firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 18:04:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: THbJKTCDUgL0atPMSjb_PTREhbI53nUxqi3qD7rU-8A0xfq0u3d0GQ==
Age: 2402
t.crdefault1.com/74883/3566?popUnder=true
3.218.135.42303 See Other 362 B URL HTTP/1.1 t.crdefault1.com/74883/3566?popUnder=true
IP 3.218.135.42:0
File type HTML document, ASCII text, with very long lines (362), with no line terminators
Hash 89ebc969544b6861fa7a887d9e91a918
c175059b06e85d9bf1aca95192d1c6cfcac1a5ef
a8e17c303f97e40f5113687f9c0175f471f7346674823f58e19183157aaa3233
Analyzer Verdict Alert fortinet Phishing
GET /74883/3566?popUnder=true HTTP/1.1
Host: t.crdefault1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Server: nginx/1.19.0
Date: Tue, 06 Sep 2022 18:44:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 362
Connection: keep-alive
set-cookie: aff_ran_url_5471=13402; Path=/; Expires=Wed, 07 Sep 2022 18:44:24 GMT; Secure
enc_aff_session_5471=ENC038ba1db96890df0a0cbbb294518edd3b43be26d567443727e40aeb5219b95c2e860f36068cc293eb9f1802b9addb88f81e5d14c0b7d946da10d9e31262b99a05b3be0268bb6e522d084fd772c7d763e06996bec2c9bb8aef64300533d22a0b688e82fe7c7c8f1c79066765a00613517c60914a8ca7f368d62bf0ff6f57dd262a01e6fae07; Path=/; Expires=Wed, 27 Feb 2030 09:44:24 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; Path=/; Expires=Fri, 01 Aug 2025 05:24:24 GMT; Secure
tracking_id: 1024d247e50fc4393b70d2f56b422b
location: https://3dgamesadult.com/tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
vary: Accept
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11913
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 18:44:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9RJFPvJ98bNa5hhS5-by5sfzQ-7X9-wkv5jzurSA8iKgIn-dFmQPuw==
age: 62947
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 18:44:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 32640bb9a5d1467d4541162c8787e5e0
b4444786d0d93ad90a8f62cb06643007b7b3cdf1
a8fb786f90ae1f25fe9f1d7c0c57daaca4afb55278a42760007e4c3c63de5252
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Sep 2022 18:44:23 GMT
ETag: "b4444786d0d93ad90a8f62cb06643007b7b3cdf1"
Last-Modified: Tue, 06 Sep 2022 18:44:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74695b173b0a0b61-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 18:43:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eYnSJ0Ppjd_BCEyLZHF9ei1Pf9d9lDyhao7ORLBp_MuOpk7o_HVFNA==
Age: 367
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3914
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:25 GMT
Last-Modified: Tue, 06 Sep 2022 17:39:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zwb2b1rAKE1wLwo3tXhy+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JRzk6/wn7WRRroOtch6eNpneOQ8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.1.1/webfonts/fa-solid-900.woff2
172.67.169.247200 OK 60 kB URL HTTP/2 use.fontawesome.com/releases/v5.1.1/webfonts/fa-solid-900.woff2
IP 172.67.169.247:0
File type Web Open Font Format (Version 2), TrueType, length 59604, version 1.0\012- data
Hash e8a92a29978352517c450b9a800b06cb
f2da460d41f0a68bcab83ed33073bb57d2c38484
b82ad8fbcf9bf844726f648ef268b74f8c2f668f56eafd98b05703e086ff1d5b
GET /releases/v5.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:26 GMT
content-type: font/woff2
content-length: 59604
x-amz-id-2: QA+5qwEC91eyqhS0aDMqZcIyWSNY0arx0BSzhbG8UGFLkHuz9Vq2ZHUbgtpQLMTtQ/BWOKJ7ntw=
x-amz-request-id: QQF4G10GJ8NKBZQ7
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:31:07 GMT
etag: "e8a92a29978352517c450b9a800b06cb"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 167243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki3ZoY%2F5q79ym%2BAHAQwVckr30YzJY%2FCdVVFX9F9ppGoruLo%2BxeVtiqLD7bhYXDIXTPLCNv95UeajFpDLdWDKdGGJ4mEAAHBOrsMkIfaTNpPqgSxQhmgW1o7tV8RJHHCBSJ88GnFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74695b215da4b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 06:06:20 GMT
expires: Fri, 01 Sep 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 477486
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash a69d1be0f71f76dee961eceb43dd8c88
2cf74d8ae408c3e5e5d0efbf88046650acc98a83
c66b8073bec5b06e74b0bca2a8bc619ed69aed267a9c39583aab758f5dcf633c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Sep 2022 16:47:56 GMT
ETag: "2cf74d8ae408c3e5e5d0efbf88046650acc98a83"
Last-Modified: Tue, 06 Sep 2022 16:47:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74695b21af4e0b61-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Montserrat
142.250.74.10200 OK 6.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP 142.250.74.10:0
Hash 1a702037be897267d8a534fe19586742
ab923c5359dbf0c97b32aa037eefce9c0fd7f664
5a9b41b9f6af9ac2bf8208aef82b44b6364d69b5ae2d4024d5132d0a2750c93d
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 18:44:26 GMT
date: Tue, 06 Sep 2022 18:44:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 74832
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 45 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Hash a4a9dd654be963784f1292032b535f01
96a8b4f6f5b3139fde6e4c0961338e41eeff71fd
a314113cacd7126ccd557f15768351dd2cc5b5cafe6d54bf5405c228bc340fa1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 75593
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 36560
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 51204
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 1b2ece5c-784c-4c14-a760-c43d697b1abf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSEE2CIAMFvgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f40-2243fc211a76c7e404710c7c;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f2bMA3sdC6qxijseKXb53WMncdjInfvh-lVvr0W69sgaHEHKCNvLMQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:25:52 GMT
age: 40714
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js
151.139.128.11200 OK 17 kB URL HTTP/2 cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js
IP 151.139.128.11:0
File type ASCII text, with very long lines (61448), with no line terminators
Hash 598c9da4529ead515e4bf7ee729a3c87
b3b348e3335545f2c5727bbedd923b46675f462f
ed3b3ea07909020fedfd0abb790a56e00c228a7553f848c33a0a40b29cda6f3b
GET /projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ggames.wiredcircular.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:27 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 17351
content-type: application/javascript; charset=utf-8
last-modified: Sat, 20 Aug 2022 15:00:06 GMT
accept-ranges: bytes
etag: "be2b188a5b4d81:0"
server:
x-hw: 1662489867.cds001.sk1.hn,1662489867.cds235.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js
151.139.128.11301 Moved Permanently 16 kB URL HTTP/2 cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js
IP 151.139.128.11:0
Hash 49f3c7652181d8014320442ada07baa9
81d92fdd1901e7d2b899bbb954a912a490e62619
693380ea9c6dd37ff515cd35e98540a9699bb117da9c93c2a0f22dc4f10262fe
GET /projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 06 Sep 2022 18:44:27 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 55263
content-type: application/javascript; charset=utf-8
last-modified: Sat, 20 Aug 2022 15:00:05 GMT
accept-ranges: bytes
etag: "c8d4eb87a5b4d81:0"
server:
x-hw: 1662489867.cds001.sk1.hn,1662489867.cds239.sk1.c
location: https://cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js
x-hw-loc: https://cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js
access-control-allow-origin: *
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 18:44:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3867
x-timer: S1662489868.947852,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
crevg.joinsafelyonline.com/routes/Crevg/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883
163.171.128.172302 Found 164 kB URL HTTP/2 crevg.joinsafelyonline.com/routes/Crevg/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 164 kB (164100 bytes)
Hash 80a8ebeb30472a7fa5ace6c60e513417
462ba3af02c3101db39ee5df19487047cfd23cfe
8756ca484114e875cc760dd50ee0e8f05a05aeabff2c3e14aea790aab8774659
GET /routes/Crevg/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883 HTTP/1.1
Host: crevg.joinsafelyonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Sep 2022 18:44:27 GMT
content-type: text/html; charset=UTF-8
server: waf/4.31.15-0.el6
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173
x-via: 1.1 PS-DFW-01gGZ147:2 (Cdn Cache Server V2.0), 1.1 kf230:12 (Cdn Cache Server V2.0), 1.1 CSP-A15498:9 (Cdn Cache Server V2.0)
x-ws-request-id: 6317950a_CSP-A15498_20656-44493
set-cookie: PHPSESSID=0b4d23f05f2986a7ac7fc1d5847e0a5e; path=/; secure; SameSite=None
HMF_CI=214812d79dc47a6de45d2d47f1341dcedcac09c0c45bc266a9fe1175dbc35830f53daa72248c32502830e140cdd725ef0beb5b3c5de3c01b652cf08ada9f73167e; Expires=Thu, 06-Oct-22 18:44:27 GMT; Path=/
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
152.199.19.160200 OK 12 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32405)
Hash 29aaadd88feae1cc97337661a34bb99f
bf5c684d3c1dbeb119557404136ba91ae45d07b5
d4af778947d9005af87a62b411f328d3512edc6f9594ee46f0a34a57e6ef3c95
GET /ajax/bootstrap/3.3.2/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://syfyht.com
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 21842278
cache-control: public,max-age=31536000
content-type: application/javascript
date: Tue, 06 Sep 2022 18:44:28 GMT
etag: "194598e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:58 GMT
server: ECAcc (ska/F68B)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12247
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.1 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 4086ff7367a908ba6fb666dd0ec10ec2
a95f576ffdf856c3bfa75aa5cbbcdf334b4aaf85
a2866ba8269e256935033d87b7708a4c9c5e97aeef2862cf14bc8c8b8c058750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
207.120.33.5200 OK 51 kB URL HTTP/2 syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
IP 207.120.33.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31139)
Hash 6af4045d7bafa86943e7f489d77ba1ba
02106481cdf1877fbd2762a914986987140c214e
5927fac1e09e367217ad9df8e733bab4dc9172f1acde06bbef11a8ad52115e73
Analyzer Verdict Alert fortinet Phishing
GET /user/?SID=1981e34be5e1f7310940894b4cb60048 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048; path=/; secure; SameSite=None
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 5673793
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 50358494a0c1552d442ec8347065e17d
X-Firefox-Spdy: h2
syfyht.com/common_tpls/compact2C/css/neogames.css
207.120.33.5200 OK 28 kB URL HTTP/2 syfyht.com/common_tpls/compact2C/css/neogames.css
IP 207.120.33.5:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c73aa1801ef896c69608c8a8da9cc4cf
f8b046b3bac341861df151a0f8134350186e1268
2585cf43546e2622e115640f6c66898a3ea6d152adc9778aecd251f1bdf3b52c
GET /common_tpls/compact2C/css/neogames.css HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: text/css
content-length: 28453
last-modified: Wed, 02 Oct 2019 16:19:30 GMT
etag: W/"5d94ce12-22f73"
content-encoding: gzip
section-io-cache-id: 4180f14710b481d7bc7fe033de13bddf
vary: Accept-Encoding
x-varnish: 12806269 12209047
age: 16599
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 1133e28cb4f0b7e7914f6f33eeee5748
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-208173773-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208173773-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 8be91c0a7dc371ff7f1a9ae29a6a61a6
318e4b2e2259681bf15311d1ffff0eae79ad3446
d5bf4aff6c985eda8dd6f72c5663d27a05def0c6c709141a73a2cf02d0b5cb4f
GET /gtag/js?id=UA-208173773-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 18:44:28 GMT
expires: Tue, 06 Sep 2022 18:44:28 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syfyht.com/common_tpls/images/ajax-loader.gif
207.120.33.5200 OK 3.2 kB URL HTTP/2 syfyht.com/common_tpls/images/ajax-loader.gif
IP 207.120.33.5:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: 5ebaf1bd8e04794f0b66aec3ad18127c
x-varnish: 5771189 4058332
age: 2163
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 6848d134cde29ef3177a1c97fcf334a0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://syfyht.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 18:53:39 GMT
expires: Tue, 05 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 85849
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:28 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74695b2e8d120af6-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=1dabf2190aacbeb9; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
syfyht.com/common_tpls/images/footlogosDarkBg.png
207.120.33.5200 OK 26 kB URL HTTP/2 syfyht.com/common_tpls/images/footlogosDarkBg.png
IP 207.120.33.5:0
File type PNG image data, 335 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash d4768e3e3ccacf11433886f71311d9cf
5eee0a9fa2ed481e8b070147b384f6e45f563160
c0b5af69aa97bde7cf3a5fb2d9a19f39100ad6b96d24108179cbf4e60c1db6c6
GET /common_tpls/images/footlogosDarkBg.png HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/common_tpls/compact2C/css/neogames.css
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: image/png
content-length: 26470
last-modified: Thu, 06 Aug 2015 20:09:07 GMT
etag: "55c3bee3-6766"
section-io-cache-id: 30f13972000b696dd794515277457470
x-varnish: 5550105 2367737
age: 21066
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e689417889946307e0e0ee2c21b2b7ae
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=4392&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=4392&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=4392&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 361
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:28 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74695b2fae6a0af6-OSL
Access-Control-Allow-Origin: https://ggames.wiredcircular.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
syfyht.com/user/trk/?rtid=2784363173
207.120.33.5200 OK 21 B URL HTTP/2 syfyht.com/user/trk/?rtid=2784363173
IP 207.120.33.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3e2cb1dca532b1128c141f7c27615fbb
784870b8f031a744b5181a9a98f641e71164ef5d
936c05754439c0018dd94d4ba93fb2bcc88d4bcdad65a497359246ed0c018046
GET /user/trk/?rtid=2784363173 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6ImVjZTViY2U2M2NmNTNhNDYiLCJ0ciI6IjJlOTkwYjc0MWM1M2Q1NTNiMjQ2NjUyNmNiYjVkZTEyIiwidGkiOjE2NjI0ODk4NjI5OTh9fQ==
traceparent: 00-2e990b741c53d553b2466526cbb5de12-ece5bce63cf53a46-01
tracestate: 3355250@nr=0-1-3355250-1103078842-ece5bce63cf53a46----1662489862998
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: text/json;charset=UTF-8
content-length: 21
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 5550106
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 0eeaef41d538822dc224f4fbe3318433
X-Firefox-Spdy: h2
syfyht.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2
207.120.33.5200 OK 18 kB URL HTTP/2 syfyht.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2
IP 207.120.33.5:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/common/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://syfyht.com/common_tpls/compact2C/css/neogames.css
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: font/woff2
content-length: 18028
last-modified: Tue, 16 Jun 2020 16:45:05 GMT
etag: "5ee8f711-466c"
accept-ranges: bytes
x-varnish: 12806277
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: b941c057f4984319ee3cf8c7bcfa5755
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 18:41:12 GMT
expires: Tue, 06 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 197
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1186&ck=1&ref=https://syfyht.com/user/&ap=136&be=536&fe=1148&dc=776&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489862157,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:47,%22rp%22:426,%22rpe%22:426,%22dl%22:440,%22di%22:765,%22ds%22:775,%22de%22:777,%22dc%22:1147,%22l%22:1147,%22le%22:1157%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1186&ck=1&ref=https://syfyht.com/user/&ap=136&be=536&fe=1148&dc=776&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489862157,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:47,%22rp%22:426,%22rpe%22:426,%22dl%22:440,%22di%22:765,%22ds%22:775,%22de%22:777,%22dc%22:1147,%22l%22:1147,%22le%22:1157%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1186&ck=1&ref=https://syfyht.com/user/&ap=136&be=536&fe=1148&dc=776&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489862157,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:47,%22rp%22:426,%22rpe%22:426,%22dl%22:440,%22di%22:765,%22ds%22:775,%22de%22:777,%22dc%22:1147,%22l%22:1147,%22le%22:1157%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:29 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74695b32090e0af6-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=771ef1ebff3758ad; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1373&ck=1&ref=https://syfyht.com/user/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1373&ck=1&ref=https://syfyht.com/user/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1373&ck=1&ref=https://syfyht.com/user/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 285
Origin: https://syfyht.com
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:29 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74695b333a390af6-OSL
Access-Control-Allow-Origin: https://syfyht.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6xmRiAaxHPKpBlCPaRWoMiISlrXRrltO57N3NayiuIvv3gCWTWCZQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:53:35 GMT
age: 75058
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
3dgamesadult.com/tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
163.171.128.172302 Found 0 B URL HTTP/2 3dgamesadult.com/tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 HTTP/1.1
Host: 3dgamesadult.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 06 Sep 2022 18:44:25 GMT
content-type: text/html; charset=UTF-8
server: waf/4.31.15-0.el6
location: https://ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
x-via: 1.1 PS-DFW-01gGZ147:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:0 (Cdn Cache Server V2.0)
x-ws-request-id: 63179509_CSP-A15498_22691-24906
set-cookie: HMF_CI=72183837deec55db8bca4d6ad7bdee5a9f05559ee42aee806c96fc035ee5a265b4f428c5463dcb0c3cc4899e646ca86a1e7ccfc1698793fdd3503441be61939a5a; Expires=Thu, 06-Oct-22 18:44:25 GMT; Path=/
X-Firefox-Spdy: h2
ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
172.66.40.141200 OK 0 B URL HTTP/2 ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
IP 172.66.40.141:0
GET /tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 HTTP/1.1
Host: ggames.wiredcircular.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:26 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6aVJUwTyazizYGkHkwdmW2KBUvxtTtz13OcnxO6UKPPPnsmdKBa5VVxLP6hOCxK5YJBoCW0iYnuDj7BlVgthva9UW6xg6y0Y6dA6pLIZgMjGszusaknyxppGwJcKSPwI4coiy0BUnZpDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74695b1bc911b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/all.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/all.css
IP 172.67.169.247:0
GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:26 GMT
content-type: text/css
x-amz-id-2: aXX4zh3wXPXGDml0fOEC654psQW7F4OBXB2RMYIll8n+biHpZ4YBsSTNi1jRIpce6gG4fUSWN/I=
x-amz-request-id: ZM9DVN0F2YFT4A36
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 167362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GndUn6YtQFfoD4oKRiWAdrast3NLYzQlkgRGza3y58hkKZghoXRenNX0fkiwxBbSfXleQkHe504bTOwE26Ig%2FdZq0ycgEqmqciXSoNoz1S8BdLtWqXVZBas0d4JIk%2F3TuWd2txf8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74695b1fab4db500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
syfyht.com/common_tpls/js/form_support.js?v=1516308712
207.120.33.5200 OK 0 B URL HTTP/2 syfyht.com/common_tpls/js/form_support.js?v=1516308712
IP 207.120.33.5:0
GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 00:12:19 GMT
etag: W/"600623e3-3d1"
section-io-cache-id: a6c446ee76f632746ab5b606ee36944e
x-varnish: 5771188 4673234
age: 2359
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 876eb0a369abd8a73e5447fd80e0cd42
X-Firefox-Spdy: h2
syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173
207.120.33.5200 OK 0 B URL HTTP/2 syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173
IP 207.120.33.5:0
GET /user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ggames.wiredcircular.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048; path=/; secure; SameSite=None
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 5833361
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: dbe38d7d3145cc23679e1d1f0f6af920
X-Firefox-Spdy: h2
syfyht.com/common_tpls/js/validate_form_v2.js?jsv=25
207.120.33.5200 OK 0 B URL HTTP/2 syfyht.com/common_tpls/js/validate_form_v2.js?jsv=25
IP 207.120.33.5:0
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/validate_form_v2.js?jsv=25 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Jul 2022 20:38:46 GMT
etag: W/"62e1a256-5a7b"
section-io-cache-id: 44cdfda7c74bcbd3ebcc70f8a88f5002
x-varnish: 12806270 13314513
age: 3658
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 6fbf4a320860abfc57f12dce9ca6e90e
X-Firefox-Spdy: h2
syfyht.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.5200 OK 0 B URL HTTP/2 syfyht.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.5:0
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Jun 2020 16:45:10 GMT
etag: W/"5ee8f716-3445"
section-io-cache-id: 18e7317102664d165baef8d660eb8961
x-varnish: 12806271 13568472
age: 5639
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 2fa8d0f924da95e4f1047725c8bb52db
X-Firefox-Spdy: h2