Report - levss-active.xyz/promos/register1

Report Overview

Submitted URL
levss-active.xyz/promos/register1
IP
134.122.93.171
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-05-30 13:34:45
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
levss-active.xyz	unknown	2021-04-08	2021-09-01	2023-05-30	4.8 kB	356 kB	134.122.93.171
1.join2game.com	unknown	2017-06-20	2019-05-22	2023-05-27	2.0 kB	8.8 kB	164.92.166.70

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-30 13:34:27	medium	134.122.93.171	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	levss-active.xyz/promos/register1/883.efa566c3b68fe501b7d6.js	96 kB	2023-05-30	2023-05-30
Pretty URL levss-active.xyz/promos/register1/883.efa566c3b68fe501b7d6.js IP 134.122.93.171 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 15:34:48 Last Seen2023-05-30 15:34:48 Times Seen2 Hash ea7a6541bc5c930fadc2f01dfbf4e4b5 5aa166001f1b20546fd52c540ef1ca15dff9ddd3 f99881c25240b9682c0ec5714b60e932a87ed80e36b74db86104757756b405cc Loading...

	levss-active.xyz/promos/register1/main.efa566c3b68fe501b7d6.js	46 kB	2023-05-30	2023-05-30
Pretty URL levss-active.xyz/promos/register1/main.efa566c3b68fe501b7d6.js IP 134.122.93.171 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 15:34:48 Last Seen2023-05-30 15:34:48 Times Seen2 Hash f401fbf59b1b05efdd90e4bf0d7461c2 911ffe6629eb3f2b38d33eee7f8d9ab8a3a4fa66 a59b1afb46ea8c5c9730a2380cb45c1e8ad66d71b72231323abd0729dc133e29 Loading...

	1.join2game.com/js/mwla-1.0.js	4.7 kB	2023-05-09	2024-01-27
Pretty URL 1.join2game.com/js/mwla-1.0.js IP 164.92.166.70 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 03:20:53 Last Seen2024-01-27 09:56:16 Times Seen69 Hash 4b3be725ccf7935c4453093b4bbb0da4 7414eb9eac98544b4716fe61b12c54c4ed372a16 af712758fc63863f53cb44cbffb087434356eabfcc3298067aedb986cec27e90 Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	levss-active.xyz/promos/register1/main.efa566c3b68fe501b7d6.css	134.122.93.171	200 OK	10 kB
URL GET HTTP/2 levss-active.xyz/promos/register1/main.efa566c3b68fe501b7d6.css IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type ASCII text, with very long lines (10489), with no line terminators Size 10 kB (10489 bytes) Hash ca5ae738789e774e336cd879698e88f4 a6bcd6ccac5c67da9938ceba2fc06e91f548c340 3f206d0818441afadda0ff71af5111ce983861010c57925af4616aed38824793 HTTP Headers `GET /promos/register1/main.efa566c3b68fe501b7d6.css HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://levss-active.xyz/promos/register1 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:28 GMT content-type: text/css content-length: 10489 last-modified: Fri, 19 May 2023 05:27:54 GMT etag: "646708da-28f9" cache-control: public, max-age=3600 accept-ranges: bytes X-Firefox-Spdy: h2`

	levss-active.xyz/promos/register1/883.efa566c3b68fe501b7d6.js	134.122.93.171	200 OK	96 kB
URL GET HTTP/2 levss-active.xyz/promos/register1/883.efa566c3b68fe501b7d6.js IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type Unicode text, UTF-8 text, with very long lines (32980), with LF, NEL line terminators Size 96 kB (96501 bytes) Hash ea7a6541bc5c930fadc2f01dfbf4e4b5 5aa166001f1b20546fd52c540ef1ca15dff9ddd3 f99881c25240b9682c0ec5714b60e932a87ed80e36b74db86104757756b405cc HTTP Headers `GET /promos/register1/883.efa566c3b68fe501b7d6.js HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://levss-active.xyz/promos/register1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:28 GMT content-type: application/javascript; charset=utf-8 content-length: 96501 last-modified: Fri, 19 May 2023 05:27:54 GMT etag: "646708da-178f5" cache-control: public, max-age=3600 accept-ranges: bytes X-Firefox-Spdy: h2`

	levss-active.xyz/promos/register1/main.efa566c3b68fe501b7d6.js	134.122.93.171	200 OK	46 kB
URL GET HTTP/2 levss-active.xyz/promos/register1/main.efa566c3b68fe501b7d6.js IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type Unicode text, UTF-8 text, with very long lines (44524) Size 46 kB (45457 bytes) Hash f401fbf59b1b05efdd90e4bf0d7461c2 911ffe6629eb3f2b38d33eee7f8d9ab8a3a4fa66 a59b1afb46ea8c5c9730a2380cb45c1e8ad66d71b72231323abd0729dc133e29 HTTP Headers `GET /promos/register1/main.efa566c3b68fe501b7d6.js HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://levss-active.xyz/promos/register1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:28 GMT content-type: application/javascript; charset=utf-8 content-length: 45457 last-modified: Fri, 19 May 2023 05:27:54 GMT etag: "646708da-b191" cache-control: public, max-age=3600 accept-ranges: bytes X-Firefox-Spdy: h2`

	levss-active.xyz/promos/register1/images/banner.12f23f3b9a74949a8156.webp	134.122.93.171	200 OK	14 kB
URL GET HTTP/2 levss-active.xyz/promos/register1/images/banner.12f23f3b9a74949a8156.webp IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 14 kB (14112 bytes) Hash 17fc8974278272293dacaaa38022abb6 9977191767c80e377017c3705d38dda0299f587b ef6c49689084a062b49ec3349c9b6b00120b18e2d33a2712ca2cb48d683df647 HTTP Headers `GET /promos/register1/images/banner.12f23f3b9a74949a8156.webp HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://levss-active.xyz/promos/register1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:28 GMT content-type: image/webp content-length: 14112 last-modified: Fri, 19 May 2023 05:27:56 GMT etag: "646708dc-3720" cache-control: public, max-age=3600 accept-ranges: bytes X-Firefox-Spdy: h2`

	levss-active.xyz/promos/register1/images/bg-desk.0494936cea042cb5a82c.jpg	134.122.93.171	200 OK	161 kB
URL GET HTTP/2 levss-active.xyz/promos/register1/images/bg-desk.0494936cea042cb5a82c.jpg IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x1840, components 3\012- data Size 161 kB (161386 bytes) Hash 80449c15363f4c1647061001c1980265 7d2877e578076c659a2e020478ade2240881e4d0 1219b011182606b3777840880fecc602cd4e59f85c436424392a52b352195bcc HTTP Headers GET /promos/register1/images/bg-desk.0494936cea042cb5a82c.jpg HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://levss-active.xyz/promos/register1/main.efa566c3b68fe501b7d6.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:28 GMT content-type: image/jpeg content-length: 161386 last-modified: Fri, 19 May 2023 05:27:56 GMT etag: "646708dc-2766a" cache-control: public, max-age=3600 accept-ranges: bytes X-Firefox-Spdy: h2`

	1.join2game.com/js/mwla-1.0.js	164.92.166.70	200 OK	4.7 kB
URL GET HTTP/2 1.join2game.com/js/mwla-1.0.js IP 164.92.166.70:443 ASN #0 Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.join2game.com Fingerprint37:70:8D:04:E0:DD:33:7A:C9:30:FF:D5:AC:9C:3F:21:03:1B:E8:17 ValidityFri, 31 Mar 2023 15:23:37 GMT - Thu, 29 Jun 2023 15:23:36 GMT File type ASCII text Size 4.7 kB (4681 bytes) Hash 4b3be725ccf7935c4453093b4bbb0da4 7414eb9eac98544b4716fe61b12c54c4ed372a16 af712758fc63863f53cb44cbffb087434356eabfcc3298067aedb986cec27e90 HTTP Headers `GET /js/mwla-1.0.js HTTP/1.1 Host: 1.join2game.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://levss-active.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:29 GMT content-type: application/javascript content-length: 4681 last-modified: Mon, 29 May 2023 13:39:03 GMT etag: "6474aaf7-1249" x-pcdn-proxy-cache: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	levss-active.xyz/api/v18/settings	134.122.93.171	200 OK	9.3 kB
URL GET HTTP/2 levss-active.xyz/api/v18/settings IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (10348), with no line terminators Size 9.3 kB (9310 bytes) Hash 93776fb1f7d1c8d58859fa77fd6a9493 b708b7265a16f3a6b71cd7e253cf1c54f4d29501 ac1ebc59ace63575c36569a5ce1b4d9535bbbc68f949c87dee4cafe1842c14cf HTTP Headers GET /api/v18/settings HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://levss-active.xyz/promos/register1 x-pcdn-sign: 207c58b2abe39cd7f6661eb820257211 DNT: 1 Connection: keep-alive Cookie: aff=organic_direct; tracker=organic_direct; last_aff=organic_direct; landingCode=register1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:29 GMT content-type: application/json; charset=utf-8 cache-control: max-age=120, public, s-maxage=120 last-modified: Tue, 30 May 2023 13:34:29 GMT expires: Tue, 30 May 2023 13:36:29 GMT vary: Accept-Encoding, Origin, Content-Language x-frame-options: SAMEORIGIN content-encoding: gzip x-pcdn-proxy-cache: EXPIRED x-pcdn-sign-pass: 1 X-Firefox-Spdy: h2`

	1.join2game.com/api/v18/track	164.92.166.70	200 OK	0 B
URL OPTIONS HTTP/2 1.join2game.com/api/v18/track IP 164.92.166.70:443 ASN #0 Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.join2game.com Fingerprint37:70:8D:04:E0:DD:33:7A:C9:30:FF:D5:AC:9C:3F:21:03:1B:E8:17 ValidityFri, 31 Mar 2023 15:23:37 GMT - Thu, 29 Jun 2023 15:23:36 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /api/v18/track HTTP/1.1 Host: 1.join2game.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-pcdn-sign Referer: https://levss-active.xyz/ Origin: https://levss-active.xyz DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:29 GMT content-type: text/html; charset=UTF-8 cache-control: max-age=0, must-revalidate, private vary: Accept-Encoding, Origin access-control-allow-origin: https://levss-active.xyz access-control-allow-credentials: true access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender pragma: no-cache expires: Tue, 30 May 2023 13:34:29 GMT x-frame-options: SAMEORIGIN content-encoding: gzip X-Firefox-Spdy: h2

	1.join2game.com/api/v18/track	164.92.166.70	200 OK	41 B
URL GET HTTP/2 1.join2game.com/api/v18/track IP 164.92.166.70:443 ASN #0 Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.join2game.com Fingerprint37:70:8D:04:E0:DD:33:7A:C9:30:FF:D5:AC:9C:3F:21:03:1B:E8:17 ValidityFri, 31 Mar 2023 15:23:37 GMT - Thu, 29 Jun 2023 15:23:36 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 41 B (41 bytes) Hash 11bd06d0410cb024a80bb9f0cbd87900 6e77f3849d539f7c90285c36b76e48b51747f3c6 1763f8176b11e093b628665e6a7bfae38d05fa2b147f01ab5b4bada239da54c2 HTTP Headers `GET /api/v18/track HTTP/1.1 Host: 1.join2game.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://levss-active.xyz/ x-pcdn-sign: 76b0fdf99a0f254393506376a22e2faa Origin: https://levss-active.xyz DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:29 GMT content-type: application/json; charset=utf-8 vary: Accept-Encoding cache-control: private, must-revalidate access-control-allow-origin: https://levss-active.xyz access-control-allow-credentials: true access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender pragma: no-cache expires: -1 set-cookie: vulkan_track_id=deleted; expires=Mon, 30-May-2022 13:34:28 GMT; Max-Age=0; path=/; secure; samesite=none x-frame-options: SAMEORIGIN x-pcdn-proxy-cache: MISS X-Firefox-Spdy: h2

	1.join2game.com/api/v18/hits	164.92.166.70	200 OK	510 B
URL POST HTTP/2 1.join2game.com/api/v18/hits IP 164.92.166.70:443 ASN #0 Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.join2game.com Fingerprint37:70:8D:04:E0:DD:33:7A:C9:30:FF:D5:AC:9C:3F:21:03:1B:E8:17 ValidityFri, 31 Mar 2023 15:23:37 GMT - Thu, 29 Jun 2023 15:23:36 GMT File type HTML document, ASCII text, with very long lines (544), with no line terminators Size 510 B (510 bytes) Hash 8aaeb17af3c152b41ea8a44966d69192 3a9c71f724d6686c952c7b9244be1d9d59ef60c6 cd9bad17822a348581a0d89f6401cdc11009d742082ca07453c1802cc007c7dd HTTP Headers POST /api/v18/hits HTTP/1.1 Host: 1.join2game.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 132 Origin: https://levss-active.xyz DNT: 1 Connection: keep-alive Referer: https://levss-active.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:29 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding cache-control: private, must-revalidate access-control-allow-origin: https://levss-active.xyz access-control-allow-credentials: true access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender pragma: no-cache expires: -1 set-cookie: gstId=51159cf3-cf0c-4e2a-bcdb-226b7887ec42; expires=Thu, 30-May-2024 13:34:29 GMT; Max-Age=31622400; path=/; secure; samesite=none tracker=organic_direct; expires=Fri, 30-Jun-2023 13:34:29 GMT; Max-Age=2678400; path=/; domain=.1.join2game.com; secure; samesite=none content-encoding: gzip X-Firefox-Spdy: h2

	levss-active.xyz/api/v18/settings	134.122.93.171	200 OK	9.3 kB
URL GET HTTP/2 levss-active.xyz/api/v18/settings IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (10348), with no line terminators Size 9.3 kB (9310 bytes) Hash 93776fb1f7d1c8d58859fa77fd6a9493 b708b7265a16f3a6b71cd7e253cf1c54f4d29501 ac1ebc59ace63575c36569a5ce1b4d9535bbbc68f949c87dee4cafe1842c14cf HTTP Headers GET /api/v18/settings HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://levss-active.xyz/promos/register1 x-pcdn-sign: 207c58b2abe39cd7f6661eb820257211 DNT: 1 Connection: keep-alive Cookie: aff=organic_direct; tracker=organic_direct; last_aff=organic_direct; landingCode=register1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:29 GMT content-type: application/json; charset=utf-8 cache-control: max-age=120, public, s-maxage=120 last-modified: Tue, 30 May 2023 13:34:29 GMT expires: Tue, 30 May 2023 13:36:29 GMT vary: Accept-Encoding, Origin, Content-Language x-frame-options: SAMEORIGIN content-encoding: gzip x-pcdn-proxy-cache: EXPIRED x-pcdn-sign-pass: 1 X-Firefox-Spdy: h2`

	levss-active.xyz/api/v18/webhook/page_open	134.122.93.171	200 OK	26 B
URL POST HTTP/2 levss-active.xyz/api/v18/webhook/page_open IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://levss-active.xyz/promos/register1 Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 26 B (26 bytes) Hash a4f7f71d4238aa7d857a96caad1fe036 7fa8599477b11da84930bb08060938cbea2e2151 b72641bce50447d4c622696d2d098e6b84dc047460d67e1b84854cc7a0043c1e HTTP Headers POST /api/v18/webhook/page_open HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://levss-active.xyz/promos/register1 x-pcdn-sign: 4481a7dd5ae6dcc7486f938a50a1ce9a Content-Type: text/plain;charset=UTF-8 Content-Length: 335 Origin: https://levss-active.xyz DNT: 1 Connection: keep-alive Cookie: aff=organic_direct; tracker=organic_direct; last_aff=organic_direct; landingCode=register1; gstId=51159cf3-cf0c-4e2a-bcdb-226b7887ec42 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:30 GMT content-type: application/json; charset=utf-8 vary: Accept-Encoding cache-control: no-cache, private x-frame-options: SAMEORIGIN content-encoding: gzip x-pcdn-sign-pass: 1 X-Firefox-Spdy: h2`

	levss-active.xyz/promos/register1	134.122.93.171	200 OK	7.2 kB
URL User Request GET HTTP/2 levss-active.xyz/promos/register1 IP 134.122.93.171:443 ASN #14061 DIGITALOCEAN-ASN Certificate IssuerLet's Encrypt Subject.levss-active.xyz FingerprintB1:96:F0:C0:46:EF:69:A1:67:C6:DB:3F:60:C0:4E:16:E8:AC:08:8B ValiditySat, 29 Apr 2023 09:18:28 GMT - Fri, 28 Jul 2023 09:18:27 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7292), with no line terminators Size 7.2 kB (7179 bytes) Hash 5304c21ea4d18254ff8dacba7bafd4d2 6178a1edeb61469bb88302f331742e4e61b32e85 cd2c88cd1725513720d00d3d6fc4738a1de0f19512b993ee86ae3a7a7aca812b HTTP Headers `GET /promos/register1 HTTP/1.1 Host: levss-active.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 30 May 2023 13:34:28 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=3600 content-encoding: gzip X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate