Report - t.crdefault1.com/74883/3566?popUnder=true

Report Overview

Submitted URL
t.crdefault1.com/74883/3566?popUnder=true
IP
3.218.135.42
ASN
#14618 AMAZON-AES
Submitted
2022-09-06 18:44:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	927 B	62 kB	172.67.169.247
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	7.0 kB	142.250.74.10
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	19 kB	151.101.86.137
syfyht.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	132 kB	207.120.33.5
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	21 kB	142.250.74.174
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	6.2 kB	142.250.74.3
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	91 kB	34.120.237.76
ajax.aspnetcdn.com	693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	13 kB	152.199.19.160
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	2.0 kB	162.247.241.14
cdn.mouseflow.com	6644	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	35 kB	151.139.128.11
crevg.joinsafelyonline.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	602 B	165 kB	163.171.128.172
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	43 kB	142.250.74.72
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	690 B	3.8 kB	104.18.20.226
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.164.56.167
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	31 kB	142.250.74.163
3dgamesadult.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	554 B	704 B	163.171.128.172
ggames.wiredcircular.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	562 B	597 B	172.66.40.141
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
t.crdefault1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	1.6 kB	3.218.135.42
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	t.crdefault1.com/74883/3566?popUnder=true	Phishing
2022-09-06	medium	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	Phishing
2022-09-06	medium	syfyht.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2	Phishing
2022-09-06	medium	syfyht.com/common_tpls/js/validate_form_v2.js?jsv=25	Phishing
2022-09-06	medium	syfyht.com/common_tpls/js/iframeResizer.contentWindow.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1073 bytes)
Hash
4086ff7367a908ba6fb666dd0ec10ec2
a95f576ffdf856c3bfa75aa5cbbcdf334b4aaf85
a2866ba8269e256935033d87b7708a4c9c5e97aeef2862cf14bc8c8b8c058750

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (34)

	URL	Size	First Seen	Last Seen
	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	54 B	2023-03-07	2023-12-10
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-12-10 04:20:36 Times Seen4 Hash 669931427a7b37799cb6cd14c77adf74 6c369869bbb5dc43f9736884aa0d6aeaed025d69 5b9fe0f25cd37cd20001eee762424e237107d81ef23fa68f7838882be4da004f Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	166 B	2023-03-07	2024-02-03
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-02-03 22:04:12 Times Seen152 Hash 30fbeedd3ef42ed4b3c0cedc516b2f71 dff25b928dad51d1d769285bf2a302d2be531927 1a9018c8172241d8aade74fd982307b0171e6b21ce2b4a470342852d92a99ed0 Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	61 B	2023-03-07	2023-03-07
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-07 13:14:08 Times Seen1 Hash bc167f8576d369ec70dbc9ad7ead2940 73542b1f7144f21ed01a1c691cc58a1081063b25 654bb648bcf07c90c005f6ddeddc8a502df452fc7697d68377e6c71804ef0bb0 Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/js/modernizr.custom.js	11 kB	2023-03-07	2023-05-28
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/js/modernizr.custom.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-05-28 17:52:47 Times Seen13 Hash e7d71c0b09afdf718d09e7ac624d5c4b f816ba0170a7b3f9d9d464dbf85417e618e10aa3 5bb282068677d8cfae23193ede34e1c43fd6f1ed2703e3c3990f7f5f20eb8343 Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/js/bootstrap.bundle.min.js	68 kB	2023-03-07	2024-04-28
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/js/bootstrap.bundle.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-28 20:26:18 Times Seen1646 Hash 98d2c1da1c0a495f8fc8ad144ea1d3d2 a0f7a287003f6d0c8a2543e6183fdc14417b6793 bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883	322 B	2023-03-07	2023-03-29
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 IP 172.66.40.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-29 23:50:51 Times Seen2 Hash 840f7ddaeac3017f0b2e9c4faf8f698f 45f3563c416a7c39fc743fa467d42be7e5764f1e 36122aeea4a351ad513f1ccadcba768d9f829a3bb0e727d7cba3f7298476379a Loading...

	ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js	36 kB	2023-03-07	2024-05-01
Pretty URL ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-01 21:28:59 Times Seen3024 Hash 046ba2b5f4cff7d2eaaa1af55caa9fd8 b3f2ef9f985e7906c9360756b73cd64bf7733647 c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892 Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883	325 B	2023-03-07	2023-03-07
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 IP 172.66.40.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-07 13:14:08 Times Seen1 Hash ace83e2514de4c15346299cf04cf0984 8a1b6a7b778e151ed3ab99d79363f63a1a4aa87d de6552d1c5ae8a39cac1c2524dff81834b4680b49966c37466174abb6402e767 Loading...

	cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js	61 kB	2023-03-07	2023-03-07
Pretty URL cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js IP 151.139.128.11 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-07 13:14:08 Times Seen1 Hash 255a6b02790d2d0b896be4d09d9ad209 66d449fb7c4b60fc739082a85f6f0813e3f5bf5a db0edef74ae9303a6c504b3dccba226fcbd5c3e3cab96ecdd37db7dbf0c504d0 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9	92 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-07 13:14:08 Times Seen1 Hash cd6ac4ac6063324fb0fae1333ac03fe8 a1f2642d1b8e6c2a473457b0393d1a28382bb1a1 c572f85dcc9ae1e96e5c9bb5d2bf1d629b5a2e04474d4af7ee38b82617be2031 Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883	31 kB	2023-03-07	2023-03-17
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 IP 172.66.40.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-03-17 12:47:27 Times Seen1 Hash 0d87c9ac63664e90bcdcf1df76813118 4922933dfd297349786a49b93ade8565bc3040bc 692f48e66ad8fd2dec40dc04445caa0f052e1cfc39da5802ae2e0f36b36eca6e Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/js/jquery.min.js	87 kB	2023-03-07	2024-05-01
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-05-01 05:35:19 Times Seen2996 Hash 378087a64e1394fc51f300bb9c11878c 0c3192b500a4fd550e483cf77a49806a5872185b 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	264 B	2023-03-07	2024-01-28
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-28 20:20:17 Times Seen62 Hash 50b8d257c149e4c89eb8fcd42cbb90bd ec36a40fb37b6fcca17ac892e3b274ecff9c5164 04b5d8be7fc682489a5060b6832c7a14ebe5480a284f3f9d55f0a0407aeff7b0 Loading...

	www.googletagmanager.com/gtag/js?id=UA-208173773-1	107 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-208173773-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-07 13:14:08 Times Seen1 Hash 2c10457044f7286857320d1d79f264b8 1f1d7cffcf0afa68fe21a0bd4d1c2e8d70691d32 bcb42569c43402ca3cf0e2282b155b82f5c37ef8edff0a214039bf859a9e192b Loading...

	syfyht.com/common_tpls/js/iframeResizer.contentWindow.min.js	13 kB	2023-03-07	2024-04-24
Pretty URL syfyht.com/common_tpls/js/iframeResizer.contentWindow.min.js IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-24 21:03:17 Times Seen369 Hash 2cf9df789476bc39b9906030f639660d de708b4a0fe32f3d77505675eb119b671327a6b4 7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	154 B	2023-03-07	2024-01-03
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-03 22:08:36 Times Seen27 Hash 7ca4548110bd2c05da7e5222ccfbb504 0649d1bcc1e6f3cd57af1273b2a511dc9b4f415f ac2642ddd2f2bd3248dcbcaeaadbe6a4e74fa2d8b5bc88e7dfb9d3b1e341a748 Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	294 B	2023-03-07	2023-03-07
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-07 13:14:08 Times Seen1 Hash 0b485e58525f74190b02f5bd8e7c1d80 4d7b16039633cfd2279c4ede78150cf890802522 d64922f1a6d175a3c1ad3c6f5beddddae710976cf63c335780a283497b69c0ec Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883	76 B	2023-03-07	2024-02-28
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 IP 172.66.40.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2024-02-28 14:29:13 Times Seen10 Hash 83d376972f55f31f006e205e75960ef1 b423daf3573048c25af0cf2211f34cb7dd3fcd67 5ab4c182dc75880809f00f67fd2858f8a900600561a862d62e8c999714744d23 Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/js/jquery.ellipsis.min.js	2.2 kB	2023-03-07	2024-02-27
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/js/jquery.ellipsis.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2024-02-27 08:49:26 Times Seen11 Hash 3bc07e3e8a1a378a6bdf9f6de1204517 338dd14eee3c8c192ec7188d9a5c2e93696d762c 5e5b9377230dbf66b0dd1cf617578407b3cf65f1be7a1ef2a011df54e93a9a04 Loading...

	syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173	44 B	2023-03-07	2023-04-05
Pretty URL syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-04-05 01:56:56 Times Seen13 Hash ab82587f78d95dff9b9823f621ecc33e 0f0fe112ce900bb454b1380564363c1a8c073db4 61733e01ae1056d3484f1e01b0a0962b73dd904675d52bd99b37fc955a2ca51f Loading...

	js-agent.newrelic.com/nr-spa-1216.min.js	50 kB	2023-03-07	2024-03-22
Pretty URL js-agent.newrelic.com/nr-spa-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:43 Times Seen568 Hash 63e2df852d15ab21d7ff8fc4363222e8 7ee401ba652db0a4ec960350e17216cda01e22fb 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	23 B	2023-03-07	2023-03-07
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-07 13:14:08 Times Seen1 Hash b84d8fc5d64ea5c4f2358eec87e3abe6 4e1403662970c418124d6c03b82aef840dea73fc b8d0abbd45659c5717bb4821cd122855aa76ba460612dca5be18fc187b6534f4 Loading...

	bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	341 B	2023-03-07	2024-01-03
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-03 22:08:36 Times Seen27 Hash b8efe6a55af9822df37e3a215856c4ce 7a3cb9da219880386319fbb0a0f0c7e9dcdc9fbf 92a59ecee117a08d199a1443de12eded994ab404d4f982470756e39fb38c52ee Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-01 17:51:21 Times Seen850 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/js/jquery.flexslider-min.js	22 kB	2023-03-07	2024-04-25
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/js/jquery.flexslider-min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2024-04-25 14:43:56 Times Seen103 Hash 5317c8faf18ee06f231cb1961c127297 09f6ee9f48860c1fa664fa8ecdfaf13d282b2bd4 100487fdb907adbb4add4af653924ecea10fb1ee2b869d8b0d516ed0fbdfca11 Loading...

	ggames.wiredcircular.com/common/js/iframeResizer/iframeResizer.min.js	12 kB	2023-03-07	2024-04-26
Pretty URL ggames.wiredcircular.com/common/js/iframeResizer/iframeResizer.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2024-04-26 20:59:43 Times Seen104 Hash f6fb142b95a0163be52282ef8b1f4b9a 271ffc93a6b6ef177b6418b6c0d1fb28624e9fb5 35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33 Loading...

	syfyht.com/common_tpls/js/form_support.js?v=1516308712	977 B	2023-03-07	2023-03-17
Pretty URL syfyht.com/common_tpls/js/form_support.js?v=1516308712 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-03-17 12:47:26 Times Seen1 Hash d6199d22984ce8c835731e3c0ce5c3e8 c1776f75cd99f839f1ea2e752fdeb93677054f23 f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00 Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	1.7 kB	2023-03-07	2023-12-10
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-12-10 04:20:36 Times Seen4 Hash 78a3ac63c67d8cafa57db3facb4ee133 deba56ced8ff4d76601a12005a1053f621178753 8c8fb107ce9ac65638ec18aaec0488bc330ffb8e0960860bd9632638f44c195d Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	127 B	2023-03-07	2024-01-28
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-28 20:20:17 Times Seen45 Hash f92940178528cff899349c6b3bc8f6b5 71946185435cc4ee489eed6d3b8cb89c9e482857 1c176f72b1e82fdcc2b59f3161850788a57e77e4e9df64f1147a6d8a5228552b Loading...

	ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883	47 B	2023-03-07	2023-05-28
Pretty URL ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 IP 172.66.40.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-05-28 17:52:47 Times Seen6 Hash 4b65c092b4fe14f7f5c8145c0af4af00 2ef3b8c10818e26036bd2f3c1eed0105f9bc4609 1ffe0fcac948766f3fc5df99d955d83d4f89fef9133f46f9480663bde996fdbc Loading...

	syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048	21 B	2023-03-07	2024-01-03
Pretty URL syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-03 22:08:36 Times Seen25 Hash cd52ca5e71888911665cef8fb5ca012a a9de6870672c8a54368632cd2729d4641d3839fd c1c8cc166507fc9682618879b36ca4ef73686a85f08e518de98b5797e460503d Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-05-01
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-01 23:46:40 Times Seen96392 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	syfyht.com/common_tpls/js/validate_form_v2.js?jsv=25	23 kB	2023-03-07	2023-03-17
Pretty URL syfyht.com/common_tpls/js/validate_form_v2.js?jsv=25 IP 207.120.33.5 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-03-17 12:47:26 Times Seen1 Hash 08e379f8d3ba95e25bc7f6dbbcd7fc44 d1d95ea99b2d76ea4341a4e45b4dd3d5b0de2c5d bbbe0445a1aaf84f4a3eb5e901f9a4aaf7244a8bb8576c029b6eb2bad2aa0987 Loading...

HTTP Transactions (56)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 18:04:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: THbJKTCDUgL0atPMSjb_PTREhbI53nUxqi3qD7rU-8A0xfq0u3d0GQ==
Age: 2402

t.crdefault1.com/74883/3566?popUnder=true

3.218.135.42

303 See Other

362 B

URL HTTP/1.1
t.crdefault1.com/74883/3566?popUnder=true
IP
3.218.135.42:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with very long lines (362), with no line terminators
Size
362 B (362 bytes)
Hash
89ebc969544b6861fa7a887d9e91a918
c175059b06e85d9bf1aca95192d1c6cfcac1a5ef
a8e17c303f97e40f5113687f9c0175f471f7346674823f58e19183157aaa3233

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /74883/3566?popUnder=true HTTP/1.1
Host: t.crdefault1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Server: nginx/1.19.0
Date: Tue, 06 Sep 2022 18:44:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 362
Connection: keep-alive
set-cookie: aff_ran_url_5471=13402; Path=/; Expires=Wed, 07 Sep 2022 18:44:24 GMT; Secure
enc_aff_session_5471=ENC038ba1db96890df0a0cbbb294518edd3b43be26d567443727e40aeb5219b95c2e860f36068cc293eb9f1802b9addb88f81e5d14c0b7d946da10d9e31262b99a05b3be0268bb6e522d084fd772c7d763e06996bec2c9bb8aef64300533d22a0b688e82fe7c7c8f1c79066765a00613517c60914a8ca7f368d62bf0ff6f57dd262a01e6fae07; Path=/; Expires=Wed, 27 Feb 2030 09:44:24 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; Path=/; Expires=Fri, 01 Aug 2025 05:24:24 GMT; Secure
tracking_id: 1024d247e50fc4393b70d2f56b422b
location: https://3dgamesadult.com/tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
vary: Accept

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11913
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 18:44:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9RJFPvJ98bNa5hhS5-by5sfzQ-7X9-wkv5jzurSA8iKgIn-dFmQPuw==
age: 62947
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 18:44:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
32640bb9a5d1467d4541162c8787e5e0
b4444786d0d93ad90a8f62cb06643007b7b3cdf1
a8fb786f90ae1f25fe9f1d7c0c57daaca4afb55278a42760007e4c3c63de5252

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Sep 2022 18:44:23 GMT
ETag: "b4444786d0d93ad90a8f62cb06643007b7b3cdf1"
Last-Modified: Tue, 06 Sep 2022 18:44:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74695b173b0a0b61-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 18:43:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eYnSJ0Ppjd_BCEyLZHF9ei1Pf9d9lDyhao7ORLBp_MuOpk7o_HVFNA==
Age: 367

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3914
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:25 GMT
Last-Modified: Tue, 06 Sep 2022 17:39:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.164.56.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.56.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zwb2b1rAKE1wLwo3tXhy+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JRzk6/wn7WRRroOtch6eNpneOQ8=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.1.1/webfonts/fa-solid-900.woff2

172.67.169.247

200 OK

60 kB

URL HTTP/2
use.fontawesome.com/releases/v5.1.1/webfonts/fa-solid-900.woff2
IP
172.67.169.247:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 59604, version 1.0\012- data
Size
60 kB (59604 bytes)
Hash
e8a92a29978352517c450b9a800b06cb
f2da460d41f0a68bcab83ed33073bb57d2c38484
b82ad8fbcf9bf844726f648ef268b74f8c2f668f56eafd98b05703e086ff1d5b

HTTP Headers

GET /releases/v5.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:26 GMT
content-type: font/woff2
content-length: 59604
x-amz-id-2: QA+5qwEC91eyqhS0aDMqZcIyWSNY0arx0BSzhbG8UGFLkHuz9Vq2ZHUbgtpQLMTtQ/BWOKJ7ntw=
x-amz-request-id: QQF4G10GJ8NKBZQ7
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:31:07 GMT
etag: "e8a92a29978352517c450b9a800b06cb"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 167243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki3ZoY%2F5q79ym%2BAHAQwVckr30YzJY%2FCdVVFX9F9ppGoruLo%2BxeVtiqLD7bhYXDIXTPLCNv95UeajFpDLdWDKdGGJ4mEAAHBOrsMkIfaTNpPqgSxQhmgW1o7tV8RJHHCBSJ88GnFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74695b215da4b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size
13 kB (12708 bytes)
Hash
b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 06:06:20 GMT
expires: Fri, 01 Sep 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 477486
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
a69d1be0f71f76dee961eceb43dd8c88
2cf74d8ae408c3e5e5d0efbf88046650acc98a83
c66b8073bec5b06e74b0bca2a8bc619ed69aed267a9c39583aab758f5dcf633c

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Sep 2022 16:47:56 GMT
ETag: "2cf74d8ae408c3e5e5d0efbf88046650acc98a83"
Last-Modified: Tue, 06 Sep 2022 16:47:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74695b21af4e0b61-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13196
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 18:44:26 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=Montserrat

142.250.74.10

200 OK

6.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
6.3 kB (6275 bytes)
Hash
1a702037be897267d8a534fe19586742
ab923c5359dbf0c97b32aa037eefce9c0fd7f664
5a9b41b9f6af9ac2bf8208aef82b44b6364d69b5ae2d4024d5132d0a2750c93d

HTTP Headers

GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 18:44:26 GMT
date: Tue, 06 Sep 2022 18:44:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7855 bytes)
Hash
8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 74832
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

45 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size
45 kB (44653 bytes)
Hash
a4a9dd654be963784f1292032b535f01
96a8b4f6f5b3139fde6e4c0961338e41eeff71fd
a314113cacd7126ccd557f15768351dd2cc5b5cafe6d54bf5405c228bc340fa1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 75593
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4426 bytes)
Hash
c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 36560
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12683 bytes)
Hash
ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 51204
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8134 bytes)
Hash
5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 1b2ece5c-784c-4c14-a760-c43d697b1abf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSEE2CIAMFvgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f40-2243fc211a76c7e404710c7c;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f2bMA3sdC6qxijseKXb53WMncdjInfvh-lVvr0W69sgaHEHKCNvLMQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:25:52 GMT
age: 40714
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js

151.139.128.11

200 OK

17 kB

URL HTTP/2
cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js
IP
151.139.128.11:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (61448), with no line terminators
Size
17 kB (17351 bytes)
Hash
598c9da4529ead515e4bf7ee729a3c87
b3b348e3335545f2c5727bbedd923b46675f462f
ed3b3ea07909020fedfd0abb790a56e00c228a7553f848c33a0a40b29cda6f3b

HTTP Headers

GET /projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ggames.wiredcircular.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:27 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 17351
content-type: application/javascript; charset=utf-8
last-modified: Sat, 20 Aug 2022 15:00:06 GMT
accept-ranges: bytes
etag: "be2b188a5b4d81:0"
server: 
x-hw: 1662489867.cds001.sk1.hn,1662489867.cds235.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js

151.139.128.11

301 Moved Permanently

16 kB

URL HTTP/2
cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js
IP
151.139.128.11:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
16 kB (16503 bytes)
Hash
49f3c7652181d8014320442ada07baa9
81d92fdd1901e7d2b899bbb954a912a490e62619
693380ea9c6dd37ff515cd35e98540a9699bb117da9c93c2a0f22dc4f10262fe

HTTP Headers

GET /projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Tue, 06 Sep 2022 18:44:27 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 55263
content-type: application/javascript; charset=utf-8
last-modified: Sat, 20 Aug 2022 15:00:05 GMT
accept-ranges: bytes
etag: "c8d4eb87a5b4d81:0"
server: 
x-hw: 1662489867.cds001.sk1.hn,1662489867.cds239.sk1.c
location: https://cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js
x-hw-loc: https://cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js
access-control-allow-origin: *
X-Firefox-Spdy: h2

js-agent.newrelic.com/nr-spa-1216.min.js

151.101.86.137

200 OK

18 kB

URL HTTP/2
js-agent.newrelic.com/nr-spa-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32010)
Size
18 kB (18216 bytes)
Hash
6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a

HTTP Headers

GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 18:44:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3867
x-timer: S1662489868.947852,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2

crevg.joinsafelyonline.com/routes/Crevg/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883

163.171.128.172

302 Found

164 kB

URL HTTP/2
crevg.joinsafelyonline.com/routes/Crevg/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
164 kB (164100 bytes)
Hash
80a8ebeb30472a7fa5ace6c60e513417
462ba3af02c3101db39ee5df19487047cfd23cfe
8756ca484114e875cc760dd50ee0e8f05a05aeabff2c3e14aea790aab8774659

HTTP Headers

GET /routes/Crevg/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883 HTTP/1.1
Host: crevg.joinsafelyonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 06 Sep 2022 18:44:27 GMT
content-type: text/html; charset=UTF-8
server: waf/4.31.15-0.el6
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173
x-via: 1.1 PS-DFW-01gGZ147:2 (Cdn Cache Server V2.0), 1.1 kf230:12 (Cdn Cache Server V2.0), 1.1 CSP-A15498:9 (Cdn Cache Server V2.0)
x-ws-request-id: 6317950a_CSP-A15498_20656-44493
set-cookie: PHPSESSID=0b4d23f05f2986a7ac7fc1d5847e0a5e; path=/; secure; SameSite=None
HMF_CI=214812d79dc47a6de45d2d47f1341dcedcac09c0c45bc266a9fe1175dbc35830f53daa72248c32502830e140cdd725ef0beb5b3c5de3c01b652cf08ada9f73167e; Expires=Thu, 06-Oct-22 18:44:27 GMT; Path=/
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js

152.199.19.160

200 OK

12 kB

URL HTTP/2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
IP
152.199.19.160:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (32405)
Size
12 kB (12247 bytes)
Hash
29aaadd88feae1cc97337661a34bb99f
bf5c684d3c1dbeb119557404136ba91ae45d07b5
d4af778947d9005af87a62b411f328d3512edc6f9594ee46f0a34a57e6ef3c95

HTTP Headers

GET /ajax/bootstrap/3.3.2/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://syfyht.com
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 21842278
cache-control: public,max-age=31536000
content-type: application/javascript
date: Tue, 06 Sep 2022 18:44:28 GMT
etag: "194598e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:58 GMT
server: ECAcc (ska/F68B)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12247
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

1.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1073 bytes)
Hash
4086ff7367a908ba6fb666dd0ec10ec2
a95f576ffdf856c3bfa75aa5cbbcdf334b4aaf85
a2866ba8269e256935033d87b7708a4c9c5e97aeef2862cf14bc8c8b8c058750

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048

207.120.33.5

200 OK

51 kB

URL HTTP/2
syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31139)
Size
51 kB (50736 bytes)
Hash
6af4045d7bafa86943e7f489d77ba1ba
02106481cdf1877fbd2762a914986987140c214e
5927fac1e09e367217ad9df8e733bab4dc9172f1acde06bbef11a8ad52115e73

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /user/?SID=1981e34be5e1f7310940894b4cb60048 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048; path=/; secure; SameSite=None
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 5673793
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 50358494a0c1552d442ec8347065e17d
X-Firefox-Spdy: h2

syfyht.com/common_tpls/compact2C/css/neogames.css

207.120.33.5

200 OK

28 kB

URL HTTP/2
syfyht.com/common_tpls/compact2C/css/neogames.css
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28453 bytes)
Hash
c73aa1801ef896c69608c8a8da9cc4cf
f8b046b3bac341861df151a0f8134350186e1268
2585cf43546e2622e115640f6c66898a3ea6d152adc9778aecd251f1bdf3b52c

HTTP Headers

GET /common_tpls/compact2C/css/neogames.css HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: text/css
content-length: 28453
last-modified: Wed, 02 Oct 2019 16:19:30 GMT
etag: W/"5d94ce12-22f73"
content-encoding: gzip
section-io-cache-id: 4180f14710b481d7bc7fe033de13bddf
vary: Accept-Encoding
x-varnish: 12806269 12209047
age: 16599
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 1133e28cb4f0b7e7914f6f33eeee5748
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-208173773-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-208173773-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
42 kB (41847 bytes)
Hash
8be91c0a7dc371ff7f1a9ae29a6a61a6
318e4b2e2259681bf15311d1ffff0eae79ad3446
d5bf4aff6c985eda8dd6f72c5663d27a05def0c6c709141a73a2cf02d0b5cb4f

HTTP Headers

GET /gtag/js?id=UA-208173773-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 18:44:28 GMT
expires: Tue, 06 Sep 2022 18:44:28 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 18:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

syfyht.com/common_tpls/images/ajax-loader.gif

207.120.33.5

200 OK

3.2 kB

URL HTTP/2
syfyht.com/common_tpls/images/ajax-loader.gif
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type
GIF image data, version 89a, 32 x 32\012- data
Size
3.2 kB (3208 bytes)
Hash
be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

HTTP Headers

GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: 5ebaf1bd8e04794f0b66aec3ad18127c
x-varnish: 5771189 4058332
age: 2163
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 6848d134cde29ef3177a1c97fcf334a0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://syfyht.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 18:53:39 GMT
expires: Tue, 05 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 85849
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=3639&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/&ap=23&be=1728&fe=3548&dc=2199&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489858570,%22n%22:0,%22f%22:1186,%22dn%22:1189,%22dne%22:1201,%22c%22:1201,%22s%22:1205,%22ce%22:1216,%22rq%22:1216,%22rp%22:1691,%22rpe%22:1693,%22dl%22:1702,%22di%22:2184,%22ds%22:2198,%22de%22:2202,%22dc%22:3546,%22l%22:3546,%22le%22:3585%7D,%22navigation%22:%7B%7D%7D&fcp=2063&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:28 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74695b2e8d120af6-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=1dabf2190aacbeb9; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

syfyht.com/common_tpls/images/footlogosDarkBg.png

207.120.33.5

200 OK

26 kB

URL HTTP/2
syfyht.com/common_tpls/images/footlogosDarkBg.png
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type
PNG image data, 335 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (26470 bytes)
Hash
d4768e3e3ccacf11433886f71311d9cf
5eee0a9fa2ed481e8b070147b384f6e45f563160
c0b5af69aa97bde7cf3a5fb2d9a19f39100ad6b96d24108179cbf4e60c1db6c6

HTTP Headers

GET /common_tpls/images/footlogosDarkBg.png HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/common_tpls/compact2C/css/neogames.css
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: image/png
content-length: 26470
last-modified: Thu, 06 Aug 2015 20:09:07 GMT
etag: "55c3bee3-6766"
section-io-cache-id: 30f13972000b696dd794515277457470
x-varnish: 5550105 2367737
age: 21066
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e689417889946307e0e0ee2c21b2b7ae
X-Firefox-Spdy: h2

bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=4392&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/

162.247.241.14

200 OK

24 B

URL HTTP/1.1
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=4392&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1ZRBVtBTVgPAlwZGBMMEw%3D%3D&rst=4392&ck=1&ref=https://ggames.wiredcircular.com/tools/landers/st/022alp/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 361
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:28 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74695b2fae6a0af6-OSL
Access-Control-Allow-Origin: https://ggames.wiredcircular.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

syfyht.com/user/trk/?rtid=2784363173

207.120.33.5

200 OK

21 B

URL HTTP/2
syfyht.com/user/trk/?rtid=2784363173
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
3e2cb1dca532b1128c141f7c27615fbb
784870b8f031a744b5181a9a98f641e71164ef5d
936c05754439c0018dd94d4ba93fb2bcc88d4bcdad65a497359246ed0c018046

HTTP Headers

GET /user/trk/?rtid=2784363173 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6ImVjZTViY2U2M2NmNTNhNDYiLCJ0ciI6IjJlOTkwYjc0MWM1M2Q1NTNiMjQ2NjUyNmNiYjVkZTEyIiwidGkiOjE2NjI0ODk4NjI5OTh9fQ==
traceparent: 00-2e990b741c53d553b2466526cbb5de12-ece5bce63cf53a46-01
tracestate: 3355250@nr=0-1-3355250-1103078842-ece5bce63cf53a46----1662489862998
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: text/json;charset=UTF-8
content-length: 21
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 5550106
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 0eeaef41d538822dc224f4fbe3318433
X-Firefox-Spdy: h2

syfyht.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2

207.120.33.5

200 OK

18 kB

URL HTTP/2
syfyht.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common_tpls/common/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://syfyht.com/common_tpls/compact2C/css/neogames.css
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: font/woff2
content-length: 18028
last-modified: Tue, 16 Jun 2020 16:45:05 GMT
etag: "5ee8f711-466c"
accept-ranges: bytes
x-varnish: 12806277
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: b941c057f4984319ee3cf8c7bcfa5755
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 18:41:12 GMT
expires: Tue, 06 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 197
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1186&ck=1&ref=https://syfyht.com/user/&ap=136&be=536&fe=1148&dc=776&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489862157,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:47,%22rp%22:426,%22rpe%22:426,%22dl%22:440,%22di%22:765,%22ds%22:775,%22de%22:777,%22dc%22:1147,%22l%22:1147,%22le%22:1157%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1186&ck=1&ref=https://syfyht.com/user/&ap=136&be=536&fe=1148&dc=776&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489862157,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:47,%22rp%22:426,%22rpe%22:426,%22dl%22:440,%22di%22:765,%22ds%22:775,%22de%22:777,%22dc%22:1147,%22l%22:1147,%22le%22:1157%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1186&ck=1&ref=https://syfyht.com/user/&ap=136&be=536&fe=1148&dc=776&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662489862157,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:47,%22rp%22:426,%22rpe%22:426,%22dl%22:440,%22di%22:765,%22ds%22:775,%22de%22:777,%22dc%22:1147,%22l%22:1147,%22le%22:1157%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:29 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74695b32090e0af6-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=771ef1ebff3758ad; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1373&ck=1&ref=https://syfyht.com/user/

162.247.241.14

200 OK

24 B

URL HTTP/1.1
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1373&ck=1&ref=https://syfyht.com/user/
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1373&ck=1&ref=https://syfyht.com/user/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 285
Origin: https://syfyht.com
Connection: keep-alive
Referer: https://syfyht.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 18:44:29 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74695b333a390af6-OSL
Access-Control-Allow-Origin: https://syfyht.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7152 bytes)
Hash
8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6xmRiAaxHPKpBlCPaRWoMiISlrXRrltO57N3NayiuIvv3gCWTWCZQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:53:35 GMT
age: 75058
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

3dgamesadult.com/tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883

163.171.128.172

302 Found

0 B

URL HTTP/2
3dgamesadult.com/tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tools/landers/st/001jed/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 HTTP/1.1
Host: 3dgamesadult.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 06 Sep 2022 18:44:25 GMT
content-type: text/html; charset=UTF-8
server: waf/4.31.15-0.el6
location: https://ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
x-via: 1.1 PS-DFW-01gGZ147:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:0 (Cdn Cache Server V2.0)
x-ws-request-id: 63179509_CSP-A15498_22691-24906
set-cookie: HMF_CI=72183837deec55db8bca4d6ad7bdee5a9f05559ee42aee806c96fc035ee5a265b4f428c5463dcb0c3cc4899e646ca86a1e7ccfc1698793fdd3503441be61939a5a; Expires=Thu, 06-Oct-22 18:44:25 GMT; Path=/
X-Firefox-Spdy: h2

ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883

172.66.40.141

200 OK

0 B

URL HTTP/2
ggames.wiredcircular.com/tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883
IP
172.66.40.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tools/landers/st/022alp/?a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883 HTTP/1.1
Host: ggames.wiredcircular.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:26 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6aVJUwTyazizYGkHkwdmW2KBUvxtTtz13OcnxO6UKPPPnsmdKBa5VVxLP6hOCxK5YJBoCW0iYnuDj7BlVgthva9UW6xg6y0Y6dA6pLIZgMjGszusaknyxppGwJcKSPwI4coiy0BUnZpDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74695b1bc911b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.1/css/all.css

172.67.169.247

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.1.1/css/all.css
IP
172.67.169.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ggames.wiredcircular.com
Connection: keep-alive
Referer: https://ggames.wiredcircular.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:26 GMT
content-type: text/css
x-amz-id-2: aXX4zh3wXPXGDml0fOEC654psQW7F4OBXB2RMYIll8n+biHpZ4YBsSTNi1jRIpce6gG4fUSWN/I=
x-amz-request-id: ZM9DVN0F2YFT4A36
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 167362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GndUn6YtQFfoD4oKRiWAdrast3NLYzQlkgRGza3y58hkKZghoXRenNX0fkiwxBbSfXleQkHe504bTOwE26Ig%2FdZq0ycgEqmqciXSoNoz1S8BdLtWqXVZBas0d4JIk%2F3TuWd2txf8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74695b1fab4db500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

syfyht.com/common_tpls/js/form_support.js?v=1516308712

207.120.33.5

200 OK

0 B

URL HTTP/2
syfyht.com/common_tpls/js/form_support.js?v=1516308712
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 00:12:19 GMT
etag: W/"600623e3-3d1"
section-io-cache-id: a6c446ee76f632746ab5b606ee36944e
x-varnish: 5771188 4673234
age: 2359
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 876eb0a369abd8a73e5447fd80e0cd42
X-Firefox-Spdy: h2

syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173

207.120.33.5

200 OK

0 B

URL HTTP/2
syfyht.com/user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /user/?ofid=166&a_aid=Crevg&a_bid=0836b55a&x_transaction_id=1024d247e50fc4393b70d2f56b422b&x_affiliate_id=74883&a_sid=74883&sitekey=26ae252ae2ef7dd1&rtr=1&rtid=2784363173 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ggames.wiredcircular.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048; path=/; secure; SameSite=None
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 5833361
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: dbe38d7d3145cc23679e1d1f0f6af920
X-Firefox-Spdy: h2

syfyht.com/common_tpls/js/validate_form_v2.js?jsv=25

207.120.33.5

200 OK

0 B

URL HTTP/2
syfyht.com/common_tpls/js/validate_form_v2.js?jsv=25
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common_tpls/js/validate_form_v2.js?jsv=25 HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Jul 2022 20:38:46 GMT
etag: W/"62e1a256-5a7b"
section-io-cache-id: 44cdfda7c74bcbd3ebcc70f8a88f5002
x-varnish: 12806270 13314513
age: 3658
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 6fbf4a320860abfc57f12dce9ca6e90e
X-Firefox-Spdy: h2

syfyht.com/common_tpls/js/iframeResizer.contentWindow.min.js

207.120.33.5

200 OK

0 B

URL HTTP/2
syfyht.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
207.120.33.5:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: syfyht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syfyht.com/user/?SID=1981e34be5e1f7310940894b4cb60048
Cookie: PHPSESSID=1981e34be5e1f7310940894b4cb60048
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Sep 2022 18:44:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Jun 2020 16:45:10 GMT
etag: W/"5ee8f716-3445"
section-io-cache-id: 18e7317102664d165baef8d660eb8961
x-varnish: 12806271 13568472
age: 5639
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 2fa8d0f924da95e4f1047725c8bb52db
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML