| higgsevents.com/ | 172.67.174.81 | 301 Moved Permanently | 0 B |
IP172.67.174.81:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | | fortinet | Phishing | |
GET / HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 06:55:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 07:55:28 GMT
Location: https://higgsevents.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HgbYgIDFAPK9u73RnlbXNPxqleT6AQoBgaKGYL1ysZN7Hsvh2kvrF5F3SbLAKlp5OcHqEqV%2Bd3keDpNbRtoMsZ81H4VcKjmgbfD87E7ohzutCucAj4WOuD1rQCbsDcyAm8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7931057c5b060b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11214
Expires: Thu, 02 Feb 2023 10:02:22 GMT
Date: Thu, 02 Feb 2023 06:55:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashe935ea42be4feaed61a824b0b903913e f966cfa80d65a805cb9d7c6a53b3340865d7c51a eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4749
Expires: Thu, 02 Feb 2023 08:14:37 GMT
Date: Thu, 02 Feb 2023 06:55:28 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 06:36:03 GMT
content-type: application/json
age: 1165
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash9a76feabb767086ae0fa54e0ffbf763f 3655d78994a1e9838340669462728b67c8c12e54 bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7105
Expires: Thu, 02 Feb 2023 08:53:53 GMT
Date: Thu, 02 Feb 2023 06:55:28 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hogy6L06YVwW7E8capQxjaCZPvsAg2+UTOkzADzt2q+YTd2Rdu186AUhN5tEi2VYK8wUT7OO34A=
x-amz-request-id: N36GBWJ46M2QDYZH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 06:22:59 GMT
age: 1949
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:55:28 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/pQmEKZy41QQ | 142.250.74.163 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/pQmEKZy41QQ IP142.250.74.163:0
Hashadb81566d0d1ea4ca44b5ec0a67533a6 1d80f0284257071ae2bdfe2fb23449ee22065c30 3c4237ab3d264307e436d6ef7ce16dbec7f8e236d0ef8f4e79819a7e918000ca
POST /s/gts1p5/pQmEKZy41QQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 06:49:05 GMT
age: 384
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13031
Expires: Thu, 02 Feb 2023 10:32:40 GMT
Date: Thu, 02 Feb 2023 06:55:29 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/s/gts1p5/pQmEKZy41QQ | 142.250.74.163 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/pQmEKZy41QQ IP142.250.74.163:0
Hashadb81566d0d1ea4ca44b5ec0a67533a6 1d80f0284257071ae2bdfe2fb23449ee22065c30 3c4237ab3d264307e436d6ef7ce16dbec7f8e236d0ef8f4e79819a7e918000ca
POST /s/gts1p5/pQmEKZy41QQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.24.14 | 200 OK | 5.6 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:0
File typeASCII text, with very long lines (30837) Hash109d1ed85cd01f9cdab73a4cac5bf80d d6c6498ad46de2d8e2008a8ff68e364ae7f16b32 8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 547965
expires: Tue, 23 Jan 2024 06:55:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjdJzeZG4QdbuNwVWe6xtBSY8%2FUV80hCsQF3fPYQBVoMQgsxFNTFEYc6dreW9Hn45a5E9b7xDi897ZsTwcvyXsSjYUMlgyoVCqlaseS5fvjvBn55yGCbTOAavqo0aKcz4pAnh%2FSX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793105823dd61c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.24.14 | 200 OK | 5.8 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.24.14:0
File typeASCII text, with very long lines (65536), with no line terminators Hasha7e25a22602a2b2ed35f90fd5210cff1 148c4f275b60e6cf6253d6b4c7bdc486515b2202 312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3557787
expires: Tue, 23 Jan 2024 06:55:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4OXLyW4bhAgko2kX9xO2aXiDKLaYbyceqVdkZpKqN7mX0Fej1oBMofoPanriTLRXWgaHrI6AWuCp%2FQLNzz9%2B0BGQ95yaWZDeXfGfRYUkBp1JwHImOTIWSznTroHAzURD7qFi0rs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793105824dde1c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css | 104.17.24.14 | 200 OK | 10 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css IP104.17.24.14:0
File typeASCII text, with very long lines (59158) Hash3e4019642322c3e0f1db17e4411b7d49 4481a79c38f6ff4651621e30fc05f4b6f4e2c98c abfa1d2f03f268a7ac776f6a9c22f53ef759a6110b3a61eb0f7dce9bd446c8d8
GET /ajax/libs/font-awesome/5.15.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: text/css; charset=utf-8
content-length: 10472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7431-e7d0"
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1140502
expires: Tue, 23 Jan 2024 06:55:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCrKH9ZhYiUuuHyN1nAYZVJvn9UZNro%2Brz4YqiewSOzXEhZlyDJjYSPY59wLJpSrFbFb9yhiIje%2FUoKmdt23pfkZ0i%2FjRmTx2omGhVJFzOnDJyIZVfnF7YgW4ah%2BP4%2FfUbsUgr4y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793105825de81c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hasha7f7aaefea5c7c65dc3c2e83b2032919 492d09014cebce118c2ae4adb38d97637016e629 bd41dab63041d1b61138918350b5616ec031ffab572ed6e37113be12efa112e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6147
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Last-Modified: Thu, 02 Feb 2023 05:13:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 216.58.207.234 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP216.58.207.234:0
File typeASCII text, with very long lines (32061) Hashb90b3d2618cce9d766152cd3092b5c27 496339457cd00caab8118e2e1f30ea18dc05b9f4 b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:38:24 GMT
expires: Fri, 02 Feb 2024 00:38:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 22625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 216.58.207.234 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP216.58.207.234:0
File typeASCII text, with very long lines (65451) Hash903bc7a7e510f87aa5d0201eb59a0832 ac9aa4dd94cde1bcba9037e94087138b127e41fc 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 23:28:56 GMT
expires: Wed, 31 Jan 2024 23:28:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 113193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| code.jquery.com/jquery-3.6.0.min.js | 69.16.175.10 | 200 OK | 31 kB |
URL HTTP/2code.jquery.com/jquery-3.6.0.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (65447) Hash899f0189aaf034bbba5340f724d91dfa 210ea9de03968edb9d839ba4a0ce2d48666a8ab8 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675320929.dop226.sk1.t,1675320929.cds009.sk1.hn,1675320929.cds210.sk1.c
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js | 216.58.207.234 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP216.58.207.234:0
File typeASCII text, with very long lines (65447) Hash7808e0e4b7a714230373852158500533 4a79d18722a68a2f38d52e2d3a11b550bdd30b3c 8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 00:39:07 GMT
expires: Wed, 31 Jan 2024 00:39:07 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 195382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 216.58.207.234 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP216.58.207.234:0
File typeASCII text, with very long lines (32180) Hashf16500423cc2867eff8b773df637c48f 1cd32d75b59a89c3a70274e383151a61ce0594f4 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:14 GMT
expires: Sat, 27 Jan 2024 10:05:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 507015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.37.14.141 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.37.14.141:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 46LdI+t3IPeYCFuzCQZ8mA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zywDHJTB3n7Pj6qQ1DnZx8NwVVI=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| higgsevents.com/alexFrontEnd/img/conver_tip_01.png | 104.21.88.84 | 200 OK | 8.5 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/conver_tip_01.png IP104.21.88.84:0
File typePNG image data, 347 x 37, 8-bit/color RGBA, non-interlaced\012- data Hashc7f2efe24fafabcbda080f7280a5ab62 7756785a3f1572e8c76d13c314cf85314a02788c 170455ffcf5f7f1614be79be2b57d8b41eee90c7143736b97d828f4926732681
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/conver_tip_01.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: image/png
content-length: 8497
last-modified: Wed, 13 Jul 2022 04:59:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YECGeTS0fDAyV1LoWGdFJZ%2FyIcwCrEkUey7%2BXZlRPkhGS6pVc2KUZDz1Y%2FD1slAcLjhc5GmBPrwWm1DDTyYEWc%2BCBYYd%2BgQUTOfBUx1o0vuZKA167SJ9PsJ1WG2bWL78D4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581ea40b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| higgsevents.com/alexFrontEnd/img/conver_gold.png | 104.21.88.84 | 200 OK | 15 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/conver_gold.png IP104.21.88.84:0
File typePNG image data, 226 x 202, 8-bit colormap, non-interlaced\012- data Hashaf101d46cfc44203cd95f58401196310 bcc41ee3db1bb0dd5567578ffa60e3abc430891c 5e06c4dfb356e3d47cd60b776d058044ffdccd7c8845f318aefc32eee0504227
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/conver_gold.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: image/png
content-length: 15161
last-modified: Wed, 13 Jul 2022 04:59:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPIRvN1%2F9TwmZa7bbtc%2Bdx8RYAD1k6tSnjSTLA3MyAJOVmRTVn3fntUdHu7Y0oshV9hMHkRFLa%2BfY2RXHNNRAM0P%2Fe0x9OOs%2BMNj9NAL5h2t8a0q4T2ozc5dwNc6l%2BZG%2FNE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581ea56b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 727 B |
IP93.184.220.29:0
Hashcc740e246836a014c281152e2f38cf16 a1081c23bd2da1f7f4b984c0a311ae72326d92a8 2afb16cd08e808067f67d1e5faeae37d8c427e41d429e0bee7b07df1014c8dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Server: ECS (amb/6BA4)
Content-Length: 727
|
|
| higgsevents.com/alexFrontEnd/img/award_card.png | 104.21.88.84 | 200 OK | 12 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/award_card.png IP104.21.88.84:0
File typePNG image data, 230 x 178, 8-bit colormap, non-interlaced\012- data Hashf4c9fac4481e89af057f79cb54254bae 12f8eb88a98f457b3faa82362b36b96bc88c1f42 a97e6084cc38a78214034ae32eb758790d289d98f7a6585fe562f359fe220b62
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/award_card.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: image/png
content-length: 11547
last-modified: Wed, 13 Jul 2022 04:59:02 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJk48dfMSbfi6xRpL%2BDz0NxUGXZYqGPPQwnqsqitYPGU7KrQfEs855acNrZ5EhQwyIL5RQzl3EhDB8CXonLrCXESUIjLY3TuLph3QfMt076BX%2FdG7cd8T5F0slZPKawtchI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581ea3fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 727 B |
IP93.184.220.29:0
Hashcc740e246836a014c281152e2f38cf16 a1081c23bd2da1f7f4b984c0a311ae72326d92a8 2afb16cd08e808067f67d1e5faeae37d8c427e41d429e0bee7b07df1014c8dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112624
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:29 GMT
Etag: "63da7351-2d7"
Expires: Fri, 03 Feb 2023 14:12:33 GMT
Last-Modified: Wed, 01 Feb 2023 14:12:33 GMT
Server: nginx
Content-Length: 727
|
|
| higgsevents.com/alexFrontEnd/img/conver_tip_02.png | 104.21.88.84 | 200 OK | 9.5 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/conver_tip_02.png IP104.21.88.84:0
File typePNG image data, 1446 x 216, 8-bit/color RGBA, non-interlaced\012- data Hashea9276c6e9743c7d0fb6b7de3a3b21ba 6e636735d9777960e6acb780a3a5c01800d8e5a6 51669fac0a00a614f1e7c2f5eaa9fdad7ef142d93563f215cb3cb1794f1f9da0
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/conver_tip_02.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 9543
last-modified: Sun, 16 Oct 2022 14:32:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcmW8kKQs6vrKKKZSGG%2BpL5m5ypRSRGITZrqf79nMRGJWGjXcd3l5tZlG2OOlEEMI76dXzaoTn6wdknlCIj9HKWGc0R4Pg9%2BocPYAQFIPzVnMtbaKNAk5t5yScuzG%2Bpuh30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581ea57b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| higgsevents.com/alexFrontEnd/img/conver_btn_01.png | 104.21.88.84 | 200 OK | 13 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/conver_btn_01.png IP104.21.88.84:0
File typePNG image data, 311 x 84, 8-bit/color RGBA, non-interlaced\012- data Hash7ee03f982d412780f4b5ee197d3060f8 b3ffc390df61a0d195c8dca77a270ae52a1bdc4b 530080c5f2d1b35642aa53ddcdc52d420a971ec279bfdf64cdbaf478fabe350d
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/conver_btn_01.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 13300
last-modified: Wed, 13 Jul 2022 04:59:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alOvMCLQ3EUKvuzoaePXpbkS0AJejDEzD08o8jdEfLfzIVFjPjlEuPDsioD94Z17VWZdDqvmlUCC9STrGlYwFpT0HLfDLLEHH0wEj5lVdKg8F4c4FboB0B8QerExLq5ln%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581ea42b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| higgsevents.com/alexFrontEnd/img/facebook_text.png | 104.21.88.84 | 200 OK | 29 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/facebook_text.png IP104.21.88.84:0
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/facebook_text.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 28789
last-modified: Sat, 10 Dec 2022 15:55:14 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NaILvSY87dFdbOQPx8lSU%2F0KdQ2P9e3Zd1kB59s5hlpbxtTKDuuSuzJS7yeoTp0uBosa7EKwYI8ZWzHnHZSR3c0FedvVAj46gi%2FrEiA%2Bsb5HVVyksKMygozV4shFtSZkmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581fa7fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash98150983704de6ec7308210611c82948 588ce16b470ae307ea35a20f29e7a65b35b5406b 73c8b191ccbc36ad5e829427a77276dfee226502f35a917b1aafbe3e4fe9ab87
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73C8B191CCBC36AD5E829427A77276DFEE226502F35A917B1AAFBE3E4FE9AB87"
Last-Modified: Tue, 31 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 12:55:30 GMT
Date: Thu, 02 Feb 2023 06:55:30 GMT
Connection: keep-alive
|
|
| higgsevents.com/alexFrontEnd/img/reward/0deg.png | 104.21.88.84 | 200 OK | 578 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/reward/0deg.png IP104.21.88.84:0
File typePNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data Size578 kB (578399 bytes) Hash28b8e5c7292bf1df0dccb3fdfd4b2ed2 9baa793b29684c5caebef6f5f9e92be6f038fba3 e5b9685ef123c731b25996275b45d13ecf34ecc2cb08c887eda0c11bc9abfc6b
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/reward/0deg.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 578399
last-modified: Tue, 12 Apr 2022 02:49:40 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HERCEBmMes1i%2BbTfacHYAm1%2Ff%2B%2BQShdcc0Wv%2BTVVUHatOS5MqYQ5wAUHM2cYXp7h3vN5U7%2B60n8F6a0bGEqd8i4Oev22%2FiG4ZUukQoo4YjUtvxnLughltzrfB48%2BDX%2BoprM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581fa61b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash33e73ceb9c66c682fb3d5850e404e045 9153d0a56a25146ffc4502e949862346ce272fea 6cfc46545a5bd0bd9147f1687f622588652166ac776b1471791a3a750ef6c39e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CFC46545A5BD0BD9147F1687F622588652166AC776B1471791A3A750EF6C39E"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Thu, 02 Feb 2023 12:55:06 GMT
Date: Thu, 02 Feb 2023 06:55:30 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 727 B |
IP93.184.220.29:0
Hashcc740e246836a014c281152e2f38cf16 a1081c23bd2da1f7f4b984c0a311ae72326d92a8 2afb16cd08e808067f67d1e5faeae37d8c427e41d429e0bee7b07df1014c8dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:30 GMT
Last-Modified: Thu, 02 Feb 2023 06:55:29 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 727
|
|
| i.postimg.cc/2STDpGG0/20220119-164621.png | 162.19.61.80 | 200 OK | 80 kB |
URL HTTP/2i.postimg.cc/2STDpGG0/20220119-164621.png IP162.19.61.80:0
File typePNG image data, 1280 x 414, 8-bit/color RGBA, non-interlaced\012- data Hash6f184ec5bb785bb66efb4ea09df82a4a 3c0d36f6622e5012d859f39729aa2b43e687fbb0 59640bd76aec21cc8bc2074d5082b37b3735eadfc502c12334db74109e411870
GET /2STDpGG0/20220119-164621.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 80548
last-modified: Wed, 19 Jan 2022 09:47:09 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| dominov14.jefanyaefandchr.repl.co/higgs_domino.webp | 34.149.204.188 | 200 OK | 44 kB |
URL HTTP/2dominov14.jefanyaefandchr.repl.co/higgs_domino.webp IP34.149.204.188:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash767df14ef1034a96416741103cf9f4f9 c9cc7a33c625ac767e5ca441570041142da28e6b 5fc4b0a80e12e40d6b26e8e52f1117a6fbef2cff6399c18b7101bbb6df05e84f
GET /higgs_domino.webp HTTP/1.1
Host: dominov14.jefanyaefandchr.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/webp
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=4677516; includeSubDomains
content-length: 43656
date: Thu, 02 Feb 2023 06:55:30 GMT
X-Firefox-Spdy: h2
|
|
| dominov14.jefanyaefandchr.repl.co/theme_alex_hdi.mp3 | 34.149.204.188 | 200 OK | 474 kB |
URL HTTP/2dominov14.jefanyaefandchr.repl.co/theme_alex_hdi.mp3 IP34.149.204.188:0
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural\012- data Size474 kB (474295 bytes) Hash5700c9c50560e59ca259c86024dfc32c b26469affc20e3440ee06647b48c7201ef90b74f f9867026d6ac60fba85c23bbbfa09fb3663b45c768782c40ebe989e447a594c3
GET /theme_alex_hdi.mp3 HTTP/1.1
Host: dominov14.jefanyaefandchr.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-type:
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=4677516; includeSubDomains
content-length: 474295
date: Thu, 02 Feb 2023 06:55:30 GMT
X-Firefox-Spdy: h2
|
|
| static.neptunegame.com/images/website/img_swiper_2_07.png | 35.244.144.129 | 200 OK | 108 kB |
URL HTTP/2static.neptunegame.com/images/website/img_swiper_2_07.png IP35.244.144.129:0
File typePNG image data, 658 x 362, 8-bit colormap, non-interlaced\012- data Size108 kB (108026 bytes) Hash69ae4e8748f839bb54447ac2559792f1 6586536afdbbf88522406d9d800cb183e4f82f0c 6165bdc8e8a7f1690e49403676fb0a17ada1ae1f1770c099690db2c6eee8cd7b
GET /images/website/img_swiper_2_07.png HTTP/1.1
Host: static.neptunegame.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: BKWS
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 108026
last-modified: Sat, 05 Nov 2022 07:35:41 GMT
etag: "6366124d-1a5fa"
expires: Tue, 01 Aug 2023 06:55:30 GMT
cache-control: max-age=15552000,public
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dominov14.jefanyaefandchr.repl.co/jefanya-facebook.css | 34.149.204.188 | 200 OK | 5.0 kB |
URL HTTP/2dominov14.jefanyaefandchr.repl.co/jefanya-facebook.css IP34.149.204.188:0
Hasha883e32db063b425c57a2cbcea9de1f4 3bdab58439ba9eb0a6a5de75f49282044c658177 c2d93eef0f453290e70b6c8f61e7b7f4d725e1d1f7a23f55d954710c9a988f71
GET /jefanya-facebook.css HTTP/1.1
Host: dominov14.jefanyaefandchr.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-type: text/css; charset=utf-8
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=4677516; includeSubDomains
content-length: 4978
date: Thu, 02 Feb 2023 06:55:30 GMT
X-Firefox-Spdy: h2
|
|
| static.neptunegame.com/images/website/webShop/view_guide.png | 35.244.144.129 | 200 OK | 114 kB |
URL HTTP/2static.neptunegame.com/images/website/webShop/view_guide.png IP35.244.144.129:0
File typePNG image data, 695 x 825, 8-bit colormap, non-interlaced\012- data Size114 kB (114161 bytes) Hasha35e57ac6b97f02f98fc65455717257e b5f5ee8a280ddcd2d04737ee73f93817323fb896 e814ee9eedae2827b830b060a8d16b5036b205a9f405bf708d89437b4ac09f5a
GET /images/website/webShop/view_guide.png HTTP/1.1
Host: static.neptunegame.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: BKWS
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 114161
last-modified: Sat, 05 Nov 2022 07:35:41 GMT
etag: "6366124d-1bdf1"
expires: Tue, 01 Aug 2023 06:55:30 GMT
cache-control: max-age=15552000,public
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dominov14.jefanyaefandchr.repl.co/domino_text.png | 34.149.204.188 | 200 OK | 54 kB |
URL HTTP/2dominov14.jefanyaefandchr.repl.co/domino_text.png IP34.149.204.188:0
File typePNG image data, 550 x 298, 8-bit colormap, non-interlaced\012- data Hash902ccba5582e47de00a4fc233deef9bc 34369f1d3c91d3ac059e790b73d2dc0729db3f7d b614b6b205deb1c744afa96f1922ce0b153ab2c95fc748f81c2ab4eff90f9d20
GET /domino_text.png HTTP/1.1
Host: dominov14.jefanyaefandchr.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/png
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=4677516; includeSubDomains
content-length: 53497
date: Thu, 02 Feb 2023 06:55:30 GMT
X-Firefox-Spdy: h2
|
|
| static.neptunegame.com/images/website/img_swiper_2_02_1.png | 35.244.144.129 | 200 OK | 116 kB |
URL HTTP/2static.neptunegame.com/images/website/img_swiper_2_02_1.png IP35.244.144.129:0
File typePNG image data, 658 x 362, 8-bit colormap, non-interlaced\012- data Size116 kB (116324 bytes) Hasha53845a92ec388d15619a54717493337 e44abad944221c032fa13ecf6e2f04b3a956ed5a d4eec2792b15fba21694e5b49f527b08028c410e7bc974678402e68fa582b03a
GET /images/website/img_swiper_2_02_1.png HTTP/1.1
Host: static.neptunegame.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: BKWS
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 116324
last-modified: Sat, 05 Nov 2022 07:35:41 GMT
etag: "6366124d-1c664"
expires: Tue, 01 Aug 2023 06:55:30 GMT
cache-control: max-age=15552000,public
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13716
Expires: Thu, 02 Feb 2023 10:44:06 GMT
Date: Thu, 02 Feb 2023 06:55:30 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd910c24f5a6108cb74103cd70692a703 9fe648fa464e46d16f685aca1704f3414eda4107 5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 31403
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb9af1fd56c0de8f128ddce88d49c1b4d e3bb3d4950f7c0267f4476eef21872da332831aa 908153182f76362ff329803d9c11c06c66181e85e8e51dabd927f1f1ac630d5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8944
x-amzn-requestid: 07495184-ede8-485c-94e8-5302ec348ea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freiLHRPoAMFYbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade0d-275437a54eceb40e302a7f55;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86qoRJHXcrnBGi3REMF5q3ANzKdqEs5F3yFUBmiIt6SCbBVnhGe2Kw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:58:57 GMT
age: 32193
etag: "e3bb3d4950f7c0267f4476eef21872da332831aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf1d06527f75868ea84da730b7c8b5660 6c0cb65a477d6bc7d013529411d5735bd39e3d46 2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S012XKdrl7ID1qnfD-G2fcAxWoseP_mAnaDi12Y-UmdBW8yXgGlpgQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 31004
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| higgsevents.com/alexFrontEnd/css/style.css | 104.21.88.84 | 200 OK | 7.4 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/css/style.css IP104.21.88.84:0
File typeASCII text, with CRLF line terminators Hash6dcbc2abe1ebbd4680a21de541364f1d faa910729c27e87b874a6c1e1fa6cb382bc905a4 d8748084f3d36956736707b0e833c6160ef6b3f528f276a44bb9037342b28058
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/css/style.css HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: text/css
last-modified: Tue, 12 Apr 2022 02:53:46 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWuaZPVtgf8a0Nb%2Fqts0ZE%2Fq9eTLkYDUbG3MMltX1EBmdW9U3pqxKpG9H%2Fig4%2F4m9DPJCa8toS1p9KciZYipgRXI%2B7OkYNPCJlLlq392QIDO11MJpxTlGytt%2F4%2Bwe9M%2BvF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581da2cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb91a1323efe4b01a2d1a2e8485117934 43d04a554f6ef512e7b21ac09287efc0e4e5efee 393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 3c6771b8-3ae0-4300-9d84-9311c15389ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGh3oAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-27479faf4518900c03b84144;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oZ6etg6l7SjzCMTg-7DhIeEXMmempp9_kMb3ITzUqbrXKz2wz0qJ0w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:02:22 GMT
age: 85988
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha4392f298c9e98515493f1235810838f b89eebf2b8adac69487262100b07da8bc171ecf7 b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15656
x-amzn-requestid: 6723d22f-8b16-4fb2-af92-9b3257fc2a1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIHpRoAMFRYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-03b1c6646f63ba716a6298e1;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: alMHzjwJbGegz4F76t9-EhIhCUHgQngtgiZgMo2_MxAIrXqsNxWxBg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 08:16:33 GMT
age: 81537
etag: "b89eebf2b8adac69487262100b07da8bc171ecf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| static.neptunegame.com/images/website/img_swiper_2_04.png | 35.244.144.129 | 200 OK | 119 kB |
URL HTTP/2static.neptunegame.com/images/website/img_swiper_2_04.png IP35.244.144.129:0
File typePNG image data, 658 x 362, 8-bit colormap, non-interlaced\012- data Size119 kB (119249 bytes) Hash3db1f3ff93ee6bc780fe504cb18a4584 12e512ff43ab72718f2c9da97ff32115f92a424f 10e6f666fac4540724d1685d3999fb2e287bf66f51af1a3f3a317b53bb81eefb
GET /images/website/img_swiper_2_04.png HTTP/1.1
Host: static.neptunegame.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: BKWS
date: Thu, 02 Feb 2023 06:55:30 GMT
content-type: image/png
content-length: 119249
last-modified: Sat, 05 Nov 2022 07:35:41 GMT
etag: "6366124d-1d1d1"
expires: Tue, 01 Aug 2023 06:55:30 GMT
cache-control: max-age=15552000,public
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| higgsevents.com/alexFrontEnd/img/higgs_domino.webp | 104.21.88.84 | 200 OK | 44 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/higgs_domino.webp IP104.21.88.84:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash767df14ef1034a96416741103cf9f4f9 c9cc7a33c625ac767e5ca441570041142da28e6b 5fc4b0a80e12e40d6b26e8e52f1117a6fbef2cff6399c18b7101bbb6df05e84f
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | | fortinet | Phishing | |
GET /alexFrontEnd/img/higgs_domino.webp HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:31 GMT
content-type: image/webp
content-length: 43656
last-modified: Sat, 10 Dec 2022 15:55:14 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFpdeGKwbMpxfZKYMDObgNbVcf32blQDFI1S5ulX637Y1vOMwNPZaM539Py%2BU4tFNsJHRmumLZmwMWACFUYhJDdaGLtMTAD2W7JSCXiZ%2FKb4WYrpLTyynIRTEjc6VXQuKfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793105822aa6b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| higgsevents.com/alexFrontEnd/img/conver_tip_03.png | 104.21.88.84 | 200 OK | 9.6 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/conver_tip_03.png IP104.21.88.84:0
File typePNG image data, 1445 x 217, 8-bit/color RGBA, non-interlaced\012- data Hashe92265a49d871d80ee2e1543e647c40a e2076655694331648e8b157d336d815001cf7db1 600ecd2d21082f68bf9eb9d58843af6934d11f7a210b2c37219c9aeb23857c96
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/conver_tip_03.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:31 GMT
content-type: image/png
content-length: 9598
last-modified: Sun, 16 Oct 2022 14:32:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxwT67pJMM7qs%2FXuVSjktosSUE7716umuuEZ7Vzzo9qDtZOIBe10iju%2Bq5i%2BleuGqC9ykju%2B909X%2BTQWbdtP8XHxTSMVBXGVzedGo%2FKa3UmuFRLcT%2F1S%2FFcKKkG6F95xQs4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581fa5eb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| higgsevents.com/alexFrontEnd/img/conver_btn_02.png | 104.21.88.84 | 200 OK | 11 kB |
URL HTTP/2higgsevents.com/alexFrontEnd/img/conver_btn_02.png IP104.21.88.84:0
File typePNG image data, 311 x 84, 8-bit/color RGBA, non-interlaced\012- data Hashd12efefb896fe3c80f375b86b715433b 7c85c371c4984d1da03f28e7de8511b340ad1872 b29e31a4f374e0135146531fca418a75619d36aee8eced81921267d1f6371b0b
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/img/conver_btn_02.png HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:32 GMT
content-type: image/png
content-length: 11388
last-modified: Wed, 13 Jul 2022 04:59:20 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKZtST7DFQeYbETSTiURKVMNMy172IMUk1WcGyB%2BF%2BokeDjagBlrxmlV6TBYuf0XdWZ4wUQ%2FpX6cq14PVpB7%2FPfRnGTU6rkNXM5v66OkcPb8aqhGbJ0XuWaa2olDwRCqXQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581fa5ab517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dominov14.jefanyaefandchr.repl.co/clicked_alex_hdi.mp3 | 34.149.204.188 | 200 OK | 13 kB |
URL HTTP/2dominov14.jefanyaefandchr.repl.co/clicked_alex_hdi.mp3 IP34.149.204.188:0
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data Hash1fdfb1eca4eb9ff5206054a46e75641d cfb7d06458a704106158f58552f966fec24bacb1 250c1fa66e1926dca367fefaef90120035d2e6521df94d6d48aefe04990b14c7
GET /clicked_alex_hdi.mp3 HTTP/1.1
Host: dominov14.jefanyaefandchr.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-range: bytes 0-12624/12625
content-type:
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=4677514; includeSubDomains
content-length: 12625
date: Thu, 02 Feb 2023 06:55:32 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 549 B |
IP93.184.220.29:0
Hash33e1d28cdfed0aecc484d91bad32c3bf 98772c6ce7ed9497ba23e6618e8952bf4fdc8b4e 30a73c6f9d24fb72b084d9036b50324af437bf36be2293f0cbc48c2e339ca790
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 06:55:33 GMT
Server: ECS (amb/6B87)
Content-Length: 471
|
|
| www.bosbosgames.com/favicon.ico | 170.33.97.2 | 200 OK | 3.1 kB |
URL HTTP/1.1www.bosbosgames.com/favicon.ico IP170.33.97.2:0 ASN#134963 Alibaba.com Singapore E-Commerce Private Limited
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Hash5d26b0cd6f3b253b005d454bcad1f6f9 3f2ed546a4523ed41abc31f983841d05ece1e2b1 0508d1050eaf8e943e0e60007b13036d081828400aff3932a7f56a1a81cc0873
GET /favicon.ico HTTP/1.1
Host: www.bosbosgames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 06:55:33 GMT
Content-Type: image/x-icon
Content-Length: 3074
Connection: keep-alive
Set-Cookie: aliyungf_tc=389888080e42c0d5bf96f0f3e69435f1fbe5d37a6f72e7f0b016c312a781fca2; Path=/; HttpOnly
ETag: W/"3074-1632472003000"
Last-Modified: Fri, 24 Sep 2021 08:26:43 GMT
Accept-Ranges: bytes
|
|
| higgsevents.com/alexFrontEnd/css/responsive.css | 104.21.88.84 | 200 OK | 0 B |
URL HTTP/2higgsevents.com/alexFrontEnd/css/responsive.css IP104.21.88.84:0
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | |
GET /alexFrontEnd/css/responsive.css HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: text/css
last-modified: Tue, 12 Apr 2022 02:54:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4Yj61J3nsoactyG1gtWQUj2wboVQcQyJO0dzSXKQkCOx0uS2AFrN88mHH4UZ%2FBERxj0AH0A037teDd6YRkWXUhVv%2FrRn%2B9t7tOEw77fvpYWLHmFrTPNWMZQ3880UdEqUAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79310581da31b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| higgsevents.com/ | 104.21.88.84 | 200 OK | 0 B |
IP104.21.88.84:0
Analyzer | Verdict | Alert | openphish | Generic/Spear Phishing | | fortinet | Phishing | |
GET / HTTP/1.1
Host: higgsevents.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK1G%2B9V0UdJqMlUxwrBytdNJwVYG4pDHecCIfb1LiuQXpJFK0alGJrP1VLCN9dOx7xKuoL6ENhRZRFXmaCYeeW%2BpWfNuKPytwYOvQqRRkGlDScNwBUR%2FVl0w%2F6D4HTzHqLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7931057e6e2fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://higgsevents.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 06:55:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 20767683
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79310582bf11b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|