r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3772
Expires: Thu, 26 Jan 2023 18:16:00 GMT
Date: Thu, 26 Jan 2023 17:13:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10813
Expires: Thu, 26 Jan 2023 20:13:21 GMT
Date: Thu, 26 Jan 2023 17:13:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 16:35:16 GMT
content-type: application/json
age: 2272
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13934
Expires: Thu, 26 Jan 2023 21:05:22 GMT
Date: Thu, 26 Jan 2023 17:13:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7owTNAPLJXVV6EmGunWVhDaox4bgXN0jmzxTNEDMkLkVuWcNlEjJrG9uv3bGvKsrRvQfYQC7QVc=
x-amz-request-id: 16F8AGQMVD6K7ZHD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 16:20:11 GMT
age: 3177
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 17:13:08 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nfticket.pe/
66.7.220.3301 Moved Permanently 228 B IP 66.7.220.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b703a28bbdbe02ca3c6fa9c8813b6528
6d1eb7d5e3848ebdf93c9b5b34ba425328c3b94a
0bd7896d0b11343db9e63dd698cda5d83c34703e9cedf76dc1643beb57db7e9d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 17:13:08 GMT
Server: Apache
Location: https://nfticket.pe/
Content-Length: 228
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 16:49:01 GMT
age: 1447
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16857
Expires: Thu, 26 Jan 2023 21:54:06 GMT
Date: Thu, 26 Jan 2023 17:13:09 GMT
Connection: keep-alive
nfticket.pe/
66.7.220.3200 OK 13 kB IP 66.7.220.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (934), with CRLF line terminators
Hash 25afe1dbac41ec2dd25d213a9aefe5b5
a952e9fda1f9b10baa14835837415700a29b7b93
7ecf8c3c701dafdece21484c1b62f5acad4974967aac28cdbca18dd5bd38fbaf
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394; path=/
content-length: 13279
content-type: text/html; charset=utf-8
date: Thu, 26 Jan 2023 17:13:08 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.45.85101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.45.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pBhkGW/Zo7BAFTVR+2aqkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2OIBdQVPzTGLa3NKiOxG5oV+bKo=
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (48316), with no line terminators
Hash 2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6133551
expires: Tue, 16 Jan 2024 17:13:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91F5s4bN%2BFjdB0%2B9XyUY71Cyp%2FAo%2FgEeGR26ANMrEKhHtYEXiQeGGTUD%2F0Vt9mF9%2BXNowxHwr2XZx2FBrI6aJKbPu%2B1BhCdQF1qJtri30uNxpTywi8RZhBEKc131%2F%2FKFMr%2BNVa2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78fae0aaeaebfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/aes.min.js
104.17.25.14200 OK 953 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/aes.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (2389), with no line terminators
Hash 38fab66932489862d13c6a9f38e1ed23
bee3837e71e708096c19ce72403f8314f8c762f7
66869698c61bca0e67f09f8fc21664a1c56df149df28b6989e9e7793b03dec0d
GET /ajax/libs/crypto-js/4.1.1/aes.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3b9"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12599678
expires: Tue, 16 Jan 2024 17:13:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wbx6EPHFZkLxs6wuX8fCDt8yXlCjWn05mYOMP7bWwq61%2B2DlbqT0BiJOZViNq8ukRZs9%2F5aaeefhdtyUb9ZIyd0oxxziKrXSCWUVCN65pvCMJi0nqzDGtNDkanXC4nkgDUxSxwxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78fae0aaeaedfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:13:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4c9854fc7cc9b8a6a328e861e05ed2dc
4b523ca1ad51b2aa39636bb3796d512ccdc982dd
935594deea39d7b3a070ddc9536cbb38b3a84d625c29aee4eb2fa66c3d1c07b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "935594DEEA39D7B3A070DDC9536CBB38B3A84D625C29AEE4EB2FA66C3D1C07B7"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14677
Expires: Thu, 26 Jan 2023 21:17:46 GMT
Date: Thu, 26 Jan 2023 17:13:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4c9854fc7cc9b8a6a328e861e05ed2dc
4b523ca1ad51b2aa39636bb3796d512ccdc982dd
935594deea39d7b3a070ddc9536cbb38b3a84d625c29aee4eb2fa66c3d1c07b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "935594DEEA39D7B3A070DDC9536CBB38B3A84D625C29AEE4EB2FA66C3D1C07B7"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14677
Expires: Thu, 26 Jan 2023 21:17:46 GMT
Date: Thu, 26 Jan 2023 17:13:09 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i
142.250.74.106200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i
IP 142.250.74.106:0
Hash a96851d0feaf6e7711de1e37f4bbe71a
2d3e39ea012cd2803ac005b66eb33b91f2e85ecf
aac18e6da121417f5db5db1698acf4785ce7c05ecc7aff5ffb3875b9b1144164
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 17:13:09 GMT
date: Thu, 26 Jan 2023 17:13:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4c9854fc7cc9b8a6a328e861e05ed2dc
4b523ca1ad51b2aa39636bb3796d512ccdc982dd
935594deea39d7b3a070ddc9536cbb38b3a84d625c29aee4eb2fa66c3d1c07b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "935594DEEA39D7B3A070DDC9536CBB38B3A84D625C29AEE4EB2FA66C3D1C07B7"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14677
Expires: Thu, 26 Jan 2023 21:17:46 GMT
Date: Thu, 26 Jan 2023 17:13:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4c9854fc7cc9b8a6a328e861e05ed2dc
4b523ca1ad51b2aa39636bb3796d512ccdc982dd
935594deea39d7b3a070ddc9536cbb38b3a84d625c29aee4eb2fa66c3d1c07b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "935594DEEA39D7B3A070DDC9536CBB38B3A84D625C29AEE4EB2FA66C3D1C07B7"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14677
Expires: Thu, 26 Jan 2023 21:17:46 GMT
Date: Thu, 26 Jan 2023 17:13:09 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.193.229200 OK 18 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.193.229:0
File type ASCII text, with very long lines (43315)
Hash 34245e47533a6bbe4e69f65aa0297dcf
6649da8177cd2018da3bdcef74aac77931fb470c
9db43754d594eb4c0d021c4b62b3b4a0e13b455d8130f33e845523e9f0c43f7e
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.1
x-jsd-version-type: version
etag: W/"fb5c-w+GyqThvnHQcfkFno5FntMBy22I"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 17:13:09 GMT
age: 37311
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18041
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/ethereum/web3.js/dist/web3.min.js
151.101.193.229200 OK 372 kB URL HTTP/2 cdn.jsdelivr.net/gh/ethereum/web3.js/dist/web3.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (64135)
Size 372 kB (372383 bytes)
Hash e52ec98736587eb17261fd20d02006ff
4ff6bb11e3944a495c162e3b685b6481c1ace575
ab9e2794a763856e4a7d3c4ecb4d30d2bc80af19babe08df1a8f21dc9b3f6494
GET /gh/ethereum/web3.js/dist/web3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.0.0
x-jsd-version-type: version
etag: W/"13b809-XwSuevaXcvR48RWY2ysOS+KLNSc"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 17:13:09 GMT
age: 42720
x-served-by: cache-fra-eddf8230061-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 372383
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:13:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 24742a3c4cebc479dd9641df11eb968f
86a8a9a9d32fa0ab40cbdebb9edf5111acd67575
8804bef501b725f2a061fd7c903763199aa36000132587262c4ed720beaa7a7e
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 17:13:09 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FDD24285AE50C73C2E326520BB803418339DA88F"
Expires: Fri, 27 Jan 2023 04:00:00 GMT
Last-Modified: Thu, 26 Jan 2023 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1960
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fae0abc92bb500-OSL
nfticket.pe/assets/vendor/boxicons/css/boxicons.min.css
66.7.220.3200 OK 64 kB URL HTTP/2 nfticket.pe/assets/vendor/boxicons/css/boxicons.min.css
IP 66.7.220.3:0
File type ASCII text, with very long lines (63781), with no line terminators
Hash 6b330ff5f89229cb7ae9264347bacbab
05ea963ae15e620a051aec3f8dde4b6f85499c96
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7
GET /assets/vendor/boxicons/css/boxicons.min.css HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 63781
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/bootstrap-icons/bootstrap-icons.css
66.7.220.3200 OK 73 kB URL HTTP/2 nfticket.pe/assets/vendor/bootstrap-icons/bootstrap-icons.css
IP 66.7.220.3:0
Hash de9221202e39363c79c1901789048f96
d81bb37df954613ac65c6246f96d1e5c0b3914c2
be31fb55d198f0a2bc969e70857e7ab9388e6dce6f26c2bea85a6cd827eae666
GET /assets/vendor/bootstrap-icons/bootstrap-icons.css HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 73271
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/glightbox/css/glightbox.min.css
66.7.220.3200 OK 14 kB URL HTTP/2 nfticket.pe/assets/vendor/glightbox/css/glightbox.min.css
IP 66.7.220.3:0
File type ASCII text, with very long lines (13785), with no line terminators
Hash d5e0b3e55dd94af81580abcfb4585fb1
5db50f4b0a19a304d4f58e39cbbb22e7df17e25d
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
GET /assets/vendor/glightbox/css/glightbox.min.css HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 13785
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/swiper/swiper-bundle.min.css
66.7.220.3200 OK 16 kB URL HTTP/2 nfticket.pe/assets/vendor/swiper/swiper-bundle.min.css
IP 66.7.220.3:0
File type ASCII text, with very long lines (15306)
Hash b56d7f26577507e9719d15072d0dbe78
6db837e695d4cb51173a95c7c65c0e8a9d0cf9c1
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
GET /assets/vendor/swiper/swiper-bundle.min.css HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 15563
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/bootstrap/css/bootstrap.min.css
66.7.220.3200 OK 164 kB URL HTTP/2 nfticket.pe/assets/vendor/bootstrap/css/bootstrap.min.css
IP 66.7.220.3:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Size 164 kB (163873 bytes)
Hash 94994c66fec8c3468b269dc0cc242151
ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
GET /assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 163873
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/aos/aos.js
66.7.220.3200 OK 15 kB URL HTTP/2 nfticket.pe/assets/vendor/aos/aos.js
IP 66.7.220.3:0
File type ASCII text, with very long lines (14690), with no line terminators
Hash d3718e34eeb0355be8e3179a2e2bccb7
850ee2e5c9fba610840137c6c4e92b5abbc428fe
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/aos/aos.js HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 14690
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/logom.png?v=1
66.7.220.3200 OK 4.5 kB URL HTTP/2 nfticket.pe/img/logom.png?v=1
IP 66.7.220.3:0
File type PNG image data, 319 x 112, 8-bit colormap, non-interlaced\012- data
Hash d6a6da27616c526f7219ed7896a286d0
dffe39a763c0e52f98eb313072e946a302baeb10
2efb7603ba9e55994ffb0d92f69c2286f469148a9e379b52a338f4fe938d34fd
Analyzer Verdict Alert fortinet Phishing
GET /img/logom.png?v=1 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Dec 2022 05:52:36 GMT
accept-ranges: bytes
content-length: 4456
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/css/person.css?v=2
66.7.220.3200 OK 2.7 kB URL HTTP/2 nfticket.pe/assets/css/person.css?v=2
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash b84422bb0c4d35bd89467a66b45ef0f3
c99b19ba1d66367e578d2be94e44863bcb003c63
21ce791a2338397d09bac2cd1a8aa05b2e8ecd09795a7fb593e1dcc0cab36b74
Analyzer Verdict Alert fortinet Phishing
GET /assets/css/person.css?v=2 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 21:23:48 GMT
accept-ranges: bytes
content-length: 2749
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/css/project.css
66.7.220.3200 OK 3.2 kB URL HTTP/2 nfticket.pe/assets/css/project.css
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash f092d05b30305ac2e2639ec726e24376
d8d1161050fed270a972a2fa8ab70b80b377e705
fc05571a23ff2fb249095b941130b4180d3b0c3ea2b21670c5d439d67184247f
GET /assets/css/project.css HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 00:04:36 GMT
accept-ranges: bytes
content-length: 3198
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/css/style.css?v=30
66.7.220.3200 OK 28 kB URL HTTP/2 nfticket.pe/assets/css/style.css?v=30
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash e92fe12de788cab6c1ede2e344f7610a
8bc964ef9af266820919a35e49d1c27acfbc0510
35e0e1006c1130605637d4e25540f22dfeb00a82c48e0d668b03e4d9c5a951fb
GET /assets/css/style.css?v=30 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 25 Dec 2022 03:28:34 GMT
accept-ranges: bytes
content-length: 27911
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/js/contract.js?v=500011
66.7.220.3200 OK 1.5 kB URL HTTP/2 nfticket.pe/assets/js/contract.js?v=500011
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash bbdc0e89812bddc83a46cffb3127b81d
8c683e097df5c382598a85b627a1822ed67ca6f1
ef99c77311cfb5fc84d41382d24b4a076ba159f0b87447cb9c75d6efa92536e8
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/contract.js?v=500011 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 04 Jan 2023 04:57:05 GMT
accept-ranges: bytes
content-length: 1517
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/js/main.js?v=5000011
66.7.220.3200 OK 5.7 kB URL HTTP/2 nfticket.pe/assets/js/main.js?v=5000011
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash 979e80ed7557644b8208efc412231acc
93f3338ceda12c209b1035a9ef3e250b2fb944bb
6ca55929ebdccb88ea8ddd744142d5dde98013d7ca8b422233150df25fbfe638
GET /assets/js/main.js?v=5000011 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Sep 2022 03:05:32 GMT
accept-ranges: bytes
content-length: 5656
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/js/event.js?v=501267
66.7.220.3200 OK 13 kB URL HTTP/2 nfticket.pe/assets/js/event.js?v=501267
IP 66.7.220.3:0
File type HTML document, ASCII text, with very long lines (877), with CRLF line terminators
Hash 529e767e3ae6240701f555419429a00a
e140be131cfcab1cf579a587387a457694b8f19e
dee2cfc666894026d1e817f15c7fb36edac0f73c57d97e13e7049b78f5e83a59
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/event.js?v=501267 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Dec 2022 02:19:20 GMT
accept-ranges: bytes
content-length: 12655
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/js/abi.js?v=3
66.7.220.3200 OK 24 kB URL HTTP/2 nfticket.pe/js/abi.js?v=3
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash db3c4d50de58c951752be1e83b3dc305
539e5628878718f0b0bd1b03c170d9455bfdddd5
d34595ac7d0d0e1ec92aca95c4b709f0be4badec7096d516ddd0da908f5b8c27
Analyzer Verdict Alert fortinet Phishing
GET /js/abi.js?v=3 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 05:48:07 GMT
accept-ranges: bytes
content-length: 23452
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/css/editor.css?v=31
66.7.220.3200 OK 25 kB URL HTTP/2 nfticket.pe/assets/css/editor.css?v=31
IP 66.7.220.3:0
Hash 33947df7d512100377d26c6be95e432c
df60d62fb5e040343a7c8b2dd84750477cd741bd
10293d9d72403c784d3cbe188b28dd36cd19810e9e83b94f0b6ff8497f2763f7
Analyzer Verdict Alert fortinet Phishing
GET /assets/css/editor.css?v=31 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Dec 2022 16:56:20 GMT
accept-ranges: bytes
content-length: 24812
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/js/util.js?v=1011
66.7.220.3200 OK 4.8 kB URL HTTP/2 nfticket.pe/assets/js/util.js?v=1011
IP 66.7.220.3:0
File type ASCII text, with very long lines (361), with CRLF line terminators
Hash 6247babc7b20b42e1b6af144ad3c4830
07e035bf5366aced93dd180865b1ec9ea923c145
c56a9f626d5bd0044678817f147e56c50658e2108f8ae26001973da8559d27d6
GET /assets/js/util.js?v=1011 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 09 Dec 2022 03:59:15 GMT
accept-ranges: bytes
content-length: 4776
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/js/pnglib.js
66.7.220.3200 OK 6.7 kB URL HTTP/2 nfticket.pe/assets/js/pnglib.js
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash 5327779824b8e09cbc533847dbcd2f6f
20606f6bf8b2007bfc37aab2c047f9259041bd7d
636d21a250dd128344df05fc9627d58475d61bb811abe6f499b304581ceb6ea2
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/pnglib.js HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 06:06:42 GMT
accept-ranges: bytes
content-length: 6709
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/js/identi.js
66.7.220.3200 OK 7.5 kB URL HTTP/2 nfticket.pe/assets/js/identi.js
IP 66.7.220.3:0
File type ASCII text, with CRLF line terminators
Hash 37cd5672b95530276070bae7a427e165
c1d4a201b8eb85b6815ddb2fc0dd36ac52542bec
d8e81ec807b7c8c7ad191ab5b61115d1bde1f41b2df696797a3c8ee9db2a8368
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/identi.js HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Sep 2022 06:05:06 GMT
accept-ranges: bytes
content-length: 7502
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/js/file.js?v=500311
66.7.220.3200 OK 18 kB URL HTTP/2 nfticket.pe/assets/js/file.js?v=500311
IP 66.7.220.3:0
File type Unicode text, UTF-8 text, with very long lines (408)
Hash 21c53e03c3301c9bfc26771eed46f5d0
9c5dff3b65cec30d214eb3f4bf0c34f5d5201ed3
97f034cbc0caee5a5db2a7de896bee88ffbbe25279452129731b07178cf8a010
GET /assets/js/file.js?v=500311 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Dec 2022 16:58:40 GMT
accept-ranges: bytes
content-length: 17923
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/glightbox/js/glightbox.min.js
66.7.220.3200 OK 56 kB URL HTTP/2 nfticket.pe/assets/vendor/glightbox/js/glightbox.min.js
IP 66.7.220.3:0
File type ASCII text, with very long lines (56222), with no line terminators
Hash 2c8b54832f234f81bb1ecd75549fd014
58238d71cb1f3b00e872803d7965024188b8736e
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/glightbox/js/glightbox.min.js HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 56222
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
66.7.220.3200 OK 78 kB URL HTTP/2 nfticket.pe/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
IP 66.7.220.3:0
File type ASCII text, with very long lines (65299)
Hash 7ccd9d390d31af98110f74f842ea9b32
a85e681624c91a106a514c31eacf80de817b2cc3
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 78129
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
stamping.io/js/qrcode2.js?v=1.0.1
138.128.168.10200 OK 38 kB URL HTTP/2 stamping.io/js/qrcode2.js?v=1.0.1
IP 138.128.168.10:0
Hash b889c68308473bc3e17fa59c2d04b814
9e13fcffed22040c0e7feb5866ee202e1bf34373
b8ae0c9e346eb2cc84ea01ff8bbb2abb220133819c89231d5690a29a8778bbdc
GET /js/qrcode2.js?v=1.0.1 HTTP/1.1
Host: stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 05 Apr 2021 01:27:44 GMT
accept-ranges: bytes
content-length: 38513
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
stamping.io/js/qrcode.js
138.128.168.10200 OK 38 kB IP 138.128.168.10:0
Hash 14a2fc9a497aa09463ac0913261a9275
635f41bd23c80e31a7ed5f4ae372501ee9bb8bdc
f27461f316b5518342ccfd66b17831201289614dbb6899cfdca2f9cf99a6a65c
GET /js/qrcode.js HTTP/1.1
Host: stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Jul 2021 06:06:39 GMT
accept-ranges: bytes
content-length: 38243
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:10 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/swiper/swiper-bundle.min.js
66.7.220.3200 OK 136 kB URL HTTP/2 nfticket.pe/assets/vendor/swiper/swiper-bundle.min.js
IP 66.7.220.3:0
File type ASCII text, with very long lines (65279)
Size 136 kB (135617 bytes)
Hash 0e2ac19d6072261e7ef6b9d808e17ec5
af10043888f40ed2f58a28520e9b2bb82157487b
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/swiper/swiper-bundle.min.js HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 135617
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/NFTS1.png
66.7.220.3200 OK 55 kB URL HTTP/2 nfticket.pe/img/NFTS1.png
IP 66.7.220.3:0
File type PNG image data, 304 x 304, 8-bit/color RGBA, non-interlaced\012- data
Hash d92ad34acbd1326dc8b930a9e67c5f19
08f0b70a0dc20110ec10079dc3362b6d1b7f40d0
03b6409c9273d7ad7b429183bf82d82f363331a99974c6caf1d93d7aa40c0c70
GET /img/NFTS1.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Jan 2023 01:07:14 GMT
accept-ranges: bytes
content-length: 54584
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/QmeUrNtjsSmqaqLqB9prqn7e3jFXZgN7wQL6LBwVJkVrmG.png
66.7.220.3200 OK 140 kB URL HTTP/2 nfticket.pe/img/QmeUrNtjsSmqaqLqB9prqn7e3jFXZgN7wQL6LBwVJkVrmG.png
IP 66.7.220.3:0
File type PNG image data, 557 x 557, 8-bit/color RGBA, non-interlaced\012- data
Size 140 kB (139693 bytes)
Hash d0378f433aa1c03fc44694ff7be71703
57cf699d1e5a021d7083fa734be3ffe30d32062e
ad2217452b501f8f3f22796fb4b57a84f8845733baea79a0db4d547ca87cf267
GET /img/QmeUrNtjsSmqaqLqB9prqn7e3jFXZgN7wQL6LBwVJkVrmG.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 15 Jan 2023 16:04:19 GMT
accept-ranges: bytes
content-length: 139693
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/api/event/image/nft/Qmb7efHjcC39X7MtVZKKFnX9UjqLms6b7qBAkZvCUNXoAp
66.7.220.3200 OK 178 kB URL HTTP/2 nfticket.pe/api/event/image/nft/Qmb7efHjcC39X7MtVZKKFnX9UjqLms6b7qBAkZvCUNXoAp
IP 66.7.220.3:0
File type PNG image data, 557 x 557, 8-bit/color RGBA, non-interlaced\012- data
Size 178 kB (177848 bytes)
Hash 064e38a344196666bcd9d498cb439519
6c8938c57364f8a99d01f9f2a2999e6a62d15b61
dc2ac578c6c81cd00cb011ebc9d8de8249f68273c0c661a1039c1ccac4f4b618
Analyzer Verdict Alert fortinet Phishing
GET /api/event/image/nft/Qmb7efHjcC39X7MtVZKKFnX9UjqLms6b7qBAkZvCUNXoAp HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 03:16:35 GMT
accept-ranges: bytes
content-length: 177848
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8893
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 17:13:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8893
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 17:13:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8893
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 17:13:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8893
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 17:13:10 GMT
Connection: keep-alive
nfticket.pe/assets/js/wallet.js?v=5031327
66.7.220.3200 OK 503 B URL HTTP/2 nfticket.pe/assets/js/wallet.js?v=5031327
IP 66.7.220.3:0
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/wallet.js?v=5031327 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 26 Jan 2023 06:59:16 GMT
accept-ranges: bytes
content-length: 130146
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/evento19enero.png
66.7.220.3200 OK 250 kB URL HTTP/2 nfticket.pe/img/evento19enero.png
IP 66.7.220.3:0
File type PNG image data, 535 x 535, 8-bit/color RGBA, non-interlaced\012- data
Size 250 kB (250132 bytes)
Hash 387c1d7f2beb748feb1750f155005f79
2f931d3799e46d91b96d530225a549f87d632061
de0fe02d7922106dd057884c4fcd9d840248b6ddb7aa17d66ff5add104081d55
GET /img/evento19enero.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Dec 2022 16:29:54 GMT
accept-ranges: bytes
content-length: 250132
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/web3queesc.png
66.7.220.3200 OK 273 kB URL HTTP/2 nfticket.pe/img/web3queesc.png
IP 66.7.220.3:0
File type PNG image data, 533 x 533, 8-bit/color RGB, non-interlaced\012- data
Size 273 kB (272691 bytes)
Hash 482f08ef7a5080b36a7cad5285ee94f7
6c1a3ac56438e9bd8aaac0b9d23d73a870f9b032
99ff06d19b08aa66aea11a5e97b5b8161e2ef5fd4fa93e47e3213d24ada87079
GET /img/web3queesc.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 14 Jan 2023 17:58:08 GMT
accept-ranges: bytes
content-length: 272691
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/evento.png
66.7.220.3200 OK 335 kB URL HTTP/2 nfticket.pe/img/evento.png
IP 66.7.220.3:0
File type PNG image data, 1366 x 768, 8-bit/color RGBA, non-interlaced\012- data
Size 335 kB (335332 bytes)
Hash 548e8ca22c54412d59ea5d290f339e5c
922bfbf12c7be011593e9892048a117f66b1051a
f30f74b3044c8bfb720cb0b46e718b545ef2264b2834ef151272ba4b0c3e3e7c
GET /img/evento.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 16:05:35 GMT
accept-ranges: bytes
content-length: 335332
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:14:39 GMT
age: 43111
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 69642
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:40 GMT
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
age: 69810
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41fd0074a6ce752b1271302feade4cee
6311d1365504f06cb7516606c56c502d553c9d16
544c508899fe8855b0975a87cb0bf35663ab4ad0ec8fd057b3962d50cc001b8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7365
x-amzn-requestid: c2a8ae3d-47f8-415f-bf08-78dd12ede3d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwEUbIAMFnag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-38f72fec78120cf113c7a4f7;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rtbXkTvnYy-L9ludMO-LXo0lFghKSZeQ8UIGoaBHYlMIFGf0RR-zWA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:02 GMT
age: 69848
etag: "6311d1365504f06cb7516606c56c502d553c9d16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfe699b31f96add9f1439af1ff1191eb
f77a833a69b69eef4a39e404c102f624e96b52c0
44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: 2f52d4d7-4158-485e-bbae-1f906c40d1f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYg5HvwoAMFxjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d46b-73d5d7862497852334d9cde2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:04:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4szanZUhJULoG1K5oNXzvcaoImIduF8NnkTrwCPSpOFpJMaw7rQqEg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:22:01 GMT
age: 35469
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nfticket.pe/img/Proyectoweb34.png
66.7.220.3200 OK 495 kB URL HTTP/2 nfticket.pe/img/Proyectoweb34.png
IP 66.7.220.3:0
File type PNG image data, 908 x 908, 8-bit/color RGB, non-interlaced\012- data
Size 495 kB (495364 bytes)
Hash 90ff1bff77aa52469e462780493180cd
9009a8492cc2404387f96c963469f59105288978
6fdbadf8c598befa3632e90902a5b52fe2e16367f1e091d90f53a97802f5e6f6
GET /img/Proyectoweb34.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 14 Jan 2023 19:26:19 GMT
accept-ranges: bytes
content-length: 495364
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/firmas.png
66.7.220.3200 OK 515 kB IP 66.7.220.3:0
File type PNG image data, 968 x 968, 8-bit/color RGB, non-interlaced\012- data
Size 515 kB (515008 bytes)
Hash 502bec2d83cc77a83691e1f7d9f981ce
efc5752a27653829432c8f7f136656b5d0f502cf
ec64f2b4770c1d277dac21522b9abdd2c6edc465b4328c3dcd7a262e36cd0e3f
GET /firmas.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Jan 2023 00:55:26 GMT
accept-ranges: bytes
content-length: 515008
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/debate.png
66.7.220.3200 OK 536 kB URL HTTP/2 nfticket.pe/img/debate.png
IP 66.7.220.3:0
File type PNG image data, 400 x 533, 8-bit/color RGBA, non-interlaced\012- data
Size 536 kB (535562 bytes)
Hash 54a859138b96002c8392f64a9a24d3f3
187f37a4d772c18ad96566dc45de2bc90283a1a6
5e327c0daca3e92bc24634a245e07da4536b5f369b62cfd35879b5194e7aef6a
GET /img/debate.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Jan 2023 05:39:49 GMT
accept-ranges: bytes
content-length: 535562
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/certificadodig.png
66.7.220.3200 OK 696 kB URL HTTP/2 nfticket.pe/img/certificadodig.png
IP 66.7.220.3:0
File type PNG image data, 756 x 756, 8-bit/color RGB, non-interlaced\012- data
Size 696 kB (695569 bytes)
Hash 6f347f999f1b809c3d44f36368f6c5ad
0b30128ae087c0d0cb558e05a5eaa875af1c45e4
75d3674e8576f59ce7b2d908eccb2c4c6b4e73df310fc9b0c7abb657b56e7153
GET /img/certificadodig.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Jan 2023 05:11:48 GMT
accept-ranges: bytes
content-length: 695569
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d529039ef00a71c8df50e6ef1b70f008
aa122f67f3926a2a850bf38b4deacde7e90a0c7e
81140a714e53a0ca2b11888a160f2b3d39b01e9f8598e5bfcaf513f64d83baec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81140A714E53A0CA2B11888A160F2B3D39B01E9F8598E5BFCAF513F64D83BAEC"
Last-Modified: Thu, 26 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Thu, 26 Jan 2023 23:12:50 GMT
Date: Thu, 26 Jan 2023 17:13:11 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:13:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:13:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 253230
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.227200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:41:19 GMT
expires: Wed, 24 Jan 2024 09:41:19 GMT
cache-control: public, max-age=31536000
age: 199912
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345
66.7.220.3200 OK 92 kB URL HTTP/2 nfticket.pe/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345
IP 66.7.220.3:0
File type Web Open Font Format (Version 2), TrueType, length 92004, version 1.0\012- data
Hash be57951d47bc6b1635653a38cbdf30fd
e5c03fd4d0715d3a59db5fdba4a19374cf3cc9de
6e30be95c88e3acf121f68a271f54b13af21cd26e311fe37df694874edfd48c7
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nfticket.pe/assets/vendor/bootstrap-icons/bootstrap-icons.css
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 92004
content-type: font/woff2
date: Thu, 26 Jan 2023 17:13:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:13:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 03:37:22 GMT
expires: Thu, 25 Jan 2024 03:37:22 GMT
cache-control: public, max-age=31536000
age: 135349
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 04:05:29 GMT
expires: Tue, 23 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 306462
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
216.58.207.227200 OK 49 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 48620, version 1.0\012- data
Hash 8b3f45fbebe40f151e3bdadf9062f2c6
d4b9145fb8346c6442cc946bc25da699dd035e0e
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
GET /s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 20:58:27 GMT
expires: Thu, 25 Jan 2024 20:58:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:45:53 GMT
content-type: font/woff2
age: 72884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aqku.pe/wp-content/uploads/2022/11/Nuevos-Disenos-010-05-e1668815726865.png
162.241.169.207200 OK 4.5 kB URL HTTP/2 aqku.pe/wp-content/uploads/2022/11/Nuevos-Disenos-010-05-e1668815726865.png
IP 162.241.169.207:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 204 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash bcd01599edfc508abafcabe1e8c36cac
acc23a13ad00fc13e5bdecd12381863a9170deb2
46f09f59a4cd4467f68a0b4b6babc80dd601b52084f796a9199b530fc030bb72
GET /wp-content/uploads/2022/11/Nuevos-Disenos-010-05-e1668815726865.png HTTP/1.1
Host: aqku.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Nov 2022 23:55:26 GMT
accept-ranges: bytes
content-length: 4479
content-type: image/png
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/pictogrify/dist/sprite-monsters.svg
66.7.220.3200 OK 39 kB URL HTTP/2 nfticket.pe/pictogrify/dist/sprite-monsters.svg
IP 66.7.220.3:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (38743), with no line terminators
Hash 888ad8e5b35bb923281f9946030aa751
3d7bbd3881315f70ac376d8f9006f260e62c4e0a
0a7e19114671712e907849f37481963b6d12171fbb7deab4dfd52311e53c63ab
Analyzer Verdict Alert fortinet Phishing
GET /pictogrify/dist/sprite-monsters.svg HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 20:44:15 GMT
accept-ranges: bytes
content-length: 38743
content-type: image/svg+xml
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/home-gradient-light-sm.png
66.7.220.3200 OK 153 kB URL HTTP/2 nfticket.pe/img/home-gradient-light-sm.png
IP 66.7.220.3:0
File type PNG image data, 535 x 420, 8-bit/color RGBA, non-interlaced\012- data
Size 153 kB (153133 bytes)
Hash 58f59d8f1627eaab6ba2a2042dc8255d
890c22c5250dc65d7e51ab78a36fa89d482addc5
f0fb05679316d951f0d807282a3dbdc25bba154a9fc4e6bfa4c77bbcec74e1c9
GET /img/home-gradient-light-sm.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 25 Dec 2022 19:23:23 GMT
accept-ranges: bytes
content-length: 153133
content-type: image/png
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/boxicons/fonts/boxicons.woff2
66.7.220.3200 OK 103 kB URL HTTP/2 nfticket.pe/assets/vendor/boxicons/fonts/boxicons.woff2
IP 66.7.220.3:0
File type Web Open Font Format (Version 2), TrueType, length 102988, version 1.0\012- data
Size 103 kB (102988 bytes)
Hash d9177fbc6284f3221258ea6b0b4eb126
ff9bdd64fb52fae9229065bab30e97b0daadd974
df8458262a7d3d4dad2851655de2b3ba3b711f52e2bfce63ce0348730bb819c7
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/boxicons/fonts/boxicons.woff2 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nfticket.pe/assets/vendor/boxicons/css/boxicons.min.css
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 102988
content-type: font/woff2
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
cryptologos.cc/logos/gnosis-gno-gno-logo.png?v=024
104.21.92.70200 OK 83 kB URL HTTP/2 cryptologos.cc/logos/gnosis-gno-gno-logo.png?v=024
IP 104.21.92.70:0
File type PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced\012- data
Hash afdf0fed63808494d4a357abffe364c8
9a081c8f08d687a5ee51179026c484ea912379d9
dd96d9ce6da89942b38706b95ad34d3beb85e48d36588246943744266d804be9
GET /logos/gnosis-gno-gno-logo.png?v=024 HTTP/1.1
Host: cryptologos.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:11 GMT
content-type: image/png
content-length: 83253
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 17:13:10 GMT
last-modified: Fri, 25 Feb 2022 07:07:33 GMT
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt1Fu024%2FhR%2BD1d2hBG0Zu07n9EpV9lIwRmSQOXRKis%2FDBvplBRlC6XbtBFXbklwA%2BMc1MUapjrnNxlUB1lfMZwsgWqHjVql%2FnMnEiR05OSX2TiTf%2Bhv3SePtbojBtKm%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fae0b06f98b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nfticket.pe/img/dao/LogoV0_DS4BCommunity_Jpg.jpg
66.7.220.3200 OK 208 kB URL HTTP/2 nfticket.pe/img/dao/LogoV0_DS4BCommunity_Jpg.jpg
IP 66.7.220.3:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 1924x1013, components 3\012- data
Size 208 kB (207930 bytes)
Hash 47e5f669257d2339a94a72997bb83a3e
dc75a3ffd249f9a70e66b6d1cbe51e3186b34e12
ea1276ffe5d0bd0c8efed24b2d51ec6b10d74e0860d4fa0f8bca1adb3944dd3f
GET /img/dao/LogoV0_DS4BCommunity_Jpg.jpg HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 14 Jan 2023 19:37:02 GMT
accept-ranges: bytes
content-length: 207930
content-type: image/jpeg
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/dao/web31.png
66.7.220.3200 OK 92 kB URL HTTP/2 nfticket.pe/img/dao/web31.png
IP 66.7.220.3:0
File type PNG image data, 500 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 65db64f9d78370ff8ffec43e0133d682
314d05084bc026c496f9ee75190efc5885647dd8
99de4db42184b974ae0ce5cae6a1a22aab30ac6232f6dbfc7dd43a2be4876c92
GET /img/dao/web31.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 17 Dec 2022 02:27:56 GMT
accept-ranges: bytes
content-length: 91695
content-type: image/png
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/dao/henry.png
66.7.220.3200 OK 224 kB URL HTTP/2 nfticket.pe/img/dao/henry.png
IP 66.7.220.3:0
File type PNG image data, 634 x 293, 8-bit/color RGBA, non-interlaced\012- data
Size 224 kB (224035 bytes)
Hash 82ff9a8ff6ca0d6acd86005c4e6ac90e
fa00d3743288d914ec0390630fae14344760ce3a
a099a56fb47d71275060839620b1d212028be50d3c3e01cb93a4dd511306a60a
GET /img/dao/henry.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Jun 2022 19:42:03 GMT
accept-ranges: bytes
content-length: 224035
content-type: image/png
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/dao/bannerClub.jpg
66.7.220.3200 OK 61 kB URL HTTP/2 nfticket.pe/img/dao/bannerClub.jpg
IP 66.7.220.3:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left], baseline, precision 8, 549x358, components 3\012- data
Hash 4775704665b92827b7d023f11d0f4dad
1041d93d1728d5a32f1c4c001e769f53f8a87ec2
6fa367a1094c709bfe10609a466219e6f6b3a745d0b740a6dad18d6d5a0566e8
GET /img/dao/bannerClub.jpg HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Jun 2022 11:53:51 GMT
accept-ranges: bytes
content-length: 61315
content-type: image/jpeg
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
cryptologos.cc/logos/celo-celo-logo.png?v=024
104.21.92.70200 OK 121 kB URL HTTP/2 cryptologos.cc/logos/celo-celo-logo.png?v=024
IP 104.21.92.70:0
File type PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced\012- data
Size 121 kB (120874 bytes)
Hash b0c3052a0a0ad48dda6fa14e03c8441f
0dfdcb62b465fb310f3b808994ab5ec51dcdcd17
88ef8e181edef7e57cc3429e64c154fcd3033f2adfcb739288e82a8097084566
GET /logos/celo-celo-logo.png?v=024 HTTP/1.1
Host: cryptologos.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:11 GMT
content-type: image/png
content-length: 120874
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 17:13:10 GMT
last-modified: Fri, 20 Nov 2020 22:18:13 GMT
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhlkZuhqG9L69PAvLbUa125l2wOCynD1D8EFqrm4K8bZPSofz7wXfDfsjFehHjNVW%2FHY0a4cjAOlClwsHy14iNwVT0ChEBnULhpT8Ck0c2xsh0qniFHgtsQM8LP%2B2L%2F%2BbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fae0b07fa1b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nfticket.pe/img/dao/bannertribu.png
66.7.220.3200 OK 288 kB URL HTTP/2 nfticket.pe/img/dao/bannertribu.png
IP 66.7.220.3:0
File type PNG image data, 549 x 358, 8-bit/color RGB, non-interlaced\012- data
Size 288 kB (287533 bytes)
Hash 7b001a7f1fcd07f9db27c5f3e057b9a5
ff7e699474d22d9d1292dd223acd7ff2893f002b
fada29238afa8ae9fed8bdf7676666fee4ad9b710eacc19afdb68163cc0dd254
GET /img/dao/bannertribu.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 14:07:17 GMT
accept-ranges: bytes
content-length: 287533
content-type: image/png
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
stamping.mypinata.cloud/ipfs/QmcaJBd2HFYP8YrRCdLcdqwJ3Ux1qqqbUSpXDAR7p9FZKT
104.18.30.237200 OK 85 kB URL HTTP/2 stamping.mypinata.cloud/ipfs/QmcaJBd2HFYP8YrRCdLcdqwJ3Ux1qqqbUSpXDAR7p9FZKT
IP 104.18.30.237:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Hash 173c783e5159aafe35ec8f73a844e696
902790dc40c523999ec88e96f791bfa97842599a
c987feb1ce6af3c8d1524a78fdeecb6174ad4ee9249c00e3bf16f5fd8d52d42a
GET /ipfs/QmcaJBd2HFYP8YrRCdLcdqwJ3Ux1qqqbUSpXDAR7p9FZKT HTTP/1.1
Host: stamping.mypinata.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:12 GMT
content-type: image/jpeg
content-length: 85358
cf-ray: 78fae0b72e8eb4f4-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=29030400
etag: "QmcaJBd2HFYP8YrRCdLcdqwJ3Ux1qqqbUSpXDAR7p9FZKT"
expires: Thu, 28 Dec 2023 17:13:12 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With
access-control-allow-methods: GET,HEAD
access-control-expose-headers: Content-Range,X-Chunked-Output,X-Stream-Output
cf-bgj: h2pri
x-ipfs-path: /ipfs/QmcaJBd2HFYP8YrRCdLcdqwJ3Ux1qqqbUSpXDAR7p9FZKT
set-cookie: __cf_bm=Fwmt7uaLqNSMAtf5bgCTHueiiJDM94e3POBv6XdIMP8-1674753192-0-AWkGd+QKJpnT62JDClL3SwaVZuCG9KKIvjU5/NmpDZzCGqTDmoH8oPdbRrFKBT680bD1VzQzQGcjC3Ashr3xaHY=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
__cf_bm=Qxgz8HelQmNA8vmuHkXZ.TI5Y71kl7mEzKqp9TrXRjY-1674753192-0-AYlun8+6Nmvi9cvvNTWPBZyFIE6iiJ/ZKbi3vStc8uWvf+Bvuu8UBcZJLAQIcK1AoIG5UUb2NgBGcY97cgCBvZg=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
_cfuvid=CqGxh_gK6QCtomv8C7o06VMoZbD9xJnQQtXkdjKD3Pg-1674753192537-0-604800000; path=/; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
stamping.mypinata.cloud/ipfs/QmXa8YNdjKkqWoTGmo3ji312hwpQEvDdxmY7c9w9Js1kRF
104.18.30.237200 OK 15 kB URL HTTP/2 stamping.mypinata.cloud/ipfs/QmXa8YNdjKkqWoTGmo3ji312hwpQEvDdxmY7c9w9Js1kRF
IP 104.18.30.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 500x300, components 3\012- data
Hash 1d2d18f6c73ad9c436d75ad48eeba6e1
156f70d0ff9190a5b8e73c4d5da43410f793e4c8
d0a7f2c622e21214403212d71539b7ba658ada010b2eb35c9a0ff5d8a902757b
GET /ipfs/QmXa8YNdjKkqWoTGmo3ji312hwpQEvDdxmY7c9w9Js1kRF HTTP/1.1
Host: stamping.mypinata.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:12 GMT
content-type: image/jpeg
content-length: 15070
cf-ray: 78fae0b75ef8b4f4-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=29030400
etag: "QmXa8YNdjKkqWoTGmo3ji312hwpQEvDdxmY7c9w9Js1kRF"
expires: Thu, 28 Dec 2023 17:13:12 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With
access-control-allow-methods: GET,HEAD
access-control-expose-headers: Content-Range,X-Chunked-Output,X-Stream-Output
cf-bgj: h2pri
x-ipfs-path: /ipfs/QmXa8YNdjKkqWoTGmo3ji312hwpQEvDdxmY7c9w9Js1kRF
set-cookie: __cf_bm=u5Y_qhayDBReQVckCgAZNNjs1ZBCrBNutMp7CdRKZws-1674753192-0-AeCHCjtK6l2nFnlqaMLTMSgSFH1s16cu56C7xf5eW5BEW/eLqvJVdcd4dgjUlZ4xLeTBlE8Zi+TMfbAOxLOr1qA=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
__cf_bm=h2EKjocz6kwREt_yvjvAuo_OAi0AmbtmX41K0.3azh4-1674753192-0-Af6KrMruUoyR9OH+tK03fKx7LhOu3wydphKqA1xBeY0BZTHm1l4Kzj3MbNrNeH8t3fAJMV5pFITX/DGzUR4kloo=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
_cfuvid=imw9ekPAk4MHqKGjWWV3fwDJF_DswizCUa04B1xhRjA-1674753192539-0-604800000; path=/; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
stamping.mypinata.cloud/ipfs/QmZoEnmjoymuaEvc53vtNS2a5Em6kvJhtkZz1nkKFNMc1C
104.18.30.237200 OK 114 kB URL HTTP/2 stamping.mypinata.cloud/ipfs/QmZoEnmjoymuaEvc53vtNS2a5Em6kvJhtkZz1nkKFNMc1C
IP 104.18.30.237:0
File type PNG image data, 1200 x 1200, 8-bit/color RGB, non-interlaced\012- data
Size 114 kB (114406 bytes)
Hash 192365a79d6b0fa4b12f5226f612009d
a25fbc0db505271a217d2cc498f36dbb35f4abfc
f6d8d645b45a6bdf282f3be6b55dde66f2da1fa936affebceb80d519d8a47cd2
GET /ipfs/QmZoEnmjoymuaEvc53vtNS2a5Em6kvJhtkZz1nkKFNMc1C HTTP/1.1
Host: stamping.mypinata.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:12 GMT
content-type: image/png
content-length: 114406
cf-ray: 78fae0b74ed4b4f4-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=29030400
etag: "QmZoEnmjoymuaEvc53vtNS2a5Em6kvJhtkZz1nkKFNMc1C"
expires: Thu, 28 Dec 2023 17:13:12 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With
access-control-allow-methods: GET,HEAD
access-control-expose-headers: Content-Range,X-Chunked-Output,X-Stream-Output
x-ipfs-path: /ipfs/QmZoEnmjoymuaEvc53vtNS2a5Em6kvJhtkZz1nkKFNMc1C
set-cookie: __cf_bm=6KFUCHcht5ZRBzyr0ksAtwFSG9bub_aqzXyGgFyhS1A-1674753192-0-AeLLoBDYqaOrBirlSLL7YoE/fK3UqcYxXzFScRXPY9UAov/kuW3cPAi5E6B1gTAV59o+PsqbhXARw9wu3ZZSwb8=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
__cf_bm=NHAF7FJo40sRxLX_rcAzp2lAMsqbYLzDDT7UdXLi924-1674753192-0-AZVPWbNh1oYuqLhvll8HIfKrKdNjHQbTP2Z94eR9PkYJCAdogu3NdgC+G8Ek2Agb3VZpR8/C/c/dxmUMxtfbbrI=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
_cfuvid=eqashoFEZmpsK4_7h9pb4QRveCs11qSjJBumxq0zBAw-1674753192544-0-604800000; path=/; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
stamping.mypinata.cloud/ipfs/Qmc99cGbq87AF7ModWgjczfDhRHhPe2d8FmfZoYyqHyU5B
104.18.30.237200 OK 161 kB URL HTTP/2 stamping.mypinata.cloud/ipfs/Qmc99cGbq87AF7ModWgjczfDhRHhPe2d8FmfZoYyqHyU5B
IP 104.18.30.237:0
File type PNG image data, 500 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (160627 bytes)
Hash 690dfacc3816e364327f49567fd4063c
65ecc7e64cefec4ed3f9f099daa7c399d9b94bde
6ebed82d893e4ab94f0d5ab5c8d1b06bb920afe18031b0ad6b220eff6fbdac7d
GET /ipfs/Qmc99cGbq87AF7ModWgjczfDhRHhPe2d8FmfZoYyqHyU5B HTTP/1.1
Host: stamping.mypinata.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:12 GMT
content-type: image/png
content-length: 160627
cf-ray: 78fae0b74ed3b4f4-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=29030400
etag: "Qmc99cGbq87AF7ModWgjczfDhRHhPe2d8FmfZoYyqHyU5B"
expires: Thu, 28 Dec 2023 17:13:12 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Range,X-Chunked-Output,X-Stream-Output
x-ipfs-path: /ipfs/Qmc99cGbq87AF7ModWgjczfDhRHhPe2d8FmfZoYyqHyU5B
set-cookie: __cf_bm=fYDEQdT1eIeDoPzxI_EnHwQY_EYW0_ePLHUYZkcKSoM-1674753192-0-AZLJ/C4BYNrrXDBhIKSiuU0HlmY714NzivE5EHWVd3wd3s7uLfzRMcEi6v0qEL8EN3pFqK/oqnrSs/c91OAIXqM=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
__cf_bm=nC6ykylXNuKz6nd8khiOsFB_FdZrgKFfUZfAg4hkvk4-1674753192-0-ASPZDKC9lTE6xYVR1kdSqXHP9kQ3ilbRf+tyG+XbCsB6fHububOPRsn6cDZlxSVQ6U6QGJFIkdVZxqUAstEeCG4=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
_cfuvid=hdPy5Rf2cg6yh9nFjkJkXRBxY4tm_Ht_8mg4BUVyOwI-1674753192566-0-604800000; path=/; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
stamping.mypinata.cloud/ipfs/QmWEf5wYVCBYNb4N13wxNKqpnDrku23kEc3CCuBZFiTFyU
104.18.30.237200 OK 193 kB URL HTTP/2 stamping.mypinata.cloud/ipfs/QmWEf5wYVCBYNb4N13wxNKqpnDrku23kEc3CCuBZFiTFyU
IP 104.18.30.237:0
File type PNG image data, 691 x 697, 8-bit/color RGB, non-interlaced\012- data
Size 193 kB (192869 bytes)
Hash 2fb7d34270a7f88253e0b85520807066
746bab2e5f677aba1b01e953a326cfe60af75371
ee4c5ea36f29a0c9e0a7e4791a2b763832d194a7f8d7f2a0b91c7581b0250e75
GET /ipfs/QmWEf5wYVCBYNb4N13wxNKqpnDrku23kEc3CCuBZFiTFyU HTTP/1.1
Host: stamping.mypinata.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:12 GMT
content-type: image/png
content-length: 192869
cf-ray: 78fae0b73ec0b4f4-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=29030400
etag: "QmWEf5wYVCBYNb4N13wxNKqpnDrku23kEc3CCuBZFiTFyU"
expires: Thu, 28 Dec 2023 17:13:12 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With
access-control-allow-methods: GET,HEAD
access-control-expose-headers: Content-Range,X-Chunked-Output,X-Stream-Output
x-ipfs-path: /ipfs/QmWEf5wYVCBYNb4N13wxNKqpnDrku23kEc3CCuBZFiTFyU
set-cookie: __cf_bm=CzlnGYNBiCyGtEGZ4rk9EtsEX6ewhPATRLKa1K0tsmA-1674753192-0-AVjWS4oPf56aasgVxtXN65tvf5V7lzZngZWtllwdYFfsisYlzN4EmmhkhyTxpUBcgqPRtKGCT4WxoyzQgtJxHTM=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
__cf_bm=Aet4EtI4Zl5ynBaFqjxVw29PwedhPyVGDM0cnnaCM08-1674753192-0-AfKyloP1kgMe8UVJ4txK6XHmvBLCR50E2wC4GHS/gYrDZiaqjCObvhGBnu4ooW/tEVkptldS7C/s8PYWo6h49og=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
_cfuvid=rvXSRLxKoxvfyizm3VVdbsdKJPCnUKe81YNVoCcV7uU-1674753192568-0-604800000; path=/; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
nfticket.pe/api/dao/get/n_index.php?token=eTF24rNygbYIJz2LJApDbdHjduY
66.7.220.3200 OK 241 kB URL HTTP/2 nfticket.pe/api/dao/get/n_index.php?token=eTF24rNygbYIJz2LJApDbdHjduY
IP 66.7.220.3:0
Size 241 kB (241178 bytes)
Hash 12cc2eba88456a61b14318cecbc7075a
9c68c00b6da095771a53b9bac059711cc04d31e1
6de6ae610f2dfa512d3a121a1f86804297aa6d76af1f6092ea286ec865c362c4
GET /api/dao/get/n_index.php?token=eTF24rNygbYIJz2LJApDbdHjduY HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
stamping.mypinata.cloud/ipfs/QmfZaTPXfjQ1v5gnAhr3CgrXc7keY9CfHHW8BRotZwGTLD
104.18.30.237200 OK 7.6 MB URL HTTP/2 stamping.mypinata.cloud/ipfs/QmfZaTPXfjQ1v5gnAhr3CgrXc7keY9CfHHW8BRotZwGTLD
IP 104.18.30.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, manufacturer=Canon, model=Canon EOS Rebel SL3, orientation=upper-left, xresolution=232, yresolution=240, resolutionunit=2, datetime=2022:12:20 04:45:18], baseline, precision 8, 6000x4000, components 3\012- data
Size 7.6 MB (7571789 bytes)
Hash 26d0f9f0f56dac6d59a796e3408b55da
bcc243f811e948dd1ccbb8ad523cd335277d9449
304074d7843004caaab40933d7395e5e2dc9c23014ddfb70b839ac12d12f15d9
GET /ipfs/QmfZaTPXfjQ1v5gnAhr3CgrXc7keY9CfHHW8BRotZwGTLD HTTP/1.1
Host: stamping.mypinata.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:12 GMT
content-type: image/jpeg
content-length: 7571789
cf-ray: 78fae0b75efeb4f4-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=29030400
etag: "QmfZaTPXfjQ1v5gnAhr3CgrXc7keY9CfHHW8BRotZwGTLD"
expires: Thu, 28 Dec 2023 17:13:12 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With
access-control-allow-methods: GET,HEAD
access-control-expose-headers: Content-Range,X-Chunked-Output,X-Stream-Output
cf-bgj: h2pri
x-ipfs-path: /ipfs/QmfZaTPXfjQ1v5gnAhr3CgrXc7keY9CfHHW8BRotZwGTLD
set-cookie: __cf_bm=GmERZYfj37rCjyustlnUV1URmwBtfBSOvIL6GP5aiFI-1674753192-0-AepYfepCIeNl3e2+3i7fa9Z/t/n0FGLf3hJaAZ1UU1l0mVyAPNdBGSym1pJymXmmm0yeWpcXO++BHwb6D5BwOl8=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
__cf_bm=0OFpE8EvR4U0aMMdqV53AXplt7X38FA7SOUbc.EGH4M-1674753192-0-AaFyH+CvojvphBH/dTGzzTXm0JhR6D/UlDsnrFoWKzel3rE1ykW//Svg70qmLIit92FPP3JtwJTZzipUplUKK5Y=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
_cfuvid=e6DMiprRAJqVmfRwVHf.M9DlHfpuNyzIT7YQl4Hwdk8-1674753192570-0-604800000; path=/; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
stamping.mypinata.cloud/ipfs/QmeptTmeFKRGSrE91BLqgh2kAxqBoanyVMwGiwYqo7Qq6r
104.18.30.237200 OK 29 kB URL HTTP/2 stamping.mypinata.cloud/ipfs/QmeptTmeFKRGSrE91BLqgh2kAxqBoanyVMwGiwYqo7Qq6r
IP 104.18.30.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x365, components 3\012- data
Hash 3b08f29f120f0916df43f8a6fa0ab1f6
aa0604e37842a94f9d7a9fde9f5fda467eac8d12
e21e34d7b8ce3ce35d63f7d04102bb37e79766f6b2a7bd0b09383b80e5b3fd14
GET /ipfs/QmeptTmeFKRGSrE91BLqgh2kAxqBoanyVMwGiwYqo7Qq6r HTTP/1.1
Host: stamping.mypinata.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:12 GMT
content-type: image/jpeg
content-length: 29021
cf-ray: 78fae0b73ea9b4f4-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=29030400
etag: "QmeptTmeFKRGSrE91BLqgh2kAxqBoanyVMwGiwYqo7Qq6r"
expires: Thu, 28 Dec 2023 17:13:12 GMT
cf-cache-status: HIT
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
psr: true
x-ipfs-path: /ipfs/QmeptTmeFKRGSrE91BLqgh2kAxqBoanyVMwGiwYqo7Qq6r
x-ipfs-roots: QmeptTmeFKRGSrE91BLqgh2kAxqBoanyVMwGiwYqo7Qq6r
vary: Accept-Encoding
set-cookie: __cf_bm=d6nW1PQ0DxfEwvkMvgE_EpEDxLqT3v1ivnoT.nmT.1E-1674753192-0-ATnaWYs7dBkgffZmWDZBkVxq7ZG8pn/A/0imeYfpg1FMPUwfLRRJTgrfDY7YPy9gImOJu1iBsl+7O7I/ofJp6Mk=; path=/; expires=Thu, 26-Jan-23 17:43:12 GMT; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
_cfuvid=t8nodbu1aLIGyj3QmKJB5ga._zN7DmYestq6e5dLQa4-1674753192723-0-604800000; path=/; domain=.mypinata.cloud; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
nfticket.pe/api/event/image/nft/QmQUJ77ioA5yx8uqbwi6L2yph4qpxxYGBL4usJAL3nPLVY
66.7.220.3200 OK 25 kB URL HTTP/2 nfticket.pe/api/event/image/nft/QmQUJ77ioA5yx8uqbwi6L2yph4qpxxYGBL4usJAL3nPLVY
IP 66.7.220.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 535x267, components 3\012- data
Hash 66eae8c6faa2f071b8d5d9c9609dccf0
be30c400aee3f566467878923428b13ff602d228
d9c9515f248916d10d6d56d4eaaf02a11bee92fd02ea2019a76a0f36217c0f94
Analyzer Verdict Alert fortinet Phishing
GET /api/event/image/nft/QmQUJ77ioA5yx8uqbwi6L2yph4qpxxYGBL4usJAL3nPLVY HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 Jan 2023 21:46:46 GMT
accept-ranges: bytes
content-length: 25083
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/api/event/image/nft/QmaP8ZCFUcsceCvJcoDXNH37UZYDkrR7BwQpMs9KfEG4v4
66.7.220.3200 OK 43 kB URL HTTP/2 nfticket.pe/api/event/image/nft/QmaP8ZCFUcsceCvJcoDXNH37UZYDkrR7BwQpMs9KfEG4v4
IP 66.7.220.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 535x439, components 3\012- data
Hash b0e6120bbf1ef6cd9cbcf97fdad33f31
fdaf6671a4279019c91498d4791ac30a4713a63e
4659ec4a30ac70e4a49fbd097ded05f3716ad6466b3828b5a8561a1db1708e66
Analyzer Verdict Alert fortinet Phishing
GET /api/event/image/nft/QmaP8ZCFUcsceCvJcoDXNH37UZYDkrR7BwQpMs9KfEG4v4 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 13:02:24 GMT
accept-ranges: bytes
content-length: 42898
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/api/event/image/nft/QmTqwRm45QMBUPmg57Aai77pRzhchqw1jnwhav6SAJspzL
66.7.220.3200 OK 37 kB URL HTTP/2 nfticket.pe/api/event/image/nft/QmTqwRm45QMBUPmg57Aai77pRzhchqw1jnwhav6SAJspzL
IP 66.7.220.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 534x535, components 3\012- data
Hash 167d2e841bc49c534cbcbaf4c10c6097
748b15ba29fa4627e2a2c75eaae7160a5cfebfc3
d0e17c3acbc8ed0051f742b8089ef70ca85015a48ec4e5bf0781b2db61a4e5b5
Analyzer Verdict Alert fortinet Phishing
GET /api/event/image/nft/QmTqwRm45QMBUPmg57Aai77pRzhchqw1jnwhav6SAJspzL HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 09 Jan 2023 16:44:37 GMT
accept-ranges: bytes
content-length: 36586
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/api/event/image/nft/QmS87Qs9cUHN4xJoBehEiYtA95xJV5nFAU25UdTzySzaRx
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/api/event/image/nft/QmS87Qs9cUHN4xJoBehEiYtA95xJV5nFAU25UdTzySzaRx
IP 66.7.220.3:0
Analyzer Verdict Alert fortinet Phishing
GET /api/event/image/nft/QmS87Qs9cUHN4xJoBehEiYtA95xJV5nFAU25UdTzySzaRx HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Jan 2023 03:57:33 GMT
accept-ranges: bytes
content-length: 298744
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:16 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/img/sold.png
66.7.220.3200 OK 0 B IP 66.7.220.3:0
GET /img/sold.png HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jun 2022 18:08:40 GMT
accept-ranges: bytes
content-length: 330211
content-type: image/png
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/api/event/image/nft/QmSYGNG8AuL9Au6JKuTtBHMz4xukz5VW6ThfdMPRnUi48n
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/api/event/image/nft/QmSYGNG8AuL9Au6JKuTtBHMz4xukz5VW6ThfdMPRnUi48n
IP 66.7.220.3:0
Analyzer Verdict Alert fortinet Phishing
GET /api/event/image/nft/QmSYGNG8AuL9Au6JKuTtBHMz4xukz5VW6ThfdMPRnUi48n HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Jan 2023 14:21:24 GMT
accept-ranges: bytes
content-length: 472062
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.quilljs.com/1.3.6/quill.snow.css
216.24.57.3200 OK 0 B URL HTTP/2 cdn.quilljs.com/1.3.6/quill.snow.css
IP 216.24.57.3:0
GET /1.3.6/quill.snow.css HTTP/1.1
Host: cdn.quilljs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:09 GMT
content-type: text/css; charset=utf-8
cf-ray: 78fae0ab88befabc-OSL
access-control-allow-origin: *
age: 151
cache-control: public, max-age=604800
etag: W/"9b536bda67650c506df72197baec4c01"
last-modified: Tue, 16 Mar 2021 22:22:46 UTC
vary: Accept-Encoding
cf-cache-status: HIT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nfticket.pe/api/nft/get/?token=eTF24rNygbYIJz2LJApDbdHjduY
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/api/nft/get/?token=eTF24rNygbYIJz2LJApDbdHjduY
IP 66.7.220.3:0
Analyzer Verdict Alert fortinet Phishing
GET /api/nft/get/?token=eTF24rNygbYIJz2LJApDbdHjduY HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/pictogrify/dist/pictogrify.js
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/pictogrify/dist/pictogrify.js
IP 66.7.220.3:0
Analyzer Verdict Alert fortinet Phishing
GET /pictogrify/dist/pictogrify.js HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 20:44:15 GMT
accept-ranges: bytes
content-length: 492148
content-type: application/javascript
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:13 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.quilljs.com/1.3.6/quill.bubble.css
216.24.57.3200 OK 0 B URL HTTP/2 cdn.quilljs.com/1.3.6/quill.bubble.css
IP 216.24.57.3:0
GET /1.3.6/quill.bubble.css HTTP/1.1
Host: cdn.quilljs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:09 GMT
content-type: text/css; charset=utf-8
cf-ray: 78fae0ab88bffabc-OSL
access-control-allow-origin: *
age: 17
cache-control: public, max-age=604800
etag: W/"1481f6f60c160d773a7533c2db8c95fd"
last-modified: Tue, 16 Mar 2021 22:22:46 UTC
vary: Accept-Encoding
cf-cache-status: HIT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.quilljs.com/1.3.6/quill.core.js
216.24.57.3200 OK 0 B URL HTTP/2 cdn.quilljs.com/1.3.6/quill.core.js
IP 216.24.57.3:0
GET /1.3.6/quill.core.js HTTP/1.1
Host: cdn.quilljs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:09 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 78fae0abb8ddfabc-OSL
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"b4826dc769f788781933fd0975ea0f5f"
last-modified: Tue, 16 Mar 2021 22:22:46 UTC
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cache-tag: srv-c18iup3jbvmedckps0k0
cloudflare-cdn-cache-control: public, max-age=300
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nfticket.pe/img/logo.png?v=1
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/img/logo.png?v=1
IP 66.7.220.3:0
Analyzer Verdict Alert fortinet Phishing
GET /img/logo.png?v=1 HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Mar 2022 14:47:48 GMT
accept-ranges: bytes
content-length: 17576
content-type: image/png
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/api/wallet/count/n_index.php?token=eTF24rNygbYIJz2LJApDbdHjduY
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/api/wallet/count/n_index.php?token=eTF24rNygbYIJz2LJApDbdHjduY
IP 66.7.220.3:0
Analyzer Verdict Alert fortinet Phishing
GET /api/wallet/count/n_index.php?token=eTF24rNygbYIJz2LJApDbdHjduY HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/api/event/image/nft/QmR4tJb4DG4yUkUDAokre37ubbEiY9LK6wQqzYB1VuuV6u
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/api/event/image/nft/QmR4tJb4DG4yUkUDAokre37ubbEiY9LK6wQqzYB1VuuV6u
IP 66.7.220.3:0
Analyzer Verdict Alert fortinet Phishing
GET /api/event/image/nft/QmR4tJb4DG4yUkUDAokre37ubbEiY9LK6wQqzYB1VuuV6u HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 05:07:38 GMT
accept-ranges: bytes
content-length: 258699
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:11 GMT
server: Apache
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:15 GMT
server: Apache
X-Firefox-Spdy: h2
nfticket.pe/assets/vendor/aos/aos.css
66.7.220.3200 OK 0 B URL HTTP/2 nfticket.pe/assets/vendor/aos/aos.css
IP 66.7.220.3:0
GET /assets/vendor/aos/aos.css HTTP/1.1
Host: nfticket.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Cookie: PHPSESSID=5a9f2f4cc6581e355ea7e9d59203d394
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Nov 2021 15:04:24 GMT
accept-ranges: bytes
content-length: 26053
content-type: text/css
date: Thu, 26 Jan 2023 17:13:09 GMT
server: Apache
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:14 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.quilljs.com/1.3.6/quill.min.js
216.24.57.3200 OK 0 B URL HTTP/2 cdn.quilljs.com/1.3.6/quill.min.js
IP 216.24.57.3:0
GET /1.3.6/quill.min.js HTTP/1.1
Host: cdn.quilljs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:10 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 78fae0ab88c2fabc-OSL
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"c2734fd6895bdfba13245fc2cda12202"
last-modified: Tue, 16 Mar 2021 22:22:46 UTC
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cache-tag: srv-c18iup3jbvmedckps0k0
cloudflare-cdn-cache-control: public, max-age=300
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:14 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.quilljs.com/1.3.6/quill.core.css
216.24.57.3200 OK 0 B URL HTTP/2 cdn.quilljs.com/1.3.6/quill.core.css
IP 216.24.57.3:0
GET /1.3.6/quill.core.css HTTP/1.1
Host: cdn.quilljs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:10 GMT
content-type: text/css; charset=utf-8
cf-ray: 78fae0ab88c0fabc-OSL
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"e90c0cf8248dbfeb25b032d865b7ef88"
last-modified: Tue, 16 Mar 2021 22:22:46 UTC
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cache-tag: srv-c18iup3jbvmedckps0k0
cloudflare-cdn-cache-control: public, max-age=300
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
138.128.168.10200 OK 0 B URL HTTP/2 api.stamping.io/contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF
IP 138.128.168.10:0
GET /contract/call/?token=eTF24rNygbYIJz2LJApDbdHjduY&contract=0x4E4dcb34c778BbfFF9CE8D7c97d7B93055f63837&method=balanceOf&node=https://forno.celo.org¶m1=0x982DA9Dae811987b3F9E3e079435298648010dCF HTTP/1.1
Host: api.stamping.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nfticket.pe
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8
date: Thu, 26 Jan 2023 17:13:13 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js
151.101.193.229200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js
IP 151.101.193.229:0
GET /npm/web3@latest/dist/web3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"163759-IwpZDBwarMNpRlZFtitwZD1oxeo"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 17:13:09 GMT
age: 5112
x-served-by: cache-fra-eddf8230054-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 419297
X-Firefox-Spdy: h2
cdn.quilljs.com/1.3.6/quill.js
216.24.57.3200 OK 0 B URL HTTP/2 cdn.quilljs.com/1.3.6/quill.js
IP 216.24.57.3:0
GET /1.3.6/quill.js HTTP/1.1
Host: cdn.quilljs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfticket.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:13:09 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 78fae0ab98cefabc-OSL
access-control-allow-origin: *
age: 150
cache-control: public, max-age=604800
etag: W/"c11e87e46275c866af8ef7b394884fb9"
last-modified: Tue, 16 Mar 2021 22:22:46 UTC
vary: Accept-Encoding
cf-cache-status: HIT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2