Report - any-game.top/

Report Overview

Visited public
2025-05-17 11:50:16
Tags
suspicious
URL
any-game.top/
Finishing URL
any-game.top/login
IP / ASN
104.250.158.42
#53850 GORILLASERVERS
Title
WinGo Ai v.2
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
any-game.top	unknown	2025-05-16	2025-05-17	2025-05-17	1.7 kB	863 kB	104.250.158.42
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-14	461 B	5.5 kB	142.250.178.106
estkfgektnikvkknjevv.supabase.co	unknown	2020-01-11	2025-05-17	2025-05-17	2.4 kB	3.2 kB	104.18.38.10
cdn.gpteng.co	unknown	2023-06-26	2024-12-08	2025-05-16	428 B	92 kB	104.18.29.167
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-14	2.1 kB	35 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-17 11:49:56	low	Client IP	104.18.38.10	ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)
2025-05-17 11:49:56	low	Client IP	104.18.38.10	ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)
2025-05-17 11:49:56	low	Client IP	104.18.38.10	ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)
2025-05-17 11:49:56	low	Client IP	172.64.149.246	ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-05-17	medium	any-game.top/assets/index-ZCnMsflx.js	Detects file containing Telegram Bot API

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	cdn.gpteng.co/gptengineer.js	ScriptElement	92 kB	2025-05-14	2025-05-30
Pretty URL cdn.gpteng.co/gptengineer.js IP 104.18.29.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 07:46 Last Seen2025-05-30 05:26 Times Seen27 Hash 7332bac3c9641603afc371523bbee21d 24242b4a9b9522c81493af475ee930633c6c7ea5 e27d8894b16558e0b26fcb88f6198ef7090af99c2bbf3bd99de440a283cfe29d Loading...

	any-game.top/assets/index-ZCnMsflx.js	ScriptElement	755 kB	2025-05-17	2025-05-17
Pretty URL any-game.top/assets/index-ZCnMsflx.js IP 104.250.158.42 ASN #53850 GORILLASERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-17 11:50 Last Seen2025-05-17 11:50 Times Seen1 Hash 9415001a8238284cd63343a62101682b 8061e97c1b50b6bb870785d0a99d850fb5140d5b 0df549ce97adecd2e7789b3efbab707eb541f1ad97e76cd1935e153eabb438b3 Loading...

HTTP Transactions (13)

URL IP Response Size

any-game.top/

104.250.158.42

200 OK

477 B

URL User Request GET
any-game.top/
IP
104.250.158.42:443
ASN
#53850 GORILLASERVERS

Certificate
IssuerLet's Encrypt
Subjectwww.any-game.top.profelar-script.top
FingerprintB5:3B:94:58:89:EB:BA:7B:65:47:A2:8C:FB:FC:5A:5F:9C:97:92:66
ValidityFri, 16 May 2025 16:05:28 GMT - Thu, 14 Aug 2025 16:05:27 GMT

File type
HTML document, ASCII text
Size
477 B (477 bytes)
Hash
728c4c3c7a8b29fa95c77b7dafcfa488
cfe27a0edad3782678cd424dd126e1a29011cc19
f41782aeabcab21bcc5b37489904c5fbe6b935e455b166e679647a879c8f8b59

HTTP Headers

GET / HTTP/1.1
Host: any-game.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 03 May 2025 17:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 210
date: Sat, 17 May 2025 11:49:54 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

any-game.top/assets/index-ZCnMsflx.js

104.250.158.42

200 OK

755 kB

URL GET
any-game.top/assets/index-ZCnMsflx.js
IP
104.250.158.42:443
ASN
#53850 GORILLASERVERS

Requested by
https://any-game.top/
Certificate
IssuerLet's Encrypt
Subjectwww.any-game.top.profelar-script.top
FingerprintB5:3B:94:58:89:EB:BA:7B:65:47:A2:8C:FB:FC:5A:5F:9C:97:92:66
ValidityFri, 16 May 2025 16:05:28 GMT - Thu, 14 Aug 2025 16:05:27 GMT

File type
JavaScript source, ASCII text, with very long lines (37534)
Size
755 kB (755228 bytes)
Hash
9415001a8238284cd63343a62101682b
8061e97c1b50b6bb870785d0a99d850fb5140d5b
0df549ce97adecd2e7789b3efbab707eb541f1ad97e76cd1935e153eabb438b3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API

HTTP Headers

GET /assets/index-ZCnMsflx.js HTTP/1.1
Host: any-game.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://any-game.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript
last-modified: Sat, 03 May 2025 17:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 212507
date: Sat, 17 May 2025 11:49:55 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

142.250.178.106

200 OK

4.8 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
4.8 kB (4792 bytes)
Hash
d6044b2435d928dcdadfc771c512e628
f080eeacb7bdc06d1bdf2c2cf2782a343adb7696
d4b0f12567698361ad53077547d77d05e83b5ed6e772423fb2817b6d1e785427

HTTP Headers

GET /css2?family=Poppins:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://any-game.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 May 2025 11:49:56 GMT
date: Sat, 17 May 2025 11:49:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

any-game.top/favicon.ico

104.250.158.42

200 OK

21 kB

URL GET
any-game.top/favicon.ico
IP
104.250.158.42:443
ASN
#53850 GORILLASERVERS

Requested by
https://any-game.top/
Certificate
IssuerLet's Encrypt
Subjectwww.any-game.top.profelar-script.top
FingerprintB5:3B:94:58:89:EB:BA:7B:65:47:A2:8C:FB:FC:5A:5F:9C:97:92:66
ValidityFri, 16 May 2025 16:05:28 GMT - Thu, 14 Aug 2025 16:05:27 GMT

File type
GIF image data, version 89a, 48 x 48
Size
21 kB (20720 bytes)
Hash
3c02a2b20158e9f3c6db254cbf2c7344
50a7bffb67de32a2d8b710d70a14829bb268f40f
2da4fc4f103ee32d5a59043a71efb7e3472917a725428bfa6c0f26fdc8361aca

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: any-game.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://any-game.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 May 2025 11:49:56 GMT
content-type: image/x-icon
last-modified: Sat, 17 May 2025 07:11:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18740
date: Sat, 17 May 2025 11:49:56 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *

estkfgektnikvkknjevv.supabase.co/rest/v1/maintenance_settings?select=*&order=created_at.asc

104.18.38.10

200 OK

0 B

URL OPTIONS
estkfgektnikvkknjevv.supabase.co/rest/v1/maintenance_settings?select=*&order=created_at.asc
IP
104.18.38.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subjectsupabase.co
Fingerprint9D:F5:E6:1B:14:EA:7B:57:95:08:63:BA:BA:3A:A3:5B:C4:B6:75:38
ValiditySun, 11 May 2025 03:29:46 GMT - Sat, 09 Aug 2025 04:29:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /rest/v1/maintenance_settings?select=*&order=created_at.asc HTTP/1.1
Host: estkfgektnikvkknjevv.supabase.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept-profile,apikey,authorization,x-client-info
Referer: https://any-game.top/
Origin: https://any-game.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 11:49:56 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-headers: accept-profile,apikey,authorization,x-client-info
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-max-age: 3600
sb-project-ref: estkfgektnikvkknjevv
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 9412e4f369af5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

estkfgektnikvkknjevv.supabase.co/rest/v1/maintenance_settings?select=*&order=created_at.asc

104.18.38.10

200 OK

1.3 kB

URL GET
estkfgektnikvkknjevv.supabase.co/rest/v1/maintenance_settings?select=*&order=created_at.asc
IP
104.18.38.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subjectsupabase.co
Fingerprint9D:F5:E6:1B:14:EA:7B:57:95:08:63:BA:BA:3A:A3:5B:C4:B6:75:38
ValiditySun, 11 May 2025 03:29:46 GMT - Sat, 09 Aug 2025 04:29:23 GMT

File type
JSON text data
Size
1.3 kB (1306 bytes)
Hash
e3af0493025fae84b1f2a738bf636b28
587875705c737949cf45f8f5443795db85cd64d2
aa7e118b2ba696dfea05e7a30520e13a16f0555768ba469c7c10cae200d69254

HTTP Headers

GET /rest/v1/maintenance_settings?select=*&order=created_at.asc HTTP/1.1
Host: estkfgektnikvkknjevv.supabase.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://any-game.top/
accept-profile: public
apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVzdGtmZ2VrdG5pa3Zra25qZXZ2Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NDUyNTIyNTYsImV4cCI6MjA2MDgyODI1Nn0.picDgq2IRMsuk5tZJ0vK6ahBxUo9lKqgNaFce7hHRPg
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVzdGtmZ2VrdG5pa3Zra25qZXZ2Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NDUyNTIyNTYsImV4cCI6MjA2MDgyODI1Nn0.picDgq2IRMsuk5tZJ0vK6ahBxUo9lKqgNaFce7hHRPg
x-client-info: supabase-js-web/2.49.4
Origin: https://any-game.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 11:49:57 GMT
content-type: application/json; charset=utf-8
content-range: 0-4/*
cf-ray: 9412e4f50c425694-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: https://any-game.top
content-encoding: gzip
content-location: /maintenance_settings?order=created_at.asc&select=%2A
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: Content-Encoding, Content-Location, Content-Range, Content-Type, Date, Location, Server, Transfer-Encoding, Range-Unit
content-profile: public
sb-gateway-version: 1
sb-project-ref: estkfgektnikvkknjevv
x-content-type-options: nosniff
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 26
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.gpteng.co/gptengineer.js

104.18.29.167

200 OK

92 kB

URL GET
cdn.gpteng.co/gptengineer.js
IP
104.18.29.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subjectcdn.gpteng.co
Fingerprint49:3B:3D:88:C4:89:76:AA:70:32:E3:06:03:5B:CF:6D:9E:CF:BA:1A
ValidityThu, 24 Apr 2025 06:39:39 GMT - Wed, 23 Jul 2025 07:39:33 GMT

File type
JavaScript source, ASCII text, with very long lines (33833)
Size
92 kB (91489 bytes)
Hash
7332bac3c9641603afc371523bbee21d
24242b4a9b9522c81493af475ee930633c6c7ea5
e27d8894b16558e0b26fcb88f6198ef7090af99c2bbf3bd99de440a283cfe29d

HTTP Headers

GET /gptengineer.js HTTP/1.1
Host: cdn.gpteng.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://any-game.top/
Origin: https://any-game.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 17 May 2025 11:49:55 GMT
content-type: application/javascript
access-control-allow-origin: *
etag: W/"7332bac3c9641603afc371523bbee21d"
last-modified: Tue, 13 May 2025 17:09:22 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Sat, 17 May 2025 15:49:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 9412e4ed18a95694-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

any-game.top/assets/index-Dpg4y4lE.css

104.250.158.42

200 OK

84 kB

URL GET
any-game.top/assets/index-Dpg4y4lE.css
IP
104.250.158.42:443
ASN
#53850 GORILLASERVERS

Requested by
https://any-game.top/
Certificate
IssuerLet's Encrypt
Subjectwww.any-game.top.profelar-script.top
FingerprintB5:3B:94:58:89:EB:BA:7B:65:47:A2:8C:FB:FC:5A:5F:9C:97:92:66
ValidityFri, 16 May 2025 16:05:28 GMT - Thu, 14 Aug 2025 16:05:27 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84213 bytes)
Hash
f7f707402a0488c440e01cdf892c6925
99070a456e862db826b3f84172c2edf9a961b8f4
66a336b52f18d5b0c2202d7a78b0aa4317bb8ab4f2e3d2ad14037a6429f78cc9

HTTP Headers

GET /assets/index-Dpg4y4lE.css HTTP/1.1
Host: any-game.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://any-game.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=2592000
expires: Mon, 16 Jun 2025 11:49:55 GMT
content-type: text/css
last-modified: Sat, 03 May 2025 17:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12891
date: Sat, 17 May 2025 11:49:55 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *

fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://any-game.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 May 2025 20:17:34 GMT
expires: Thu, 14 May 2026 20:17:34 GMT
cache-control: public, max-age=31536000
age: 228742
last-modified: Wed, 23 Apr 2025 16:07:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wss://estkfgektnikvkknjevv.supabase.co/realtime/v1/websocket?apikey=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVzdGtmZ2VrdG5pa3Zra25qZXZ2Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NDUyNTIyNTYsImV4cCI6MjA2MDgyODI1Nn0.picDgq2IRMsuk5tZJ0vK6ahBxUo9lKqgNaFce7hHRPg&vsn=1.0.0

104.18.38.10

101 Switching Protocols

0 B

URL GET
wss://estkfgektnikvkknjevv.supabase.co/realtime/v1/websocket?apikey=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVzdGtmZ2VrdG5pa3Zra25qZXZ2Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NDUyNTIyNTYsImV4cCI6MjA2MDgyODI1Nn0.picDgq2IRMsuk5tZJ0vK6ahBxUo9lKqgNaFce7hHRPg&vsn=1.0.0
IP
104.18.38.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subjectsupabase.co
Fingerprint9D:F5:E6:1B:14:EA:7B:57:95:08:63:BA:BA:3A:A3:5B:C4:B6:75:38
ValiditySun, 11 May 2025 03:29:46 GMT - Sat, 09 Aug 2025 04:29:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /realtime/v1/websocket?apikey=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImVzdGtmZ2VrdG5pa3Zra25qZXZ2Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NDUyNTIyNTYsImV4cCI6MjA2MDgyODI1Nn0.picDgq2IRMsuk5tZJ0vK6ahBxUo9lKqgNaFce7hHRPg&vsn=1.0.0 HTTP/1.1
Host: estkfgektnikvkknjevv.supabase.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://any-game.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mAdriD6eSALi5TgsTGlD4Q==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sat, 17 May 2025 11:49:56 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cEA6OMj3SMCv6e91PhvB5UyLZjc=
CF-Ray: 9412e4f359ae56af-OSL
CF-Cache-Status: DYNAMIC
Cache-Control: max-age=0, private, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
sb-gateway-mode: direct
sb-gateway-version: 1
sb-project-ref: estkfgektnikvkknjevv
Vary: Accept-Encoding
Server: cloudflare
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.35

200 OK

7.8 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://any-game.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 May 2025 17:33:37 GMT
expires: Thu, 14 May 2026 17:33:37 GMT
cache-control: public, max-age=31536000
age: 238579
last-modified: Wed, 23 Apr 2025 16:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://any-game.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 10:26:17 GMT
expires: Fri, 15 May 2026 10:26:17 GMT
cache-control: public, max-age=31536000
age: 177819
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.35

200 OK

8.0 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://any-game.top/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://any-game.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 May 2025 14:59:58 GMT
expires: Sat, 16 May 2026 14:59:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
age: 74998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL OPTIONS

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash