foto.twitter-events22.com/
190.115.27.171301 Moved Permanently 568 B URL HTTP/1.1 foto.twitter-events22.com/
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Mon, 05 Dec 2022 17:57:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://foto.twitter-events22.com/
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16859
Expires: Mon, 05 Dec 2022 22:38:40 GMT
Date: Mon, 05 Dec 2022 17:57:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5749
Cache-Control: max-age=151767
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:57:41 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:07:08 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3717
Expires: Mon, 05 Dec 2022 18:59:38 GMT
Date: Mon, 05 Dec 2022 17:57:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 17:18:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2351
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5YdoJ6u5EGWAWid3b/7bgU4Y5dEnvDeYWa9mdw1QOKQD6ftC+gFCfz8mXqi2bxAPjhlmdoLWEW4=
x-amz-request-id: 143EKTG3NM4P5ZPD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 17:46:46 GMT
age: 655
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6b80f1597e0faf4364be57fe73b4d5d9
702efc8fb121160453e3594de8acf8bb50e31784
1165259a9e8dd47a7290044bf901ec15866701a41f62ce442ff2439790c759c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1165259A9E8DD47A7290044BF901EC15866701A41F62CE442FF2439790C759C6"
Last-Modified: Mon, 05 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Mon, 05 Dec 2022 23:57:09 GMT
Date: Mon, 05 Dec 2022 17:57:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5730
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 17:57:42 GMT
Last-Modified: Mon, 05 Dec 2022 16:22:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 17:08:58 GMT
cache-control: public,max-age=3600
age: 2924
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
foto.twitter-events22.com/css?family=Inter:400,400i,500,500i,700,700i,800&display=swap
190.115.27.171200 OK 827 B URL HTTP/2 foto.twitter-events22.com/css?family=Inter:400,400i,500,500i,700,700i,800&display=swap
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 (with BOM) text
Hash 41354eebcf42a145cb39031a2f4ed7ec
f8ef9317660bce0177e2ec5260e71440e6f82067
a3bf792e554c6e478e1092bcac15b5bfe3f5b399983a0c894c91423c3b457e5b
Analyzer Verdict Alert quad9 Sinkholed
GET /css?family=Inter:400,400i,500,500i,700,700i,800&display=swap HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 14:00:02 GMT
content-type: application/octet-stream
content-length: 827
last-modified: Fri, 26 Aug 2022 14:40:36 GMT
etag: "6308db64-33b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
age: 14259
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: twCqTnl+c08QudpuTd81nA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D/iMQ8yl5/tcb2VSVQKAYOAYgbY=
foto.twitter-events22.com/static/logo.jpg
190.115.27.171200 OK 22 kB URL HTTP/2 foto.twitter-events22.com/static/logo.jpg
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x315, components 3\012- data
Hash ec17a182569738d167b33f2ee0558a73
450419bddd23e7ceaf26fed8f921d26e1818782e
257b4cfd1f6b8afbdac4fd2027b359e0d2d70e5cd880636b460cc787b466215a
Analyzer Verdict Alert quad9 Sinkholed
GET /static/logo.jpg HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 04 Dec 2022 18:00:50 GMT
content-type: image/jpeg
content-length: 22160
last-modified: Tue, 23 Aug 2022 23:25:58 GMT
etag: "63056206-5690"
expires: Tue, 03 Jan 2023 18:00:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
age: 86211
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/identity/images/wordmark.9fbb71b4fd0b.svg
190.115.27.171200 OK 46 kB URL HTTP/2 foto.twitter-events22.com/static/identity/images/wordmark.9fbb71b4fd0b.svg
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (58855)
Hash 2650d5a8b0615668729e195c896a170f
161e4cf21d3e4cc166aaade349391e271d2263c9
de823d671c21ffc6933efac8db29778079d96e48231ac3e1590c1a512735314b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/identity/images/wordmark.9fbb71b4fd0b.svg HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 12:03:13 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Aug 2022 23:26:46 GMT
etag: W/"63056236-f51b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 21268
content-length: 45854
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
190.115.27.171200 OK 144 kB URL HTTP/2 foto.twitter-events22.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65536), with no line terminators
Size 144 kB (144318 bytes)
Hash 63986b9b41bae174a799f99ac1b9dff9
ce536a311ee07e5a1214974657d764db0a632291
c40fde4f26ef8877253f97ed3935d59bce86ae68c9c6bf09451a8c1daf2dab3a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/ethers/5.6.9/ethers.umd.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 12:03:12 GMT
content-type: application/javascript
last-modified: Sat, 18 Jun 2022 08:07:50 GMT
vary: Accept-Encoding
etag: W/"62ad87d6-b3ae5"
expires: Tue, 06 Dec 2022 00:03:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 21269
content-length: 144318
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/fonts/line-icons-pro/line-icons-pro.d3201303c7d4.css
190.115.27.171200 OK 13 kB URL HTTP/2 foto.twitter-events22.com/static/fonts/line-icons-pro/line-icons-pro.d3201303c7d4.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0f17548fd9c4d5f0112b221e356eb238
9b08614e96ea34966f27cc0c34640e217efbcfcb
5c545cf5554285aac96b86a296d7ba47d6401d46d5ce35505862a8db551cf3f9
Analyzer Verdict Alert quad9 Sinkholed
GET /static/fonts/line-icons-pro/line-icons-pro.d3201303c7d4.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 23:26:44 GMT
vary: Accept-Encoding
etag: W/"63056234-1ef8f"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/css/custom-style.88a89b04b97a.css
190.115.27.171200 OK 1.4 kB URL HTTP/2 foto.twitter-events22.com/static/css/custom-style.88a89b04b97a.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (2433), with no line terminators
Hash ddc0bd9c2af3fe6901a9ce6a64e89274
eecdfff4ea8b4f9824651ab4ab7e0592e66db9d2
e2234f9f9c933d50154c0da722a6fe43870906304f9383d72f4574a74e1d4910
Analyzer Verdict Alert quad9 Sinkholed
GET /static/css/custom-style.88a89b04b97a.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 23:26:08 GMT
vary: Accept-Encoding
etag: W/"63056210-981"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17455
Expires: Mon, 05 Dec 2022 22:48:39 GMT
Date: Mon, 05 Dec 2022 17:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17455
Expires: Mon, 05 Dec 2022 22:48:39 GMT
Date: Mon, 05 Dec 2022 17:57:44 GMT
Connection: keep-alive
foto.twitter-events22.com/static/fonts/fontawesome-5/css/v4-shims.f867cccabfc3.css
190.115.27.171200 OK 4.4 kB URL HTTP/2 foto.twitter-events22.com/static/fonts/fontawesome-5/css/v4-shims.f867cccabfc3.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (34215)
Hash d0bbcc35d75f813e4212fb148dc7c0d2
f30b7030992118fd176379adefc627fe62335d1b
466f2f1eb7efca0e2e2eb72e6b27bcad12f069e24247b56f85c116eed3bd4570
Analyzer Verdict Alert quad9 Sinkholed
GET /static/fonts/fontawesome-5/css/v4-shims.f867cccabfc3.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 23:26:56 GMT
vary: Accept-Encoding
etag: W/"63056240-85ee"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/fancybox/3.3.0/jquery.fancybox.css
190.115.27.171200 OK 12 kB URL HTTP/2 foto.twitter-events22.com/ajax/libs/fancybox/3.3.0/jquery.fancybox.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (328), with CR, LF line terminators
Hash 6caf435a39d7ee63cf426e075e1ed0ca
7971a9836f7a7ce54b2447c8007bda06bc5ae83a
0f2af65c8c1f00576456a26d109a1c0e9f64095029a5078a4f8ff2dbc1318f0e
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/fancybox/3.3.0/jquery.fancybox.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Mon, 04 May 2020 16:10:00 GMT
vary: Accept-Encoding
etag: W/"5eb03e58-456d"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 72480
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 24682
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/boomerang/css/boomerang.min.734277fa695e.css
190.115.27.171200 OK 61 kB URL HTTP/2 foto.twitter-events22.com/static/boomerang/css/boomerang.min.734277fa695e.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 570d5bd40640d02ca70ac32e5798701d
6f2e8d87e5ef2189b4a374790c974a92dc0b97ee
916c5f77618ed35eebe6d0df196beeb1016a65fe260050f082e22f6b3c5a397c
Analyzer Verdict Alert quad9 Sinkholed
GET /static/boomerang/css/boomerang.min.734277fa695e.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 23:26:26 GMT
vary: Accept-Encoding
etag: W/"63056222-57991"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 72819
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/animate.css/3.7.2/animate.min.css
190.115.27.171200 OK 12 kB URL HTTP/2 foto.twitter-events22.com/ajax/libs/animate.css/3.7.2/animate.min.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (57919)
Hash 1e37380436207cad75483e9dca2a6a09
bb7dbf803ab262edf52815d1affedddc27caccc4
3ad154e24e3a529204aa99eea4830dd54de57c0cbea59076e2efdd12b7be7839
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/animate.css/3.7.2/animate.min.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Mon, 04 May 2020 16:04:58 GMT
vary: Accept-Encoding
etag: W/"5eb03d2a-e311"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/%40walletconnect/web3-provider%401.7.5/dist/umd/index.min.js
190.115.27.171200 OK 175 kB URL HTTP/2 foto.twitter-events22.com/%40walletconnect/web3-provider%401.7.5/dist/umd/index.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (50903)
Size 175 kB (175339 bytes)
Hash 8fc1a974923c16699f383acd9eca2960
0dc914df54fb7835bae5cec398c312789fd7f8b3
67dcc27c700bda60337a9df3b0249d01fc2a78dfdd45f878ad21e84df023c341
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /%40walletconnect/web3-provider%401.7.5/dist/umd/index.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 06:02:33 GMT
content-type: application/javascript
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
vary: Accept-Encoding
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
etag: "1dc09d84-b660c"
expires: Mon, 05 Dec 2022 18:02:33 GMT
age: 42908
content-length: 175339
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
foto.twitter-events22.com/web3%401.7.5/dist/web3.min.js
190.115.27.171200 OK 272 kB URL HTTP/2 foto.twitter-events22.com/web3%401.7.5/dist/web3.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (64083)
Size 272 kB (271972 bytes)
Hash 315e15fab3037a75be28e5ad1cf77e46
8928453c7cb81a0fb24fc07f7bbc6ad56daf42b4
472a8892e69c8c3eaf1432b0e6367c7266f11c214f95978fc982d32d171c9074
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /web3%401.7.5/dist/web3.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 12:03:12 GMT
content-type: application/javascript
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
vary: Accept-Encoding
etag: W/"1dc09d84-166326"
expires: Tue, 06 Dec 2022 00:03:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 21269
content-length: 271972
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
foto.twitter-events22.com/moralis-v1%401.11.0/dist/moralis.js
190.115.27.171200 OK 498 kB URL HTTP/2 foto.twitter-events22.com/moralis-v1%401.11.0/dist/moralis.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (864)
Size 498 kB (497858 bytes)
Hash 4b3d0436dd9f8ca7acc9cdc593f94ca0
b806fcf6fa1850b1e90e4e0b61e922802fec4c87
336dc988dedc1bd677587377e896eef9282421f7fc41f833be294bc71233764f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /moralis-v1%401.11.0/dist/moralis.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 12:03:12 GMT
content-type: application/javascript
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
vary: Accept-Encoding
etag: W/"1dc09d84-2bc9bc"
expires: Tue, 06 Dec 2022 00:03:12 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 21269
content-length: 497858
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/jquery.adaptive-backgrounds/1.0.3/jquery.adaptive-backgrounds.min.js
190.115.27.171200 OK 80 kB URL HTTP/2 foto.twitter-events22.com/ajax/libs/jquery.adaptive-backgrounds/1.0.3/jquery.adaptive-backgrounds.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (2401), with no line terminators
Hash 69dbb7793dd154bc758f5ffdf73c2f17
a6c7938fccb37b518ccc3cf6a4b49750da173dc9
81c7567bbe9e8988897345e31564f4075da2a534cc1501ad02dada80a52d59ab
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/jquery.adaptive-backgrounds/1.0.3/jquery.adaptive-backgrounds.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
etag: W/"5eb03ec2-961"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/fonts/fontawesome-5/webfonts/fa-solid-900.woff2
190.115.27.171200 OK 141 kB URL HTTP/2 foto.twitter-events22.com/static/fonts/fontawesome-5/webfonts/fa-solid-900.woff2
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392\012- data
Size 141 kB (140996 bytes)
Hash 25d740d42658b6e2c293ce7b3322aac7
41cc9ae4b5dd70fd3988059dfb864f20f99ae371
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/fontawesome-5/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://foto.twitter-events22.com/static/fonts/fontawesome-5/css/all.min.95fe9653f2c4.css
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:43 GMT
content-type: font/woff2
content-length: 140996
last-modified: Tue, 23 Aug 2022 23:27:24 GMT
etag: "6305625c-226c4"
strict-transport-security: max-age=31536000
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/select2/4.0.13/js/select2.min.js
190.115.27.171200 OK 112 kB URL HTTP/2 foto.twitter-events22.com/ajax/libs/select2/4.0.13/js/select2.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (64131)
Size 112 kB (111762 bytes)
Hash 277f1d886ab68f76c6be6589153eee50
8b39af0a628166608a5163cb0a3e018cc33d87bf
cbcd85e4503eeeb0717681ad229bce3fca7df50d0b7d97bb7d75a7179711af31
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/select2/4.0.13/js/select2.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Tue, 26 May 2020 03:00:42 GMT
vary: Accept-Encoding
etag: W/"5ecc865a-114c3"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/js/scrollpos-styler.98a0c4640523.js
190.115.27.171200 OK 188 kB URL HTTP/2 foto.twitter-events22.com/static/js/scrollpos-styler.98a0c4640523.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (514)
Size 188 kB (188183 bytes)
Hash ff3b5e46733c506f0652d1fe9b4bea45
0debc6da46c1f08259a9ac6b92b1e3fa93169a5e
12fb3305109633236d30169f64f032a731c056724b4a3eacb333f4c6d55962f0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/scrollpos-styler.98a0c4640523.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 23:26:08 GMT
vary: Accept-Encoding
etag: W/"63056210-737"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/popper.js/1.16.1/umd/popper.min.js
190.115.27.171200 OK 181 kB URL HTTP/2 foto.twitter-events22.com/ajax/libs/popper.js/1.16.1/umd/popper.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (21060)
Size 181 kB (181148 bytes)
Hash a83e17d5b50894545a92ca76b55bbfa3
55bc0bd9fdb97c573addf4af7f719bb020db24c3
e943088117b0dc551a4d9bf3426b45f2831d82e0a287eec8ca61350215d1169f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/popper.js/1.16.1/umd/popper.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:15:38 GMT
vary: Accept-Encoding
etag: W/"5eb03faa-52f1"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/identity/images/favicon.3720b208a663.png
190.115.27.171200 OK 748 B URL HTTP/2 foto.twitter-events22.com/static/identity/images/favicon.3720b208a663.png
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3720b208a66396d21d2ee34b54b35b14
daef16bda03ae4dcf8aa8aef3ce8000e72fbb373
d09baad3bec1ea2809f77c33bb8cb408c446d5df3e84294501e411984681dc34
Analyzer Verdict Alert quad9 Sinkholed
GET /static/identity/images/favicon.3720b208a663.png HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:45 GMT
content-type: image/png
content-length: 748
last-modified: Tue, 23 Aug 2022 23:26:46 GMT
etag: "63056236-2ec"
expires: Wed, 04 Jan 2023 17:57:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/identity/images/apple-icon.f4fae2c8f626.png
190.115.27.171200 OK 3.4 kB URL HTTP/2 foto.twitter-events22.com/static/identity/images/apple-icon.f4fae2c8f626.png
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash f4fae2c8f626ae50411bc11968c3e866
35830255ec8de3be5c0282acaa46e265795129f4
6d2d85e9f187e478a5467ade9a56e7fc9fa52ec41d69bb48677a96dde089f18e
Analyzer Verdict Alert quad9 Sinkholed
GET /static/identity/images/apple-icon.f4fae2c8f626.png HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:45 GMT
content-type: image/png
content-length: 3400
last-modified: Tue, 23 Aug 2022 23:26:44 GMT
etag: "63056234-d48"
expires: Wed, 04 Jan 2023 17:57:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/jquery.imagesloaded/4.1.1/imagesloaded.pkgd.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/jquery.imagesloaded/4.1.1/imagesloaded.pkgd.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/jquery.imagesloaded/4.1.1/imagesloaded.pkgd.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
etag: W/"5eb03ec4-302c"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/bootstrap-growl/1.0.0/jquery.bootstrap-growl.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/bootstrap-growl/1.0.0/jquery.bootstrap-growl.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/bootstrap-growl/1.0.0/jquery.bootstrap-growl.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:06:38 GMT
vary: Accept-Encoding
etag: W/"5eb03d8e-479"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/sticky-kit/1.1.3/sticky-kit.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/sticky-kit/1.1.3/sticky-kit.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/sticky-kit/1.1.3/sticky-kit.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:16:28 GMT
vary: Accept-Encoding
etag: W/"5eb03fdc-cd3"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/classie/1.0.1/classie.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/classie/1.0.1/classie.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/classie/1.0.1/classie.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:09:12 GMT
etag: W/"5eb03e28-295"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/jquery/3.6.0/jquery.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
etag: W/"603e8adc-15d9d"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/boomerang/js/boomerang.min.9235facff350.js
190.115.27.171404 Not Found 0 B URL HTTP/2 foto.twitter-events22.com/static/boomerang/js/boomerang.min.9235facff350.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/boomerang/js/boomerang.min.9235facff350.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:45 GMT
content-type: text/html
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/js-cookie/3.0.1/js.cookie.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/js-cookie/3.0.1/js.cookie.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/js-cookie/3.0.1/js.cookie.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:42 GMT
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 14:14:50 GMT
vary: Accept-Encoding
etag: W/"61fd34da-691"
expires: Tue, 06 Dec 2022 05:57:42 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/Swiper/3.4.2/css/swiper.min.css
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/Swiper/3.4.2/css/swiper.min.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/Swiper/3.4.2/css/swiper.min.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Mon, 04 May 2020 16:04:02 GMT
vary: Accept-Encoding
etag: W/"5eb03cf2-455f"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Tue, 20 Jul 2021 01:00:48 GMT
vary: Accept-Encoding
etag: W/"60f62040-27288"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/hamburgers/1.1.3/hamburgers.min.css
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/hamburgers/1.1.3/hamburgers.min.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/hamburgers/1.1.3/hamburgers.min.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Mon, 04 May 2020 16:10:26 GMT
vary: Accept-Encoding
etag: W/"5eb03e72-57ba"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/html
last-modified: Fri, 26 Aug 2022 14:40:36 GMT
vary: Accept-Encoding
etag: W/"6308db64-7c16"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/fonts/fontawesome-5/css/all.min.95fe9653f2c4.css
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/static/fonts/fontawesome-5/css/all.min.95fe9653f2c4.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /static/fonts/fontawesome-5/css/all.min.95fe9653f2c4.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 23:26:56 GMT
vary: Accept-Encoding
etag: W/"63056240-2a8f7"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Mon, 04 May 2020 16:16:18 GMT
vary: Accept-Encoding
etag: W/"5eb03fd2-2aaf"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/jQuery-viewport-checker/1.8.8/jquery.viewportchecker.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/jQuery-viewport-checker/1.8.8/jquery.viewportchecker.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/jQuery-viewport-checker/1.8.8/jquery.viewportchecker.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:11:42 GMT
vary: Accept-Encoding
etag: W/"5eb03ebe-ac8"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/jquery.isotope/3.0.4/isotope.pkgd.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/jquery.isotope/3.0.4/isotope.pkgd.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/jquery.isotope/3.0.4/isotope.pkgd.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
etag: W/"5eb03ec4-89f1"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/ionicons/2.0.1/css/ionicons.min.css HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: text/css
last-modified: Mon, 04 May 2020 16:11:20 GMT
vary: Accept-Encoding
etag: W/"5eb03ea8-c820"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/boomerang/js/boomerang.min.9235facff351.js
190.115.27.171404 Not Found 0 B URL HTTP/2 foto.twitter-events22.com/static/boomerang/js/boomerang.min.9235facff351.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/boomerang/js/boomerang.min.9235facff351.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:45 GMT
content-type: text/html
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Tue, 20 Jul 2021 01:00:48 GMT
vary: Accept-Encoding
etag: W/"60f62040-f708"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/static/js/slidebar.68a27ae4560d.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/static/js/slidebar.68a27ae4560d.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/slidebar.68a27ae4560d.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 02:25:58 GMT
vary: Accept-Encoding
etag: W/"63058c36-1b61f"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
foto.twitter-events22.com/ajax/libs/Swiper/3.4.2/js/swiper.min.js
190.115.27.171200 OK 0 B URL HTTP/2 foto.twitter-events22.com/ajax/libs/Swiper/3.4.2/js/swiper.min.js
IP 190.115.27.171:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ajax/libs/Swiper/3.4.2/js/swiper.min.js HTTP/1.1
Host: foto.twitter-events22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foto.twitter-events22.com/
Cookie: __ddg1_=TgmMFmenkBAFSY1mFb9B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 05 Dec 2022 17:57:41 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:04:02 GMT
vary: Accept-Encoding
etag: W/"5eb03cf2-178a3"
expires: Tue, 06 Dec 2022 05:57:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2