; path=/; HttpOnly; Domain=pushworld2.xyz; Max-Age=3600; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuCIQfO%2BfX6gS%2FI%2F3FzUoG%2FcVA%2Fs6XzEy1Ny7WroYXpyuDld%2FTvVLShTq43LwmewKttNSfzNXaFAx5Cbi%2BByhDtfnqgYo%2BgPM9ns%2BkMI6f6Nf2X1w89Zx5l4f4w1qB9YSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754bb3307e66b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2056), with CRLF line terminators
Size:   16493
Md5:    cbba2718cb16639150c87efda4600355
Sha1:   eef577a55af67236084afd0bf0b5e3610bad83ca
Sha256: 43bea5044b72d4c94fd877a8812cffdb48327a472389fe68a1e21a93237bed54
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3966c4-a932-4eb5-a3bf-ca25cde92ccb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5317
x-amzn-requestid: 84ffe752-ae82-4fb6-9b29-9b69a3a3dcdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGEjIAMF8Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-3717ba3f22da06bc791b20b6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RPvILihWx8WSUuIbF2SJ7LFFvmFTqz4jZmMGGhWRbLBosa1mp0o0vg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:54:57 GMT
age: 29160
etag: "4d208807e10e73309811101ef2d26ff33b642585"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5317
Md5:    a0927f94dd9e0cc7272f77972048658c
Sha1:   4d208807e10e73309811101ef2d26ff33b642585
Sha256: 3f184d9ba1588d451dfe5e4dfd84456ce533cbccaf1390ad423e1c6d38c8a35b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 4684
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0001afba-471a-49f7-bb38-3d4741a9581b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9708
x-amzn-requestid: 7cfcaf0d-1663-47d7-b08e-be3d0c39e035
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFjHB5IAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-04c5da1940a620507649b822;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5EjIZq5-ifuD25S3kj8Bl3SbZH10tm6DII-oRZVci4ic7Za7btGFw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:45:44 GMT
age: 26113
etag: "dc7bc4a378c0ddcd81e51046d21ed02b8be11a92"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9708
Md5:    90fead0b9104991552ce689230661d48
Sha1:   dc7bc4a378c0ddcd81e51046d21ed02b8be11a92
Sha256: 94a1a4199f7cb7bc0b48b00aec745e89f2c65dadd905b27879d39347deb44496
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9455
x-amzn-requestid: c7e1aa21-0afd-4329-a886-ca52e1a30c7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqJXHLUIAMFU1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5708-1905710834041431314b11be;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: D-2NszpZ31D2YAbZRcPdqN3zZ2ScANt6bokfSbANgnsXBoTF2d__AQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:08:09 GMT
age: 28368
etag: "cf021352d993967e78552b275424ff139e4ef66c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9455
Md5:    50556325e5a38a5dd7802b1391815bcb
Sha1:   cf021352d993967e78552b275424ff139e4ef66c
Sha256: 96fd2e848a45d071e334a8d08c8b89215f80f01f947af6da2efaee72dd16914c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e2742a-a49a-4d87-a767-7dbb56cff473.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6107
x-amzn-requestid: 6516bfcd-d6a5-4f46-81fa-ef6033e21aa7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqO7GXOoAMF8hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b572c-27fb158e152659380e27c292;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:42:04 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9kLVyQMWmdeqQA58wyOQKBE9yEUxl5DxnG7J8Ozm-xuHD0PW_8SR2g==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:54:16 GMT
age: 29201
etag: "291232594a2f3170afed3b4814e3a11233d0f05e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6107
Md5:    1f0977129995c466e4710e0ae4304d3e
Sha1:   291232594a2f3170afed3b4814e3a11233d0f05e
Sha256: 80927a148dff4908b799b9f6d167769e68346491092520f5e3638b0f8b5d55a3
                                        
                                            POST /api/v1/visit HTTP/1.1 
Host: pushserve.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.webgamesgroup.com/
Content-type: application/json
Origin: https://www.webgamesgroup.com
Content-Length: 409
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.50.64.3
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:01:01 GMT
server: Kestrel
access-control-allow-origin: *
set-cookie: TiPMix=22.31715032380135; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 1307
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1307), with no line terminators
Size:   1307
Md5:    d54a7dde6799391069538e48b9dbecfb
Sha1:   84b78dbd3a16d97a5bdd5ce16eac729fd629c34f
Sha256: 0869b017f908d22c44346656ea119d386232d93280c2af22f03ff7ea50f5a067

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /md-service-worker.js HTTP/1.1 
Host: www.webgamesgroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         2.58.28.138
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 04 Oct 2022 06:01:01 GMT
Content-Length: 130
Connection: keep-alive
Last-Modified: Wed, 11 May 2022 09:08:51 GMT
ETag: "627b7d23-82"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Java source, ASCII text
Size:   130
Md5:    0c240e30215718c100547f25d0704fe8
Sha1:   2a198bb266a112e60c680daaffe20b5540a5e1a8
Sha256: 0679ce54472d3e6155664533b9ffc9f1c69f8cf45ab5360e32eb53d9f6c26c0c
                                        
                                            GET /css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.webgamesgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 06:00:55 GMT
date: Tue, 04 Oct 2022 06:00:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---