skymavis.help Open in urlscan Pro
2606:4700:3037::6815:3fc9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://skymavis.help/abuse
Effective URL:
https://skymavis.help/abuse/
Submission Tags: 7320590
Submission: On October 14 via api (October 14th 2021, 10:04:45 pm UTC) from NL — Scanned from DE

Summary HTTP 19 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3037::6815:3fc9, located in United States and belongs to CLOUDFLARENET, US. The main domain is skymavis.help.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 14th 2021. Valid for: a year.

This is the only time skymavis.help was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2 15	2606:4700:303... 2606:4700:3037::6815:3fc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
19	4

15 2606:4700:3037::6815:3fc9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

skymavis.help	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	skymavis.help 2 redirects skymavis.help	404 KB
3	gstatic.com fonts.gstatic.com	24 KB
1	google-analytics.com www.google-analytics.com	367 B
0	Failed function sub() { [native code] }. Failed
0	skymavis.com Failed skymavis.com Failed
19	5

	Domain	Requested by
15	skymavis.help	2 redirects skymavis.help
3	fonts.gstatic.com	skymavis.help
1	www.google-analytics.com	skymavis.help
0	fnjhmkhhmkbjkkabndcnnogagogbneec Failed	skymavis.help
0	skymavis.com Failed	skymavis.help
19	5

This site contains links to these domains. Also see Links.

Domain
apply.workable.com
axieinfenity.com
marketplace.axieinfinity.com
axieinfinity.com
skymavis.com
explorer.roninchain.com
axie.substack.com
cdn.axieinfinity.com
discord.gg
twitter.com
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-14` - `2022-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://skymavis.help/abuse/
Frame ID: 05ED69D4D4B149E5664D91A5B3C0CFCB
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sky Mavis

Page URL History Show full URLs

http://skymavis.help/abuse HTTP 301
https://skymavis.help/abuse HTTP 301
https://skymavis.help/abuse/ Page URL

Detected technologies

Svelte (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+class=\"[^\"]+\ssvelte-[\w]*\"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

19
Requests

89 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

428 kB
Transfer

475 kB
Size

2
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://apply.workable.com/sky-mavis/
Title: Careers

Search URL Search Domain Scan URL

URL: https://axieinfenity.com/axie.php
Title: Axie Infinity

Search URL Search Domain Scan URL

URL: https://marketplace.axieinfinity.com/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://axieinfinity.com/?download=true
Title: Hub

Search URL Search Domain Scan URL

URL: https://skymavis.com/wallet
Title: Wallet

Search URL Search Domain Scan URL

URL: https://explorer.roninchain.com/
Title: Ronin

Search URL Search Domain Scan URL

URL: https://skymavis.com/team
Title: Team

Search URL Search Domain Scan URL

URL: https://axie.substack.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://cdn.axieinfinity.com/skymavis/terms-of-use.pdf
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://discord.gg/axie

Search URL Search Domain Scan URL

URL: https://twitter.com/SkyMavisHQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/skymavis/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SkyMavisHQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://skymavis.help/abuse HTTP 301
https://skymavis.help/abuse HTTP 301
https://skymavis.help/abuse/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
skymavis.help/abuse/
Redirect Chain

http://skymavis.help/abuse
https://skymavis.help/abuse
https://skymavis.help/abuse/

14 KB
5 KB

63ms
62ms

Document
text/html

2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2bae1122ec07a7795ecb7a24ae570d03d6c69f4503accf603d90ebdc5166e09

Request headers

:method: GET
:authority: skymavis.help
:scheme: https
:path: /abuse/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
content-type: text/html
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C99Kn4dB2VoVVt808BIBE%2BevggXF5E6lnRIrTipnMm%2FIxjY964QdLn%2BX9o9AvIQkr%2BKU3DnHgnbwKHT79nEULL6WVjEAxDIIxVlbq%2BjRbqe73ayJQWEt7AVxOZ5ApIO7l3PpFVZp1bIUaa0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e41ad2ad69c290-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 14 Oct 2021 22:04:40 GMT
content-type: text/html
location: https://skymavis.help/abuse/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgOBD0%2F180MLeZiF%2BakwOZ17MtvmyFiQ89z3mcnnqaREWQSRsO0hIK9AzzS2OeaoMsCk%2BhRKqBE5w0PVD0b3HqooP9vtjU1qX%2FeEcTawqWuEfuEx4DbaKDKZ5g%2F01sEivZceK%2BboIBzLMiKg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e41ad1ecc9c290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET vendor.27e4ff72.js
skymavis.com/static/ 0
0

GET in-page.js
fnjhmkhhmkbjkkabndcnnogagogbneec/ 0
0

GET
H2 200 js Show response
skymavis.help/abuse/Sky%20Mavis_files/ 125 KB
125 KB 54ms
53ms Script
text/plain 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skymavis.help/abuse/Sky%20Mavis_files/js
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b77417cc1669fbd30fb28479431a55d8d493a2d6ab44d469590d389d5a20f98

Request headers

:path: /abuse/Sky%20Mavis_files/js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBVMv70iJaBGxPnHg1q9tp3prikag9n%2BHsvQOyld196MCNb%2BC7ttk3M8wI0Sk8wTIKVyiY%2BH5NJgtw0dunlvC4ryLhTVHoUME%2BNi18BeySomjqnIE5l0gUUjR2YfbZWec6XA2dCT29%2B94VHu"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
accept-ranges: bytes
cf-ray: 69e41ad32debc290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 127721

GET
H2 200 index.7c75d6f1.js.download Show response
skymavis.help/abuse/Sky%20Mavis_files/ 197 KB
198 KB 104ms
102ms Script
application/octet-stream 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skymavis.help/abuse/Sky%20Mavis_files/index.7c75d6f1.js.download
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6351060c60fcae80b903f3b8b0e64b3e2af001e330c32d7642019e8c256bb37

Request headers

:path: /abuse/Sky%20Mavis_files/index.7c75d6f1.js.download
pragma: no-cache
origin: https://skymavis.help
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://skymavis.help/abuse/
Origin: https://skymavis.help
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP%2BTe5jROOI1U7cpK0BTKMs2yevgapiSfKjQSAuNTOJz9wZJ4aaCbZvXbRHcIcA%2FZMOb9QG7EZKF%2FJcv8DCRuGrpP93Z0Jpv%2BQwz6MqHXVAksvDrPi91u5N2tC4Kq0Bl2RYJMPsQ680hcRUi"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 69e41ad32dedc290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 201796

GET
H2 200 index.7154b532.css
skymavis.help/abuse/Sky%20Mavis_files/ 46 KB
7 KB 99ms
97ms Stylesheet
text/css 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skymavis.help/abuse/Sky%20Mavis_files/index.7154b532.css
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4920249a8aba5d27f4452de8d6eef0fb0a6dac53e108858e2f4d30b05cc3a09

Request headers

:path: /abuse/Sky%20Mavis_files/index.7154b532.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk9cnRmaifg5lL5YuUhWGQDoPFGtYkxOnrDrIKwz0gBfN3HJPYtjaAzD787HgYcP%2BpP%2BGMaXJGSskRpFRyv4mee522SN%2Bz68pau%2FkDbazHDhsdjoItbGcfjEoEm%2F4LEEwvQs1LN8Ds%2F0jrfK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e41ad32decc290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 22:04:40 GMT

GET
H2 200 css2
skymavis.help/abuse/Sky%20Mavis_files/ 3 KB
3 KB 100ms
98ms Stylesheet
text/plain 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skymavis.help/abuse/Sky%20Mavis_files/css2
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96f14d26d27905f9f1245ec64ebc913e7dee124e6c8cb2d0565479a5402af4a0

Request headers

:path: /abuse/Sky%20Mavis_files/css2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wi6IOl4wo6xJ07qNB%2BpD%2FmadhmECiFzcBfmCpCpIPjOgLcypjJ5JNAf%2Foe10rWKL5AMhS3WnxeDcXc0CXHY%2BPcRlRfezCJCr%2F0Z4XLDKXOGIsOhuxFQ4%2BCpFN06cbUJsagNGpC%2BvDgDsOzQp"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
accept-ranges: bytes
cf-ray: 69e41ad32defc290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3231

GET
H2 200 css2(1)
skymavis.help/abuse/Sky%20Mavis_files/ 4 KB
5 KB 100ms
99ms Stylesheet
text/plain 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skymavis.help/abuse/Sky%20Mavis_files/css2(1)
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07d44cebf5fe3f3306bf0ba2296ebadd1e160d741b18cf449e70c4f5752d880

Request headers

:path: /abuse/Sky%20Mavis_files/css2(1)
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0jIhAE9etLDU3%2B%2B1sOloNyebsJiuA9a2yQqiPL%2BivKFu9RygJ5lWnBbLZ%2Fxc6x1OR3cNuwjDxpHSxiYad6lC2EdExhHuSt76zNGmJB2s5%2BvMnvPIdytLpTRrYy0KIgdfzUMT2Hkd4sKOkU5"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
accept-ranges: bytes
cf-ray: 69e41ad32df0c290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4504

GET
H2 200 logo.45ea2de6.svg
skymavis.help/abuse/Sky%20Mavis_files/ 4 KB
2 KB 100ms
99ms Image
image/svg+xml 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skymavis.help/abuse/Sky%20Mavis_files/logo.45ea2de6.svg
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3316434a9ff13aad4d84c101e4977c9dd937e362cddecde4bcbbce6d2c43b1c0

Request headers

:path: /abuse/Sky%20Mavis_files/logo.45ea2de6.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIF9n%2BKtFPCpc0WCuE4%2BsdBmPwHGtMppsUVMmueHJInvSk%2Bl3WVm%2B6TdaHA9MOydl%2FMbvC7pGYZvbxQD%2BerrKY5CPtHagAO9PNXt9yTjUdJUzD1r632Q2pXEic31aPQ0pmMkors7h7RJS7pn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e41ad32df2c290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 22:04:40 GMT

GET
H2 200 2.jpg
skymavis.help/abuse/ 19 KB
19 KB 140ms
139ms Image
image/jpeg 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skymavis.help/abuse/2.jpg
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdec629f2b00e2148b45e77a97884b7704958d40a53b88bff08a532b8b9e480a

Request headers

:path: /abuse/2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7AAR%2Fpl02tlNC32R0e4hTx6Bf06C9RmQMfaIPFM%2FmBLG0yv%2BaBCo7sBrF4NF%2Bwq8I4maDIz9HkURdgK%2B202%2B6ODSYHxytdoYO53je%2FzSLsWy%2FKhfetb67P073ZemOLcC%2FLuNVQu0ZLxiGsO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69e41ad32df3c290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18976
expires: Thu, 21 Oct 2021 22:04:40 GMT

GET
H2 200 1.jpg
skymavis.help/abuse/ 13 KB
13 KB 105ms
104ms Image
image/jpeg 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skymavis.help/abuse/1.jpg
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8031ccdd11137f919a9d9f53a8af6d66ac92d953daa939d0aaea346b62fa6f45

Request headers

:path: /abuse/1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB82H2HFsUr%2FRTU7OQ5jNQiBePNC%2BvNhqdsmnZA8O4m629JqCmkSdKjNwiFYo%2BTNIWy03qUlMNxFA%2BKIU5GwfC%2BKY43K%2FBPkU1xUO9wlLjQN8sNlrcqjmr4XX9EUa%2FdnhVcx54m2P02WZKN%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69e41ad32df4c290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12998
expires: Thu, 21 Oct 2021 22:04:40 GMT

GET
H2 200 7.jpg
skymavis.help/abuse/ 9 KB
10 KB 104ms
103ms Image
image/jpeg 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skymavis.help/abuse/7.jpg
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a29151d6a76c5fe42013fc80518d0cc0514ec2e2c6ed498fb0b1d7cbd60fb0

Request headers

:path: /abuse/7.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2J2Wwr3H9Q7M9dvIueqrss%2B65m%2BzJemcDSK%2FqAIqbZWkyhV5HJikBGNBCt8CasTgWSy2eQDY6LrxiFuwQ18Ld04vqf%2F7XhncLHTm2YX%2FxVh11FDPKwltcinsVkJrw8FnvvvWDC3S58zH8p6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69e41ad32df6c290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9680
expires: Thu, 21 Oct 2021 22:04:40 GMT

GET
H2 200 9.jpg
skymavis.help/abuse/ 13 KB
13 KB 138ms
138ms Image
image/jpeg 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skymavis.help/abuse/9.jpg
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f4a4c521b4e8097ab265c05d0fc63c7b46a7016bb354f31c92d1f0cdc2f2844

Request headers

:path: /abuse/9.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYov8v9C0TIoCp1JyHSHyJsjCczqSDetOxaiESNqofk4R718K03JuBC2G%2BFoT5qDKmpE9mSJmGt8B2wHE6tpnwuO3KEdAovsc2bZKahhf7EKniR5Aq22ffEtVNP8ZOEM4r1vH0ljQMJC0VQU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69e41ad32df7c290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13158
expires: Thu, 21 Oct 2021 22:04:40 GMT

GET
H2 200 logo-white.e4c7668f.svg
skymavis.help/abuse/Sky%20Mavis_files/ 4 KB
2 KB 110ms
110ms Image
image/svg+xml 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skymavis.help/abuse/Sky%20Mavis_files/logo-white.e4c7668f.svg
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 632816475c0658eafdfb1abc945d940a0e59357cbb458fc45149f815a1b3ffa5

Request headers

:path: /abuse/Sky%20Mavis_files/logo-white.e4c7668f.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: skymavis.help
referer: https://skymavis.help/abuse/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Oct 2021 10:50:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGPSCgFbqNmMa4F6J3h6rhXLyr%2FGvxhKDEdP4xmJrLJeoWzoJDLxbsSYkPaIO7jWJzFAZSU6TgBP7u5rImEjCw4VOZAbhUqDIXqxubpTlhMlmCkjBWYPqSscohUd3ErtyzkbNAfAjq8UskeK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e41ad33dfbc290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 22:04:40 GMT

GET
H2 404 value-background.ff53f2e5.png
skymavis.help/static/ 1 KB
1 KB 98ms
98ms Image
text/html 2606:4700:3037::6815:3fc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skymavis.help/static/value-background.ff53f2e5.png
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/Sky%20Mavis_files/index.7154b532.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3fc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ae87de577266b813f7a6aee87e23149e2f8c6b8963e4bc7b079858d270c0696

Request headers

:path: /static/value-background.ff53f2e5.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: skymavis.help
referer: https://skymavis.help/abuse/Sky%20Mavis_files/index.7154b532.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://skymavis.help/abuse/Sky%20Mavis_files/index.7154b532.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 22:04:41 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fC2JvssxXqaA0RBrHl6S55BxHvMkufWuykHXO%2Fw9B3nyhq1k3L6ShEdFobj7%2FpblfmPVuwtJkeiByS%2FGQiYbDEvI%2BCtV%2FtBx1ySNRPPwO7fFHbXlZJlH8GflCx9zkutCMSnL%2Fe%2Fl%2B%2FMe1H2x"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 69e41ad3de8bc290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 53ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: skymavis.help
URL: https://skymavis.help/abuse/Sky%20Mavis_files/css2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skymavis.help/
Origin: https://skymavis.help
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:36:03 GMT
x-content-type-options: nosniff
age: 152917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 03:36:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 67ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: skymavis.help
URL: https://skymavis.help/abuse/Sky%20Mavis_files/css2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skymavis.help/
Origin: https://skymavis.help
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:52:51 GMT
x-content-type-options: nosniff
age: 151909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 03:52:51 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 64ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: skymavis.help
URL: https://skymavis.help/abuse/Sky%20Mavis_files/css2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skymavis.help/
Origin: https://skymavis.help
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:59:01 GMT
x-content-type-options: nosniff
age: 284739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:59:01 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
367 B 63ms
22ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4W5DYHM0BL&gtm=2oe9r0&_p=1045547664&sr=1600x1200&ul=en-us&cid=329610895.1634249081&_s=1&dl=https%3A%2F%2Fskymavis.help%2Fabuse%2F&dt=Sky%20Mavis&sid=1634249081&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: skymavis.help
URL: https://skymavis.help/abuse/Sky%20Mavis_files/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://skymavis.help/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 22:04:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skymavis.help
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: skymavis.com
URL: https://skymavis.com/static/vendor.27e4ff72.js

Domain: fnjhmkhhmkbjkkabndcnnogagogbneec
URL: chrome-extension://fnjhmkhhmkbjkkabndcnnogagogbneec/in-page.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.skymavis.help/	1970-01-20 15:28:41	Name: _ga_4W5DYHM0BL Value: GS1.1.1634249081.1.0.1634249081.0
			.skymavis.help/	1970-01-20 15:28:41	Name: _ga Value: GA1.1.329610895.1634249081

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://fnjhmkhhmkbjkkabndcnnogagogbneec/in-page.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
javascript	error	URL: https://skymavis.help/abuse/ Message: Access to script at 'https://skymavis.com/static/vendor.27e4ff72.js' from origin 'https://skymavis.help' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://skymavis.com/static/vendor.27e4ff72.js Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://skymavis.help/static/value-background.ff53f2e5.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://skymavis.help/abuse/Sky%20Mavis_files/index.7c75d6f1.js.download Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "application/octet-stream". Strict MIME type checking is enforced for module scripts per HTML spec.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fnjhmkhhmkbjkkabndcnnogagogbneec
fonts.gstatic.com
skymavis.com
skymavis.help
www.google-analytics.com
fnjhmkhhmkbjkkabndcnnogagogbneec
skymavis.com
2606:4700:3037::6815:3fc9
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2003
0ae87de577266b813f7a6aee87e23149e2f8c6b8963e4bc7b079858d270c0696
3316434a9ff13aad4d84c101e4977c9dd937e362cddecde4bcbbce6d2c43b1c0
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
5f4a4c521b4e8097ab265c05d0fc63c7b46a7016bb354f31c92d1f0cdc2f2844
632816475c0658eafdfb1abc945d940a0e59357cbb458fc45149f815a1b3ffa5
7b77417cc1669fbd30fb28479431a55d8d493a2d6ab44d469590d389d5a20f98
8031ccdd11137f919a9d9f53a8af6d66ac92d953daa939d0aaea346b62fa6f45
96f14d26d27905f9f1245ec64ebc913e7dee124e6c8cb2d0565479a5402af4a0
a2bae1122ec07a7795ecb7a24ae570d03d6c69f4503accf603d90ebdc5166e09
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c07d44cebf5fe3f3306bf0ba2296ebadd1e160d741b18cf449e70c4f5752d880
c3a29151d6a76c5fe42013fc80518d0cc0514ec2e2c6ed498fb0b1d7cbd60fb0
c4920249a8aba5d27f4452de8d6eef0fb0a6dac53e108858e2f4d30b05cc3a09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6351060c60fcae80b903f3b8b0e64b3e2af001e330c32d7642019e8c256bb37
fdec629f2b00e2148b45e77a97884b7704958d40a53b88bff08a532b8b9e480a

skymavis.help Open in urlscan Pro 2606:4700:3037::6815:3fc9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

428 kBTransfer

475 kBSize

2 Cookies

13 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

2 Cookies

5 Console Messages

Indicators

skymavis.help Open in urlscan Pro
2606:4700:3037::6815:3fc9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

428 kB
Transfer

475 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!