Report - bewitched-key-tiger-n56l47.teleporthq.app/

Report Overview

Submitted URL
bewitched-key-tiger-n56l47.teleporthq.app/
IP
76.76.21.93
ASN
#16509 AMAZON-02
Submitted
2023-03-28 08:35:15
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bewitched-key-tiger-n56l47.teleporthq.app	unknown	2023-03-28T03:14:55Z	2023-03-28T06:55:12Z	5.0 kB	110 kB	76.76.21.123
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	343 B	699 B	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	547 B	39 kB	142.250.74.163
whos.amung.us	12687	2014-04-02T16:27:13Z	2023-03-29T12:52:10Z	830 B	619 B	104.22.74.171
get.geojs.io	17418	2017-03-30T20:44:25Z	2023-03-29T13:56:08Z	443 B	925 B	104.26.0.100
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
widgets.amung.us	12623	2012-05-21T21:25:54Z	2023-03-29T12:31:46Z	859 B	3.6 kB	104.22.74.171
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
angelvideos2k23.xyz	unknown			1.3 kB	520 kB	162.0.235.110
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-29T08:59:28Z	340 B	963 B	104.18.32.68
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	100.20.181.148
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	2.2 kB	39 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-28 08:35:27	medium	Client IP	Internal IP	ET INFO External IP Address Lookup Domain (get .geojs .io) in DNS Lookup
2023-03-28 08:35:27	medium	Client IP	Internal IP	ET INFO External IP Address Lookup Domain (get .geojs .io) in DNS Lookup
2023-03-28 08:35:27	medium	Client IP	104.26.0.100	ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-28	medium	bewitched-key-tiger-n56l47.teleporthq.app/	Facebook, Inc.
2023-03-28	medium	bewitched-key-tiger-n56l47.teleporthq.app/	Facebook, Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	angelvideos2k23.xyz/newsrd2022/location	1.2 kB	2023-03-07	2024-01-13
Pretty URL angelvideos2k23.xyz/newsrd2022/location IP 162.0.235.110 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:15:41 Last Seen2024-01-13 19:06:07 Times Seen34 Hash 6e17b137ffbea95733f0535f65a8143c 7ed0fb8bd298297381e061d141e71144633d03b4 1ec9521e283ddfc4b56d2b8da29e7b064c2d2f2935c0bf965a3d39af26b7ca77 Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/index-57801afc79eb1b6f.js	11 kB	2023-03-29	2023-03-29
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/index-57801afc79eb1b6f.js IP 76.76.21.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:32:32 Last Seen2023-03-29 23:35:45 Times Seen2 Hash ad57fb7589f1a2d53b7c5aba3df0ccfa 4907a8639da908cf73cf339bb81479251d966b43 16142f9f516aa37720d5c67a36fbf5c4225329b05aa5cc88fed4b4d094b97316 Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/webpack-7f7073168d4d40fd.js	3.4 kB	2023-03-13	2023-10-01
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/webpack-7f7073168d4d40fd.js IP 76.76.21.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:34:14 Last Seen2023-10-01 15:25:14 Times Seen9 Hash 35e21f535abdb98e3eb1a218b74b5f6d afd36313c4c1a4b10bb9b0e09ccbd391f10970cd 3fbc34dca068ff3e889255cd3c69d5e7ea75e03d0290c2f5dcb6ab2c3b99fc97 Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/_app-23e854a7b5b991e4.js	1.0 kB	2023-03-12	2023-10-01
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/_app-23e854a7b5b991e4.js IP 76.76.21.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:11:24 Last Seen2023-10-01 15:25:14 Times Seen13 Hash de5bb968a3aab2ee719752f88cc60351 e14a415a657e77bcad456ae4be7d614a9ae33273 8bd88c2ac74d52ca5078fefe8eb6ee2fb5c5174976faf9df3e4a055ee4ecbf14 Loading...

	angelvideos2k23.xyz/newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02	735 kB	2023-03-29	2023-04-11
Pretty URL angelvideos2k23.xyz/newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02 IP 162.0.235.110 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:32:32 Last Seen2023-04-11 08:31:20 Times Seen6 Hash 7ba47cf1c112a11e453de54e0bdb4fb3 be1f96160fb01630b4c525a9abc211340c6ed0e3 7cda59192ad329810535d9e7794a42c9c82226baca3ec633556d3a665c76bab3 Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/2981f0c3.38a8447567a5c54f.js	351 kB	2023-03-12	2023-10-01
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/2981f0c3.38a8447567a5c54f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:11:24 Last Seen2023-10-01 15:25:14 Times Seen21 Hash fdc0f2e76bd03b40f1d10c8d16686df1 a3026fcc5304248db54c3e8cb922736c4dddf1ee 4c2ad10866f5cd38a23c166c245a89a368366434c8f97796f5c36a201e12f7b2 Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/framework-5f4595e5518b5600.js	130 kB	2023-03-07	2024-04-21
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/framework-5f4595e5518b5600.js IP 76.76.21.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:50 Last Seen2024-04-21 19:31:55 Times Seen955 Hash 623da2092ab9e81400d81fad9017f0ba 1c76f260e73e1229548d84ec1a8a3a2e8c09d056 8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/main-748fa114995cf5e9.js	108 kB	2023-03-14	2023-08-24
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/main-748fa114995cf5e9.js IP 76.76.21.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:37:41 Last Seen2023-08-24 11:39:12 Times Seen16 Hash 220797bfdf29e25d757e4da3865a6eb0 9733e91f69b6a09b5dcab140209b34e5600504d3 ff32ef0a90bbff99e46ba2ff0f530847c81bef2dead73fa5b5f9448a4c4e1ab6 Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js	282 B	2023-03-29	2023-03-29
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js IP 76.76.21.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:32:32 Last Seen2023-03-29 23:35:44 Times Seen2 Hash 5848f1ba51cdb867e8ec65c92cbf37d4 09459dab18bf1cd91b0727f53510eab7c1acf178 fa9311c5f23f92d46353e7f373fecb75b8875d31012bb8c654ac037955f67426 Loading...

	bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js	77 B	2023-03-07	2024-04-26
Pretty URL bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js IP 76.76.21.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-26 11:32:48 Times Seen85369 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

		Size	First Seen	Last Seen
	#1 Eval - ce539e86c80c0435fe9ad55e6e795d91	936 B	2023-03-07	2024-03-04
Pretty Observations First Seen2023-03-07 18:15:41 Last Seen2024-03-04 04:36:04 Times Seen23 Hash ce539e86c80c0435fe9ad55e6e795d91 889b7b9d84015a18908d0102646cf5395a7dd11c 8b80a3df76084bcf52ccb622313cda9b9d4a6afbf441784f3114b557496726cc Loading...

	#2 Eval - 8c3505c4c34a8350e940e62f8cf16480	401 B	2023-03-29	2023-04-11
Pretty Observations First Seen2023-03-29 23:32:32 Last Seen2023-04-11 08:31:20 Times Seen5 Hash 8c3505c4c34a8350e940e62f8cf16480 b240a8d8eb610703ec3e56fb1417884e176f89ba c1d1fb94d6259ebc16746e072879650cff49095d67afc0b1d2df2c0d47555f60 Loading...

	#3 Eval - 2c6c661558640963ef5f2bcf1998448e	579 B	2023-03-07	2024-03-04
Pretty Observations First Seen2023-03-07 18:15:41 Last Seen2024-03-04 04:36:04 Times Seen42 Hash 2c6c661558640963ef5f2bcf1998448e dd592ee7bb3a814ce0e6d2623bddc568b48d5cb4 a7f378b66fd9814c467257b541253ccc432ed616ee3327a192c6407672a161d5 Loading...

	#4 Eval - 7d2fe7d654e944958923c45a50a3523c	77 B	2023-03-29	2023-04-11
Pretty Observations First Seen2023-03-29 23:32:32 Last Seen2023-04-11 08:31:20 Times Seen5 Hash 7d2fe7d654e944958923c45a50a3523c 5107c5e308f5a1486a0dc309456cadf6afa0008f 5d982ec947b37c252485e67696fa99e75a357d401e483019c64fe7a1a7ef25aa Loading...

	#5 Eval - 187bd905ad4c1a525e1a7c0b4bb4f24e	75 B	2023-03-12	2023-04-11
Pretty Observations First Seen2023-03-12 17:23:48 Last Seen2023-04-11 08:31:20 Times Seen6 Hash 187bd905ad4c1a525e1a7c0b4bb4f24e 986ade247474f0681ca37a8578a0d3a3706ddf2e fdf3fd10c288dd0cf274de9f2775220396c9d6891685bf9187783303d49ee3f8 Loading...

	#6 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 13:11:11 Times Seen37091782 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4551
Expires: Tue, 28 Mar 2023 09:50:55 GMT
Date: Tue, 28 Mar 2023 08:35:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2303
Expires: Tue, 28 Mar 2023 09:13:28 GMT
Date: Tue, 28 Mar 2023 08:35:05 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 08:28:01 GMT
content-type: application/json
age: 424
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14127
Expires: Tue, 28 Mar 2023 12:30:32 GMT
Date: Tue, 28 Mar 2023 08:35:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8alw9rVPSDh+5esc2Qt9rS4CpX51lAMbNlom6Ul8a9TTEFfMeHteQu3A80dPXPEywliNXc+8eXk=
x-amz-request-id: J6AT96HP7TY8D984
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 08:01:58 GMT
age: 1987
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 08:35:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js

76.76.21.123

200 OK

282 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
282 B (282 bytes)
Hash
5848f1ba51cdb867e8ec65c92cbf37d4
09459dab18bf1cd91b0727f53510eab7c1acf178
fa9311c5f23f92d46353e7f373fecb75b8875d31012bb8c654ac037955f67426

HTTP Headers

GET /_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 103059
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: "5848f1ba51cdb867e8ec65c92cbf37d4"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lbpcc-1679992505229-00d069231bcf
content-length: 282
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js

76.76.21.123

200 OK

77 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

HTTP Headers

GET /_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: "b6652df95db52feb4daf4eca35380933"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lwqvr-1679992505229-4ab3706b3e44
content-length: 77
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 08:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

142.250.74.163

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37780, version 1.0\012- data
Size
38 kB (37780 bytes)
Hash
e1b9f0ecaaebb12c93064cd3c406f82b
f0e872352fc5af11960d0eb4fd6ed09e9e98f4ab
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bewitched-key-tiger-n56l47.teleporthq.app
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
content-type: font/woff2
age: 338904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/webpack-7f7073168d4d40fd.js

76.76.21.123

200 OK

2.1 kB

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/webpack-7f7073168d4d40fd.js
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3380), with no line terminators
Size
2.1 kB (2147 bytes)
Hash
a64dcc2be8a13bb2dc46ff73734614d7
42b516dffdb030b535b719daaede0089f0d409b4
712ed8e21b3a508f41895f11d7a70b1ca4a972be66f73166577ce96cc04c2c41

HTTP Headers

GET /_next/static/chunks/webpack-7f7073168d4d40fd.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 103060
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-7f7073168d4d40fd.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"35e21f535abdb98e3eb1a218b74b5f6d"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/webpack-7f7073168d4d40fd.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::phjrd-1679992505223-baecebed884c
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 08:17:24 GMT
age: 1061
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b5d61d9b46606add50681c75fbf20e2c
1b6d168ce95830de0e8056664f20780229d94374
2a23ac53a04e1736d1feeb38bfede4c354ee55a0ed92c7e8b0d812e588541989

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 01:05:12 GMT
Expires: Tue, 04 Apr 2023 01:05:11 GMT
Etag: "1b6d168ce95830de0e8056664f20780229d94374"
Cache-Control: max-age=577205,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aee89a84c42b4eb-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15449
Expires: Tue, 28 Mar 2023 12:52:34 GMT
Date: Tue, 28 Mar 2023 08:35:05 GMT
Connection: keep-alive

push.services.mozilla.com/

100.20.181.148

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.181.148:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q1pPxcp578EgoHCJccxV9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Apn8LS8hx5vtvIppjIvS4mHn8ds=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10744 bytes)
Hash
ada29e049501b12a35b0bcc5f68e3e57
5c1ba9bffbcc9007e7f119dbb3197db34a12f8da
b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10744
x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbogF0poAMFTAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uCaEsILUx4u_fBJ7J9CgQanUW-BmV69mFvGRjZ0roFWluE_joVyVrA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:48:21 GMT
age: 38806
etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8553 bytes)
Hash
e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38697
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5578 bytes)
Hash
e7f11a7b2bcf82694495805df139feed
45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6
96ba810197f578fb975bd853acbe948c8e984a7b94d172305d411d4381cf80ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 7e76212a-4621-45ca-9212-da6957f4861f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdb5bGSiIAMFtoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220d08-507bf48c3eeba38b719de318;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:39:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Zy7ItZQS-88zGHgnpCOzsRh6BL36AzV2MM-zUB5nCcLnaqgbJh8NxA==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:14:11 GMT
age: 37256
etag: "45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/css/56292a77cc7ef41c.css

76.76.21.123

200 OK

102 kB

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/css/56292a77cc7ef41c.css
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1819), with no line terminators
Size
102 kB (102067 bytes)
Hash
adbf46184b50faacf380bede3d7c3a61
b75ad65247efc8cebba8f03e02d5e27cb467faf9
b777f223a680b2d23b58dbec57c6842da8421152f0d3ef54c6f7c1df6a3e2484

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /_next/static/css/56292a77cc7ef41c.css HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 103100
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="56292a77cc7ef41c.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"206acbbbd2d789d4717d530ca766259b"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/css/56292a77cc7ef41c.css
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lwqvr-1679992505222-79a36cb5b2dd
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38697
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

angelvideos2k23.xyz/newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02

162.0.235.110

200 OK

517 kB

URL HTTP/2
angelvideos2k23.xyz/newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02
IP
162.0.235.110:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63311)
Size
517 kB (517393 bytes)
Hash
5d9b12314636925eea8ead30e00b5070
740e643e4ff5f0dab0e248d50c02abdf3f60d915
12579a10c2e39bb51955f5a274a84cef631ead9ee140f852208cf785730d8938

HTTP Headers

GET /newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02 HTTP/1.1
Host: angelvideos2k23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=15be4a223c50f0f38f6df70149e56a6f; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Mar 2023 08:35:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

angelvideos2k23.xyz/newsrd2022/location

162.0.235.110

301 Moved Permanently

707 B

URL HTTP/2
angelvideos2k23.xyz/newsrd2022/location
IP
162.0.235.110:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

HTTP Headers

GET /newsrd2022/location HTTP/1.1
Host: angelvideos2k23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Tue, 28 Mar 2023 08:35:07 GMT
server: LiteSpeed
location: https://angelvideos2k23.xyz/newsrd2022/location/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

angelvideos2k23.xyz/newsrd2022/location/

162.0.235.110

200 OK

432 B

URL HTTP/2
angelvideos2k23.xyz/newsrd2022/location/
IP
162.0.235.110:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
432 B (432 bytes)
Hash
4577a507ad7a0dd981affe01d04dab9d
02d4479a56e8bcce6e6a65e558939ab347a45212
b874b6eedd1dae378c34b0ab4c6d3080551ec014b70cda81bb55a22a5539c60b

HTTP Headers

GET /newsrd2022/location/ HTTP/1.1
Host: angelvideos2k23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 08:35:07 GMT
content-length: 432
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Mar 2023 08:35:07 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

widgets.amung.us/classic/00/7.png

104.22.74.171

200 OK

1.4 kB

URL HTTP/2
widgets.amung.us/classic/00/7.png
IP
104.22.74.171:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1366 bytes)
Hash
3c6db33967de3c728e913cf9c6a906cb
6776113231d350b425ffd0e703d61dcfdd896e7c
5e18bf693e810176c0cd9472697e0d449736b2b383b20b747d79f2562ff55a86

HTTP Headers

GET /classic/00/7.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: image/png
content-length: 1366
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-556"
expires: Mon, 20 Mar 2023 08:35:21 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 777586
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee89b4b86a0a3c-ARN
X-Firefox-Spdy: h2

widgets.amung.us/classic/00/11.png

104.22.74.171

200 OK

1.3 kB

URL HTTP/2
widgets.amung.us/classic/00/11.png
IP
104.22.74.171:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1346 bytes)
Hash
aa4dbc18cb151262ba16d49bc9e9c44c
4a5fcef40777eab36821965779fd30fa6091af32
c963256889c290a525bce47c8a0123d7d417e79add027d00fb97e57c64ac4fb1

HTTP Headers

GET /classic/00/11.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: image/png
content-length: 1346
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-542"
expires: Wed, 08 Mar 2023 02:01:02 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1838045
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee89b599fb0a3c-ARN
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/

76.76.21.123

200 OK

0 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"b813abe4d4d47493369c1bb973a16f0a"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lh4dv-1679992505057-c3576f2d06be
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/framework-5f4595e5518b5600.js

76.76.21.123

200 OK

0 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/framework-5f4595e5518b5600.js
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/framework-5f4595e5518b5600.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-5f4595e5518b5600.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"623da2092ab9e81400d81fad9017f0ba"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/framework-5f4595e5518b5600.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lh4dv-1679992505225-baabb9ece416
X-Firefox-Spdy: h2

whos.amung.us/widget/blackmamba02

104.22.74.171

307 Temporary Redirect

0 B

URL HTTP/2
whos.amung.us/widget/blackmamba02
IP
104.22.74.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget/blackmamba02 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/classic/00/7.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aee89b3def90a3c-ARN
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/main-748fa114995cf5e9.js

76.76.21.123

200 OK

0 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/main-748fa114995cf5e9.js
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/main-748fa114995cf5e9.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-748fa114995cf5e9.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"220797bfdf29e25d757e4da3865a6eb0"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/main-748fa114995cf5e9.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::v6lxl-1679992505226-74555c351467
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/_app-23e854a7b5b991e4.js

76.76.21.123

200 OK

0 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/_app-23e854a7b5b991e4.js
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/pages/_app-23e854a7b5b991e4.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-23e854a7b5b991e4.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"de5bb968a3aab2ee719752f88cc60351"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/pages/_app-23e854a7b5b991e4.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::ldfhb-1679992505227-fc581b5497ce
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/index-57801afc79eb1b6f.js

76.76.21.123

200 OK

0 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/index-57801afc79eb1b6f.js
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/pages/index-57801afc79eb1b6f.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="index-57801afc79eb1b6f.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"ad57fb7589f1a2d53b7c5aba3df0ccfa"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/pages/index-57801afc79eb1b6f.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::jtk7r-1679992505232-82546bae48aa
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/favicon.ico

76.76.21.123

404 Not Found

0 B

URL HTTP/2
bewitched-key-tiger-n56l47.teleporthq.app/favicon.ico
IP
76.76.21.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
access-control-allow-origin: *
age: 103098
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="404"
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"7d5d882d74c84b26d6315c10b87e90ff"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /404
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lh4dv-1679992505576-5d00355705ef
X-Firefox-Spdy: h2

bewitched-key-tiger-n56l47.teleporthq.app/

76.76.21.93

308 Permanent Redirect

0 B

URL HTTP/1.0
bewitched-key-tiger-n56l47.teleporthq.app/
IP
76.76.21.93:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.0 308 Permanent Redirect
Content-Type: text/plain
Location: https://bewitched-key-tiger-n56l47.teleporthq.app/
Refresh: 0;url=https://bewitched-key-tiger-n56l47.teleporthq.app/
server: Vercel

whos.amung.us/widget/blackmamba01

104.22.74.171

307 Temporary Redirect

0 B

URL HTTP/2
whos.amung.us/widget/blackmamba01
IP
104.22.74.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget/blackmamba01 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/classic/00/11.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aee89b3deff0a3c-ARN
X-Firefox-Spdy: h2

get.geojs.io/v1/ip/geo.json

104.26.0.100

200 OK

0 B

URL HTTP/2
get.geojs.io/v1/ip/geo.json
IP
104.26.0.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/ip/geo.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bewitched-key-tiger-n56l47.teleporthq.app
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: application/json
x-request-id: 8d184f4286c3da40dc6702b3312d7eb7-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hE%2FyQGxv%2BpJFJDdT9mIRW%2BORVumlgrB87lwUvWkGU3A%2B4r1CuXpOCpP1U0%2F3AdIeP7V1cBPyl2e3IyGiUL0i6vIde7GNKEYHATASIFrsu2x%2FsqB%2FT1FdrXARR0uUSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7aee89b26d9cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML