Report - thegamegolfmagazine.com/

Report Overview

URL

thegamegolfmagazine.com/
IP

81.169.145.88

ASN

#6724 Strato AG
Submitted

2023-02-23T19:25:39Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

17

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T18:13:28Z	782	2373	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-14T05:09:37Z	413	5882	34.160.144.191
www.gstatic.com (1)	unknown	2016-07-26T11:37:06Z	2023-03-14T05:51:18Z	477	5111	216.58.211.3
thegame.golf (35)	unknown	2022-08-06T12:58:59Z	2022-12-18T12:22:38Z	12030	3248193	81.169.145.105
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3801	62870	34.120.237.76
ocsp.pki.goog (7)	175	2018-07-01T08:43:07Z	2023-03-13T18:12:07Z	2401	4898	142.250.74.131
fonts.gstatic.com (6)	unknown	2014-09-09T02:40:21Z	2023-03-14T08:49:03Z	3055	309626	142.250.74.35
r3.o.lencr.org (7)	344	2020-12-02T09:52:13Z	2023-03-14T05:09:04Z	2366	6209	95.101.11.115
thegamegolfmagazine.com (1)	unknown	2022-11-19T04:23:24Z	2023-02-23T19:40:15Z	355	316	81.169.145.88
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-14T05:09:37Z	333	391	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-14T05:09:38Z	606	127	35.165.41.15
translate.google.com (2)	1156	2012-05-30T03:30:32Z	2023-03-14T05:28:30Z	729	1178	216.58.211.14
translate.googleapis.com (1)	1005	2012-05-31T09:21:21Z	2023-03-14T08:50:07Z	483	76590	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-23	medium	thegamegolfmagazine.com/	Malware
2023-02-23	medium	thegame.golf/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.11	Phishing
2023-02-23	medium	thegame.golf/wp-content/uploads/wtfdivi/wp_head.css?ver=1600169666	Phishing
2023-02-23	medium	thegame.golf/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5.11	Phishing
2023-02-23	medium	thegame.golf/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.1	Phishing
2023-02-23	medium	thegame.golf/wp-content/plugins/css-hero-animator/assets/lib/animations.css?ver=5.5.11	Phishing
2023-02-23	medium	thegame.golf/wp-content/et-cache/50/et-divi-dynamic-50.css?ver=1676602516	Phishing
2023-02-23	medium	thegame.golf/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff	Phishing
2023-02-23	medium	thegame.golf/	Phishing
2023-02-23	medium	thegame.golf/wp-content/plugins/divi-booster/core/icons/socicon/style.css?ver=3.7.1	Phishing
2023-02-23	medium	thegame.golf/wp-content/plugins/css-hero-animator/assets/animator-applier.js?ver=1.0.0	Phishing
2023-02-23	medium	thegame.golf/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.20.0	Phishing
2023-02-23	medium	thegame.golf/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.20.0	Phishing
2023-02-23	medium	thegame.golf/wp-content/plugins/divi-toolbox/assets/js/toolbox-scripts.js?ver=1.6.6	Phishing
2023-02-23	medium	thegame.golf/wp-content/uploads/wtfdivi/wp_footer.js?ver=1600169666	Phishing
2023-02-23	medium	thegame.golf/wp-includes/js/wp-embed.min.js?ver=5.5.11	Phishing
2023-02-23	medium	thegame.golf/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (72)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

bbe5e8dc913bdcab76f9fe8851ea2e77

9215fadd003873382ed2a4ace79ba337adadd692

e6094932dd4de52ea6360bdfbe8bb15951ebd76255766eee627c5de6f83fcea8

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6094932DD4DE52EA6360BDFBE8BB15951EBD76255766EEE627C5DE6F83FCEA8"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13684
Expires: Thu, 23 Feb 2023 23:13:31 GMT
Date: Thu, 23 Feb 2023 19:25:27 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6f313739c4c44174fc9a97ac63621b46

319da68d06694330ad9f7901bcde1ca0a6eeac0d

321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12916
Expires: Thu, 23 Feb 2023 23:00:43 GMT
Date: Thu, 23 Feb 2023 19:25:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

7f03faaba3392caae6dae54467bfdf6d

57ea1f14e8bfbcca8190c706d708c9fda12442c1

02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 18:53:56 GMT
content-type: application/json
age: 1891
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

d4569ebd95f766b8f22ed69d69334c37

a7fcd3f640877885077a4126708968d7e1e0d252

e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10402
Expires: Thu, 23 Feb 2023 22:18:49 GMT
Date: Thu, 23 Feb 2023 19:25:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

b5ba6334e73496995e3e3a9ecd0eb323

ad80d3b7718c28364e8c2004fb38a13a1747e462

aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: qWwI8evGHsI/PzJIxXBdFtPga5D5XU6s2uhM+RfdYGPQtfW4fYKqxbdhN6en4ngKsAnp67kXUL4=
x-amz-request-id: F40WPN8GNDT54ED7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 18:49:11 GMT
age: 2176
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

thegamegolfmagazine.com/

81.169.145.88

301 Moved Permanently

URL HTTP/1.1

thegamegolfmagazine.com/
IP

81.169.145.88:0
ASN

#6724 Strato AG

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET / HTTP/1.1
Host: thegamegolfmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Feb 2023 19:25:27 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.3.33
X-Redirect-By: WordPress
Vary: User-Agent
Location: http://thegame.golf/
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 19:25:27 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 19:20:35 GMT
age: 293
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5fa728a339ca32e616d483e61d0aebcd

6a63966de94d16390c8f1e47e5b67fe5bb67f7cd

7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14632
Expires: Thu, 23 Feb 2023 23:29:20 GMT
Date: Thu, 23 Feb 2023 19:25:28 GMT
Connection: keep-alive

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

35.165.41.15:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mP6PSg8MlvbIQYANDRhXcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S8qO+2OwwcJHLy5jwoSRW4viP58=

thegame.golf/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.5.11

81.169.145.105

200 OK

693

URL HTTP/1.1

thegame.golf/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.5.11
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text

Size

693
Hash

9b0f26cf8d22d4e9455f67b21c2f9759

f0240a4411d4a2eb073c574d37618e503392b76e

226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

HTTP Headers

                                        GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.5.11 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 18 Jan 2022 07:25:55 GMT
ETag: "2b5-5d5d62e0e9a35"
Accept-Ranges: bytes
Content-Length: 693
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css

thegame.golf/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.11

81.169.145.105

200 OK

2218

URL HTTP/1.1

thegame.golf/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.11
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text, with very long lines (2218), with no line terminators

Size

2218
Hash

9bd313fbce9688ed85c407ad4d0a7c13

e1253db86329a7d257b2f653b288b425992a284d

5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.5.11 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 15 Sep 2020 10:40:22 GMT
ETag: "8aa-5af57c72cc630"
Accept-Ranges: bytes
Content-Length: 2218
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css

thegame.golf/wp-content/uploads/wtfdivi/wp_head.css?ver=1600169666

81.169.145.105

200 OK

157

URL HTTP/1.1

thegame.golf/wp-content/uploads/wtfdivi/wp_head.css?ver=1600169666
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text, with no line terminators

Size

157
Hash

451ed18988d6bfc5b6a25fab685e8057

d43ed1f2876179142b5167853cbf3d97f8b41d02

5fb52a47ea09d500c4b345dd59a8b9bc5b99baca29359edefebb758f9dfebced

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wp-content/uploads/wtfdivi/wp_head.css?ver=1600169666 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 18 Jan 2022 07:24:39 GMT
ETag: "9d-5d5d6297f0b5b"
Accept-Ranges: bytes
Content-Length: 157
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css

thegame.golf/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5.11

81.169.145.105

200 OK

5269

URL HTTP/1.1

thegame.golf/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5.11
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text, with very long lines (5269), with no line terminators

Size

5269
Hash

5b39081e7e2e834836f29b8d4668dea0

573445d85bb8defbce1e486e61f39f916522c8ea

840711eaa754b000831567752cc1f5e460bd0f0097be8cb273230834a1a3a7a2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5.11 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 18 Jan 2022 07:24:17 GMT
ETag: "1495-5d5d6282a4113"
Accept-Ranges: bytes
Content-Length: 5269
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css

thegame.golf/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.1

81.169.145.105

200 OK

8371

URL HTTP/1.1

thegame.golf/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.1
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text, with very long lines (8371), with no line terminators

Size

8371
Hash

d6a70c5dda136be5127280013af4e657

14596ff8bee14a1ece169a70122c304d76fbfefa

53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.1 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 18 Jan 2022 07:24:17 GMT
ETag: "20b3-5d5d6282c96dc"
Accept-Ranges: bytes
Content-Length: 8371
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: application/javascript

thegame.golf/wp-content/plugins/css-hero-animator/assets/lib/animations.css?ver=5.5.11

81.169.145.105

200 OK

40085

URL HTTP/1.1

thegame.golf/wp-content/plugins/css-hero-animator/assets/lib/animations.css?ver=5.5.11
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text

Size

40085
Hash

f0731558bb3e5f5aeebcd1176f6b2607

1cc53b0e62c5d340e57259e93ecb44234da13412

b6fa59e08dc4392f928b5984991f12de837709ff0d971525cabc79dfa4687b54

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wp-content/plugins/css-hero-animator/assets/lib/animations.css?ver=5.5.11 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 15 Sep 2020 11:01:01 GMT
ETag: "9c95-5af58110897ca"
Accept-Ranges: bytes
Content-Length: 40085
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css

thegame.golf/wp-content/et-cache/50/et-core-unified-deferred-50.min.css?ver=1676602518

81.169.145.105

200 OK

18405

URL HTTP/1.1

thegame.golf/wp-content/et-cache/50/et-core-unified-deferred-50.min.css?ver=1676602518
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text, with very long lines (18405), with no line terminators

Size

18405
Hash

a9515c50546c2526b48ce6e50a90b208

e88ea5ecdf1e9f7b81c4c730b4be340e8eaaf255

3f9deec0e879d8477b2e1c1bd396397860eca8dfc845eb256fb0ed21a247b34f

HTTP Headers

                                        GET /wp-content/et-cache/50/et-core-unified-deferred-50.min.css?ver=1676602518 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Fri, 17 Feb 2023 02:55:18 GMT
ETag: "47e5-5f4dc71899133"
Accept-Ranges: bytes
Content-Length: 18405
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/css

thegame.golf/wp-content/et-cache/50/et-divi-dynamic-50.css?ver=1676602516

81.169.145.105

200 OK

138387

URL HTTP/1.1

thegame.golf/wp-content/et-cache/50/et-divi-dynamic-50.css?ver=1676602516
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

ASCII text, with very long lines (32965)

Size

138387
Hash

7dd326084477ed61e2cbb076b8aad14b

03adee91e96466cf4efd7fb9e702eee93878a3c5

9a88916555b3e9e6fba90ffc67e649e4b3d7af34fca4e623e3f7cbd6298cae6b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wp-content/et-cache/50/et-divi-dynamic-50.css?ver=1676602516 HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Fri, 17 Feb 2023 02:55:16 GMT
ETag: "21c93-5f4dc7171a7f8"
Accept-Ranges: bytes
Content-Length: 138387
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

fe121133a6eaf8645743a14717612cd5

b9276c474ba3e40e5cc2921accb452bb7b11ecb2

4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15662
Expires: Thu, 23 Feb 2023 23:46:31 GMT
Date: Thu, 23 Feb 2023 19:25:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

fe121133a6eaf8645743a14717612cd5

b9276c474ba3e40e5cc2921accb452bb7b11ecb2

4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15662
Expires: Thu, 23 Feb 2023 23:46:31 GMT
Date: Thu, 23 Feb 2023 19:25:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

95.101.11.115:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

fe121133a6eaf8645743a14717612cd5

b9276c474ba3e40e5cc2921accb452bb7b11ecb2

4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15662
Expires: Thu, 23 Feb 2023 23:46:31 GMT
Date: Thu, 23 Feb 2023 19:25:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg

34.120.237.76

200 OK

5823

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5823
Hash

fbf1945668d4a8c35e68f8d60fd80f56

0553020a82f7a6245a2979d58e1765883a777893

4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p6v-ksQmtagKBT2hXXL7AVGvhSCwy8wUoi4dWRJPDaSsT7BvBxh4fw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 03:02:20 GMT
age: 58989
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6643

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

6643
Hash

9a6c075bf39141bbc7826d6969cf2ac8

8a3f71fea281d57261814a858c94fd11f083b9fe

dbd5fd07729dd569dd87128ba167ccccb2fa1c8e73f3eb6d64ac1c37f8294db7

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 6643
x-amzn-requestid: 326ed8fb-b228-4546-adf3-a188ce799089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArXwJG4OoAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46ccd-74c2a8741928ad99733db89f;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:03:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gu_G39ZXNYgyloJITQfAYavWjzrcB_sPNNOROrgBJW3BZtCVLpbxSQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:02:10 GMT
age: 51799
etag: "8a3f71fea281d57261814a858c94fd11f083b9fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7734

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

7734
Hash

e7cd1e9feb9abc7f7d7f0d5fc7b181f0

cf3ce1808c48e1a86910e16731a044f6cb26275d

426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wrkzZEinm7SD60TVf2-zwKUiJx0nfe6iwy2hLIO_1ia3OPlk21fsMg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:42:20 GMT
age: 78189
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6014

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

6014
Hash

8c6732b7444870a5b22ebce5df2c278b

bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605

6232d37914485ffd42f7e5932c36a9ff49bdd42bb8a13837cc9c054d86ccdc78

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 6014
x-amzn-requestid: bd27a21d-c09d-4d37-ba2d-72144fc7dd53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aw9JeGqvoAMFkhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f6a8a2-4940a8d470c04d9b2ce70b12;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 23:43:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qb9klr3RdNqiiu9QulerHB84G6zpnon_xHZx8kJwq7PVqWxyPAz8vw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:39:13 GMT
age: 49576
etag: "bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9721

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9721
Hash

e4016fa20fa2642f89d375fcc2855d4b

f1733be34a214e9565208f814dd3990f89cafbcb

74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 78074
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9686

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9686
Hash

cc56e7499a3e9db178e91df024e668f0

9cc85c16fd4a9d10df5db5ddfc54b0d88999f317

25ffc87e2be6e0dc9ac208aafbefa99bb4c1d6476c1447056b83d462cd182df2

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: f12fd84d-1be7-4b80-842c-e2111aa80806
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArYFqFzaoAMF2hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46d57-5a17eba635156fc35184ff0d;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y_b4w77w0mMq2Bzf0p7Ns-2vLEY7A0InmEcu9RxxpmHzJ3QdYLHypg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 07:42:53 GMT
age: 42156
etag: "9cc85c16fd4a9d10df5db5ddfc54b0d88999f317"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

thegame.golf/wp-content/uploads/2020/09/the-game-logo-klein.png

81.169.145.105

200 OK

5934

URL HTTP/1.1

thegame.golf/wp-content/uploads/2020/09/the-game-logo-klein.png
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

PNG image data, 500 x 99, 8-bit/color RGBA, non-interlaced\012- data

Size

5934
Hash

7f10f77672fd50ebc4b0e43e796f9b2d

8bf02c5ee60331eff61835b3139f42583c433a5b

83ca2bff095ea02c31a2f85aabae53e3d6065252c35d589aa068a116b9371ea4

HTTP Headers

                                        GET /wp-content/uploads/2020/09/the-game-logo-klein.png HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:30 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 15 Sep 2020 11:22:25 GMT
ETag: "172e-5af585d9b21b3"
Accept-Ranges: bytes
Content-Length: 5934
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

18880e1808370080e86c124fc0f15477

cee3e545df43115cf8bc5b560e2c25b529219c16

8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 19:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

18880e1808370080e86c124fc0f15477

cee3e545df43115cf8bc5b560e2c25b529219c16

8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 19:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4i.woff2

142.250.74.35

200 OK

56336

URL HTTP/2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4i.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 56336, version 1.0\012- data

Size

56336
Hash

ef3ace47eb239b775be05de1de1af268

988135ecaacc456e803d9609b28e5e68c4d694d9

0240d31750dece0d5a709e6eb5cbfded2f15b37b5a4d752c3c636cdd03bd12f8

HTTP Headers

                                        GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4i.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thegame.golf
Connection: keep-alive
Referer: http://thegame.golf/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 56336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 02:07:19 GMT
expires: Sat, 17 Feb 2024 02:07:19 GMT
cache-control: public, max-age=31536000
age: 580691
last-modified: Mon, 15 Aug 2022 18:12:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2

142.250.74.35

200 OK

56348

URL HTTP/2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 56348, version 1.0\012- data

Size

56348
Hash

441a81103fda7f9c3b41cffd77d8c65c

3a2d883b3fc09a347376088e206f5e0fd17aab72

52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729

HTTP Headers

                                        GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thegame.golf
Connection: keep-alive
Referer: http://thegame.golf/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 56348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 17:30:43 GMT
expires: Fri, 23 Feb 2024 17:30:43 GMT
cache-control: public, max-age=31536000
age: 6887
last-modified: Mon, 15 Aug 2022 18:12:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

18880e1808370080e86c124fc0f15477

cee3e545df43115cf8bc5b560e2c25b529219c16

8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 19:25:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

thegame.golf/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

81.169.145.105

200 OK

92476

URL HTTP/1.1

thegame.golf/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

Web Open Font Format, TrueType, length 92476, version 2.4\012- data

Size

92476
Hash

7d04c782e3ec7b655cb15e50245c4c49

6ac6c03ebcebc29f36f09525ae9564f12240776d

88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:30 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Thu, 16 Feb 2023 23:37:13 GMT
ETag: "1693c-5f4d9ad26a776"
Accept-Ranges: bytes
Content-Length: 92476
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive

thegame.golf/

81.169.145.105

200 OK

189439

URL HTTP/1.1

thegame.golf/
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26337)

Size

189439
Hash

1153e3964bc4440fc8e07772748187fe

ccae8b54138258418d039391e62b5c2a83fd15b1

18cf6408fb1da1af2b1e8f4044e12e9e366a7588c7af09354790795cb6c39b52

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET / HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:27 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.3.33
Link: <http://thegame.golf/wp-json/>; rel="https://api.w.org/", <http://thegame.golf/wp-json/wp/v2/pages/50>; rel="alternate"; type="application/json", <http://thegame.golf/>; rel=shortlink
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

216.58.211.14

301 Moved Permanently

URL HTTP/1.1

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP

216.58.211.14:0
ASN

#15169 GOOGLE

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 23 Feb 2023 19:25:30 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

thegame.golf/wp-content/plugins/gtranslate/flags/24/de.png

81.169.145.105

200 OK

602

URL HTTP/1.1

thegame.golf/wp-content/plugins/gtranslate/flags/24/de.png
IP

81.169.145.105:0
ASN

#6724 Strato AG

Magic

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data

Size

602
Hash

8a2ba86f3b7de7562445967e2c21843b

3046cd0b51721f180c2dc75513fd4bfd316b45b5

cc318f3be9ba75def2af54bd9d0fab4f3e316517de9bf138e40dee06d332602d

HTTP Headers

                                        GET /wp-content/plugins/gtranslate/flags/24/de.png HTTP/1.1
Host: thegame.golf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thegame.golf/

                                        HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 19:25:30 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Tue, 18 Jan 2022 07:25:54 GMT
ETag: "25a-5d5d62df0734c"
Accept-Ranges: bytes
Content-Length: 602
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr70w7.woff2

142.250.74.35

200 OK

40180

URL HTTP/2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr70w7.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 40180, version 1.0\012- data

Size

40180
Hash

10ccdd473af5e05024c5fc4c4cd845c2

7d9e28610e7396a74d8a007f367751e00283f840

090d9975a3b30d62ac5212e1db05f412894418c25b56606046f700027837c5bf

HTTP Headers

                                        GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr70w7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thegame.golf
Connection: keep-alive
Referer: http://thegame.golf/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40180
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 09:57:54 GMT
expires: Sat, 17 Feb 2024 09:57:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:55:30 GMT
content-type: font/woff2
age: 552456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2

142.250.74.35

200 OK

40236

URL HTTP/2

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 40236, version 1.0\012- data

Size

40236
Hash

5c283c768487bbacab2a3e33e3e39e3c

e4233b9d0137355f9522d7c5bf99d9c688617c6b

356e58889a7cf422acc2c715a26996890c929b9b3b8a0e124a9cf4a795734732

HTTP Headers

                                        GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thegame.golf
Connection: keep-alive
Referer: http://thegame.golf/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 17:29:25 GMT
expires: Fri, 23 Feb 2024 17:29:25 GMT
cache-control: public, max-age=31536000
age: 6965
last-modified: Mon, 11 Jul 2022 19:01:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2

142.250.74.35

200 OK

54576

URL HTTP/2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 54576, version 1.0\012- data

Size

54576
Hash

85cb2c73cbeffb7cb359827c68b20e91

a89fb47d4a581c6e2e3cc622f3410d0d9fe9d6a4

bba8d203d019c6f11367d6279cdeb0efbc5895b75dfa68a008686d22194e8d67

HTTP Headers

                                        GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thegame.golf
Connection: keep-alive
Referer: http://thegame.golf/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 54576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 02:01:49 GMT
expires: Thu, 22 Feb 2024 02:01:49 GMT
cache-control: public, max-age=31536000
age: 149021
last-modified: Mon, 15 Aug 2022 18:16:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

#1 JS:Script (size: 80076)

#2 JS:Script (size: 9318)

#3 JS:Script (size: 274266)

#4 JS:Script (size: 34278)

#5 JS:Script (size: 1174)

#6 JS:Script (size: 16550)

#7 JS:Script (size: 451)

#8 JS:Script (size: 180)

#9 JS:Script (size: 1426)

#10 JS:Script (size: 8371)

#11 JS:Script (size: 1459)

#12 JS:Script (size: 47)

#13 JS:Script (size: 17217)

#14 JS:Script (size: 991)

#15 JS:Script (size: 3349)

#16 JS:Script (size: 1343)

#17 JS:Script (size: 739)

#18 JS:Script (size: 5)

#19 JS:Script (size: 272)

#20 JS:Script (size: 0)

#21 JS:Script (size: 22)

#22 JS:Script (size: 213446)

#23 JS:Script (size: 151)

#24 JS:Script (size: 1968)

#25 JS:Script (size: 869)

#26 JS:Script (size: 7960)

#27 JS:Script (size: 138)

#28 JS:Script (size: 1682)

HTTP Transactions (72)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash