Overview

URL crazy-spin.online/go/dc26c419-4bb2-4522-a4df-b592392dfbe7
IP3.70.16.242
ASNAMAZON-02
Location Germany
Report completed2022-08-30 08:04:41 UTC
StatusLoading report..
urlquery Alerts Scam / Brand infringement


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed
2022-08-30 2 deefauph.com Sinkholed


Files

No files detected



Passive DNS (13)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS crazy-spin.online (1) 0 2021-04-27 21:07:23 UTC 2022-08-30 06:55:56 UTC 3.70.16.242 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-30 07:02:05 UTC 143.204.55.35
mnemonic passive DNS www.besquari.xyz (20) 0 2022-06-25 11:56:29 UTC 2022-08-30 06:55:55 UTC 54.230.111.52 Unknown ranking
mnemonic passive DNS deefauph.com (11) 135892 2021-03-12 13:41:43 UTC 2022-08-30 00:24:20 UTC 139.45.197.251
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-30 04:12:17 UTC 34.120.237.76
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-08-30 05:46:20 UTC 104.18.32.68
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-08-30 04:23:29 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-30 04:18:33 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-29 04:31:25 UTC 34.117.237.239
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2016-01-20 08:47:26 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-30 06:42:38 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-30 04:28:52 UTC 35.163.147.190
mnemonic passive DNS my.rtmark.net (1) 9054 2015-02-04 09:54:57 UTC 2022-08-30 05:42:22 UTC 139.45.195.8


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.70.16.242

Date UQ / IDS / BL URL IP
2022-12-06 19:16:32 +0000
0 - 0 - 1 rezuke.gooredirect.xyz/go/6716aa83-280d-4fe3- (...) 3.70.16.242
2022-12-06 13:23:46 +0000
0 - 0 - 11 www.mediacdnc.com/go/15de5925-fe8c-4ec6-9bf6- (...) 3.70.16.242
2022-12-06 12:00:23 +0000
0 - 0 - 1 rezuke.gooredirect.xyz/go/1d71952a-6209-4285- (...) 3.70.16.242
2022-12-06 09:24:38 +0000
0 - 0 - 1 rezuke.gooredirect.xyz/go/6716aa83-280d-4fe3- (...) 3.70.16.242
2022-12-06 06:26:20 +0000
0 - 0 - 2 www.mrktgtrck.me/go/aa34e98f-d5d5-4750-8a04-2 (...) 3.70.16.242

Last 5 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-12-06 21:16:45 +0000
0 - 0 - 3 www.eservicebits.com/landingpages/fa88f420-8b (...) 108.157.214.110
2022-12-06 20:20:58 +0000
0 - 0 - 1 jp-tea.net/ 34.254.1.203
2022-12-06 20:20:24 +0000
7 - 0 - 5 citiphol.zzux.com/ 3.144.82.73
2022-12-06 20:18:25 +0000
0 - 0 - 1 18.224.234.36/ 18.224.234.36
2022-12-06 20:15:12 +0000
0 - 0 - 6 furned-mashorses.com/b93c8e5d-e240-4002-b860- (...) 18.193.235.10

Last 5 reports on domain: crazy-spin.online

Date UQ / IDS / BL URL IP
2022-09-08 06:57:25 +0000
5 - 0 - 11 crazy-spin.online/go/dd88a5f4-9c0b-47c4-9d80- (...) 3.70.16.242
2022-09-03 19:57:36 +0000
16 - 0 - 5 crazy-spin.online/go/81faac51-44d1-4af3-95c2- (...) 3.70.16.242
2022-08-30 18:52:56 +0000
15 - 0 - 3 crazy-spin.online/go/7a70e9d8-cb2c-4053-b975- (...) 3.70.16.242
2022-08-30 08:04:41 +0000
12 - 0 - 11 crazy-spin.online/go/dc26c419-4bb2-4522-a4df- (...) 3.70.16.242
2022-08-29 17:55:57 +0000
9 - 0 - 0 crazy-spin.online/go/a0ef2430-6dd4-4bc4-830b- (...) 3.70.16.242

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-03 11:59:02 +0000
0 - 0 - 4 rdr.funcontent.xyz/go/23bbed7f-16cb-4af2-a580 (...) 3.70.16.242
2022-12-02 14:05:26 +0000
0 - 0 - 6 continuetosite.com/go/a845f995-13eb-4907-9070 (...) 3.70.16.242
2022-11-30 12:30:37 +0000
0 - 0 - 6 rdr.funcontent.xyz/go/23bbed7f-16cb-4af2-a580 (...) 3.70.16.242
2022-11-29 23:38:11 +0000
0 - 0 - 6 rdr.funcontent.xyz/go/23bbed7f-16cb-4af2-a580 (...) 3.70.16.242
2022-11-26 00:56:20 +0000
0 - 0 - 13 www.storlan.xyz/sweep-iphone/arabic-spinwheel (...) 54.230.111.84


JavaScript

Executed Scripts (10)


Executed Evals (2)

#1 JavaScript::Eval (size: 80, repeated: 1) - SHA256: d70cbe966b1a5e95190c7529644a012b0c72e13168848bef5fde38962e282236

                                        (() => {
    const a = async
    function name() {};
    window['8n7u8ys0xmm'] = true;
})()
                                    

#2 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3

                                        require('buffer').Buffer
                                    

Executed Writes (0)



HTTP Transactions (53)


Request Response
                                        
                                            GET /go/dc26c419-4bb2-4522-a4df-b592392dfbe7 HTTP/1.1 
Host: crazy-spin.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         3.70.16.242
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Tue, 30 Aug 2022 08:04:30 GMT
Content-Length: 514
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Set-Cookie: bemob-uniq-visit:dc26c419-4bb2-4522-a4df-b592392dfbe7=1; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly bemob-rotation:dc26c419-4bb2-4522-a4df-b592392dfbe7:random:7522d317def4089f9ffe6226f9a918eb=0-0-0; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly bemob-track-url=https%3A%2F%2Fwww.besquari.xyz%2Fsweepstake6%2Fsweepstake-notix%2Fsweepstake-notix%2Fspinwheel%2FArabic-spinwheel-iphone13%2Findex.html%3Fbrand%3D%26bemobdata%3Dc%253Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%253Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%253D0..b%253D0; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly
Vary: Accept
X-Response-Time: 11.800ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (514), with no line terminators
Size:   514
Md5:    9417fabb51063f4d39c5e5187da9f07a
Sha1:   0921cd99a98080561c051372b340e4899e9fd907
Sha256: 9cb68b848376a025d2279bb8d2780c2e1b62907389b15bd2da5eaf74eaa71fda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16428
Expires: Tue, 30 Aug 2022 12:38:18 GMT
Date: Tue, 30 Aug 2022 08:04:30 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 07:25:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZVBXdncOxQb7KdttYzIKmIbGwmaCuXdZznG-u4NeuLR9WmeNHRWOZQ==
Age: 2319


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fDd3ycmgIgdW6G9j4Su988H6h5Cv-viwdw0HDSjw7EXUmuKXQBzcOQ==
age: 34112
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 08:04:30 GMT
Last-Modified: Tue, 30 Aug 2022 06:34:45 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fhxd7Ix5MMENdsQCBxNLlYxAYJC_a6_kkyqeI-nFsXbEsm8ssK2PAw==
Age: 5385

                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 33
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:52 GMT
etag: "c588c17324f2be0e0ec90a18f39e7d7c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lBTtfK40tKwKR9wQ2gY52gpKrNWj-lZAxp7fgyEtrvv4krsL3CMNKw==
age: 7546
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   33
Md5:    c588c17324f2be0e0ec90a18f39e7d7c
Sha1:   69d360eddd15f527aac7f7e610346517732b7770
Sha256: b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/notification.png HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 449
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "bd5203f2cc9e7a9125e4575e029541b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DxBslRE0JkomPm3vZlp_uJz2ntJcyhT7Q_f66fROQjJX2I6ZtDtKtQ==
age: 7528
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Size:   449
Md5:    bd5203f2cc9e7a9125e4575e029541b0
Sha1:   9fa565ab2f4b55da4735b79e529562252b3c9afe
Sha256: db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 32496
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "d4655cba21d806e849eed4e4119fbe1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d364W_NcHmwJs6ti8RRbB7HA9gpgKL1pOLstvwZ2S1YhjeUOkubxRg==
age: 7753
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Size:   32496
Md5:    d4655cba21d806e849eed4e4119fbe1a
Sha1:   6453039d85005643e9d65074ca022f63b5d47cdd
Sha256: 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 32266
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "c562f63263ffff2688791c38014b36bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O8tIlAxS-hvp72tTO_WLeEt-vk2tcXp9QmkOfl8EShqy1bM50UwuJg==
age: 7528
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   32266
Md5:    c562f63263ffff2688791c38014b36bc
Sha1:   59fe19592cb3f6a2709c418026f0a1ddb12c1314
Sha256: c331ce815fcd0ed99bc592c082eed6e51efd0f107d2ae967021d0273def59ae8
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/loader.gif HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 5083
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "ed786659a534e0d183c09a90c50abc9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vk8wLdSVADS75rWfQUqSUJp7pk8wx2M-obGaEVIWAh0HXVt_LfpxRA==
age: 7528
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 50\012- data
Size:   5083
Md5:    ed786659a534e0d183c09a90c50abc9d
Sha1:   a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
Sha256: cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50 HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 977
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "70153298ff6fb62a5a503e72721f87e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EbeTn9-xkxX5xAtqqTXIT_u9Q7Nxu2se6a7LrSboh_yQt0LtJe4KJw==
age: 7546
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (977), with no line terminators
Size:   977
Md5:    70153298ff6fb62a5a503e72721f87e3
Sha1:   d8187ecb541a29f69f98478223a29fe36295cba3
Sha256: b2354d697496125f1a21bf5dc497b877b87e51293538402e726a1c2bc146644b

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 30 Aug 2022 07:53:52 GMT
etag: W/"e87a829f5f34398d1f2d4ee0d9953dfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J-vB1bXIyzTz9F__VJiN_Bp_8ejUTI8SvM6GaUVnWkdjQWZ74bmzSw==
age: 24226
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4479
Md5:    5c206692ade1fc227e1029ff9c8d7801
Sha1:   9dba56c22a30987ed11aff77b79861387aa50f9a
Sha256: f0a01408d69c36ce20d345da6170c594d3727a349ff7b1b378d2e5e82fe99b61
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/3@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2506
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "e69e56799051d24a67414a67301ac984"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zeZGrsVpmVF_bf88bjLggmrC4jI8WTSyrNIv_zsfGzzy6qwZ-fP6RQ==
age: 27022
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2506
Md5:    e69e56799051d24a67414a67301ac984
Sha1:   7d7db0281213342c25abf9e08937e38c7d1e8449
Sha256: cff50b269e3afdcf620ba9a8f6d3ac55b03a953136f3148d1b3296798bf57210
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/3@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 3301
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "49f1b40f2ed2ef127cb64293ae8b1524"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A5mYmvHTboZi9ti4GnMGf6X7U_xylHoA_HvwA4G-jAMnCognXm172Q==
age: 26564
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   3301
Md5:    49f1b40f2ed2ef127cb64293ae8b1524
Sha1:   7939aacf51d0ba9b4358cb17ef40eb91fa31e27b
Sha256: c5e6dbfaac2e982618aa4ea88a1785ca965b57f3149551f194cdaae2d8406a53

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/10@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 3175
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "f8002e02aac0ac1bb22d2c80f36ebf15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1ePH16IuzX4klphxG5Ftznny6pEiQsROmzCosEcRaZw7uYnHqGVNXA==
age: 11982
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   3175
Md5:    f8002e02aac0ac1bb22d2c80f36ebf15
Sha1:   bf277a8747caf561b91a25860e772cf0f1a834a5
Sha256: 0e98e32d27f59276dc137de153e32c28220a635701413565a4646dc8361fd94c

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/6@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2950
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "5f6bc62e6e66a94b4ce9b971a798ceff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ki6M9NNK3cZZjbGVK0r_MhxG6jc8Po1TaT1CyvwvGoN_OF0EHidNzg==
age: 3757
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2950
Md5:    5f6bc62e6e66a94b4ce9b971a798ceff
Sha1:   05faaed9dbd1a5462485d4deeed888312a3b4973
Sha256: cfa55f5831710c40e2429ec2528b080fb2e6b11b560abfa8eaa1710b63770af3

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/9@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2224
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "444a95e7661a07d48ae8a2b7d67792be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: THcIYYEZcZ8HUUwRJAtOWkrDvh4HEhrocSGC9I0ewXyWureWIHFY9A==
age: 2427
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2224
Md5:    444a95e7661a07d48ae8a2b7d67792be
Sha1:   e31aa744a72a17d6a3e04cd0e6f9a9fc59a47b59
Sha256: d815f00761793a93ef88b73ea6451d9300a052ce64f454d30f9446af3bd9ccda

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 23152
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "029d38095e06ced0688fd67a58e70781"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aQNDdnEVpbkoOtOVje8wq-0N22lgUOkIMYpTZTB2cYTloFPi-vyvNg==
age: 11982
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data
Size:   23152
Md5:    029d38095e06ced0688fd67a58e70781
Sha1:   b5bdaddeb39b947c35f883f001f34dd163bcb362
Sha256: 5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/5@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2787
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "6063e3355d6e928b55810c359ee1d382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QfzAWlmfns2cVr-71ZWrP8Zl10AP2RKP2i3_RqaIuxA80zYHr3vVqw==
age: 8418
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2787
Md5:    6063e3355d6e928b55810c359ee1d382
Sha1:   a6a19cb61b8a8f9ed538a6467a7a41ed85fc01ad
Sha256: 9db1c16bd8c27942b3d83cff9d81462ced2b7827ab45fe53ff3fcec32ed138d9
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/1@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2853
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "4ccf612375cb7df45e271ecd2983281e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9_r0q9YHGhXmZSX2eVmnQmMGuFBNbU7ZsaG-X5ZF_oZblWqCeZVLyA==
age: 26563
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2853
Md5:    4ccf612375cb7df45e271ecd2983281e
Sha1:   db4bc5414c30c39531e38c9a3f34b087cd68b4b6
Sha256: 75f237c0722d2dd3ef7d7e4bad43a70ac57bad90c81b9cb8b9c9b445c0a76a1b
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/2@0.25x.jpg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 2258
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "07ee3d87dba4f97110c83432fcc8f3f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7dUgIt9w3FfYsBb4NsR-_Ys51714TWMSpmz-gOnqpnSqd9EiBncFIg==
age: 10494
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size:   2258
Md5:    07ee3d87dba4f97110c83432fcc8f3f6
Sha1:   80f21d2258991eaecca028683f58b16019bf9deb
Sha256: 50479fd6ff7c08b64aa01f0a415bba20d8ddd79a43becae604955e9086098cff

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9B6DE26FA7DE06195FF36D6AFF78292DDB38F9E6D21890B9458EC619FDF15DE1"
Last-Modified: Mon, 29 Aug 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1274
Expires: Tue, 30 Aug 2022 08:25:44 GMT
Date: Tue, 30 Aug 2022 08:04:30 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 30 Aug 2022 07:17:12 GMT
Cache-Control: max-age=3600
Expires: Tue, 30 Aug 2022 08:15:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t3AwPcouj38GFvkCrNDb308CfNMLYRjYFQIJ-FeRCNoUGIfGFW-i1Q==
Age: 2838


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /zone?pub=0&zone_id=3507687&is_mobile=false&domain=www.besquari.xyz&var=&ymid=&var_3= HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-length: 720
x-trace-id: 22c7f99bff3f3bd3301988c41de55585
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (719)
Size:   720
Md5:    de78a16d987b883e407098564f37de38
Sha1:   1c0e210f37c120761f8f97b7f4f47ac6a277359a
Sha256: cb7c74086b2338d2f834a5d7842632ee26bd1ea9cd819f0bd54160d72466fe4b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /custom HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 574
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-length: 39
x-trace-id: f6b09bc9fe00bc1f68a9e102ab33d491
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /custom HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 952
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-length: 39
x-trace-id: 29c206c7afb46fa753b56c2c4aca1fa9
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1157
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 08:04:31 GMT
Last-Modified: Tue, 30 Aug 2022 07:45:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /custom HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 583
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-length: 39
x-trace-id: bb80261cef71e83eedd64953c7bb5e35
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ZvIbc5Pzz3AzpOYhsZoVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.163.147.190
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: orNNEgOpxFP1jrDCHsHsHTsugRY=

                                        
                                            GET /sw-909c7.js?v=3.1.391&o=148c139e34e54be88ae34a15c013385a&pub=0&p=3507687 HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 163
last-modified: Wed, 29 Jun 2022 14:16:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 01:26:35 GMT
etag: "e997c4376faf2f8d6a01b2c6a25df730"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sQQpY2XpMBsHlXLhCeFtT_9o7QurB-28r_75HU7u7yL6IlHoLuxHlA==
age: 23878
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   163
Md5:    e997c4376faf2f8d6a01b2c6a25df730
Sha1:   4c1c5e3687757515b5da0221ca4a167bf9884c87
Sha256: 5520de348e5b67f4895cb96179bab87bafbbe16eb57cddd92ec4609f636af7ee
                                        
                                            GET /gid.js?pub=0&userId=148c139e34e54be88ae34a15c013385a&zoneId=3507687&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-length: 65
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=148c139e34e54be88ae34a15c013385a; expires=Wed, 30 Aug 2023 08:04:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    28e4eda814ffcd8ad17e7442bbf62104
Sha1:   3bc61fdfef6cf21c470ad5397a664fa4a6a22fe3
Sha256: 7e9e284cb62bbe9faba7ab12d9578fe299237e3f3712dd2c5c525b4439b41313
                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   39597
Md5:    58f602908da839e465ec40d676009884
Sha1:   98da39a24b132e2041be31ea56ae37679d07f97d
Sha256: 71d27622e1c5ea345f4e9b6bf06c665d1841df5ed8ac0eef638de5e96e4c48d3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /event HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /event HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 411
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-length: 94
x-trace-id: caa2ee780d40aa5d7ed63a308bb49e05
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   94
Md5:    ca06530ba93d2b0e6a66051e3dacb983
Sha1:   cb393171c81eefc079c78094fd8692ac952170f5
Sha256: 8f18c774bae7fef8a6e7d24e5e3542a2fb9806ed0256d90b81e58e8ef47ffe09

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 30 Aug 2022 08:04:32 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 06:25:19 GMT
Expires: Mon, 05 Sep 2022 06:25:18 GMT
Etag: "d20d93c4ed1b30a5e65d3a37c8873836a2e5c291"
Cache-Control: max-age=511845,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742c041efcb5fab8-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e82b5b-a56c-41b0-a279-56f51141a886.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7104
x-amzn-requestid: b25f82cc-2df3-473a-a799-aa3be6eb3034
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTR0GbUIAMF12g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3271-2a332bd536e5ba2822bf8a8f;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ta8pVV4YTiCFUbhiWa9E7tT-Jz0Vx0l-IfPO52usuWuuvy-boDc5xA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:50:49 GMT
age: 36823
etag: "1d99159e207d5010b802244d2ed5599845147ba1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7104
Md5:    27d8d37b27d0408328438cffd4f0aee8
Sha1:   1d99159e207d5010b802244d2ed5599845147ba1
Sha256: f69d79367acb29222021e5d3d0ff2bf4dbdced8adfe1291370a695144879d15b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0723d767-3952-4f23-b0f5-682645db0c35.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6934
x-amzn-requestid: d0b9c203-b693-4847-9aad-e2a59affc3f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdalkFNrIAMFbgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087156-518be58625dd3f260c9d0f52;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:08:06 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ZpfTeIaIIVzGU1G2tyxLFw1-y3LXTn9VaurmYFEPs5Qz0Ol5MH5_7w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 06:46:26 GMT
age: 4686
etag: "0fef4cc787f1b5d191a50cdeec5604a684b7c922"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6934
Md5:    4966645d4e5b352318554122607a075a
Sha1:   0fef4cc787f1b5d191a50cdeec5604a684b7c922
Sha256: 89c55c211ff2a2a1be8bcaf7dcf50bdb730b91c9fb7dde45316ee4998fbf2526
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8684
x-amzn-requestid: e02c26f6-e28d-4b3f-971a-f42cbbf67845
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTWIGH0oAMFpEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d328d-3183e76132b622350a75a86b;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: T1FGC5fMnwea3ltKnLgvqI1AueU8xp5ukWXnRptxDQoAH0DUbXPOEA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:59:22 GMT
age: 36310
etag: "20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8684
Md5:    4aa2a22c2851d082acd55c1c9782cee9
Sha1:   20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e
Sha256: d0d6a3cc781786f5377191e2b1f3495ac76f4f8af7c56291f761a49a167b8726
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10672
x-amzn-requestid: 9044b578-ffc7-4890-a16f-bf6d5e242f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWcEUnoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-4397932f1417f6ab2463c4b0;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uc8twk9uXve3wFxTvsZa_sg-aduiVBxXjTvOdqBc_BZmgw4BldMyHQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:15:20 GMT
age: 2952
etag: "bf1d4347e1641da5aebe6ae438c0431232ae6242"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10672
Md5:    9f9132960db725a095b0db1773dc6f69
Sha1:   bf1d4347e1641da5aebe6ae438c0431232ae6242
Sha256: 0e0b84df674d48517a04819604deb555c904518f093784691de4914b6ddb9e9d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321cc46f-c52c-4e14-b971-1c3736df4a23.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8059
x-amzn-requestid: 0645afa6-9d78-4bbf-a662-60af8affb5cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSwDHccIAMF4Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3199-7e1a9c0728ac5e2b670e7c3e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OpoDGPweKTm6W_HBDqt1SeQdTMtgR2fqyBwVQg91MgiW6PU7U7IMfQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:01:34 GMT
age: 36178
etag: "717e845ed02177c243fdc27f44b0189c0eea8cf7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8059
Md5:    b6343aab841cb5a4aeafd140c5dda50e
Sha1:   717e845ed02177c243fdc27f44b0189c0eea8cf7
Sha256: 783c8c5a9de5b4297c633db42c10fa4a9752eea970670ca10ff1c607a863ae6d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13af6d89-1e61-4bbe-bcfd-0ced9f0adccc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6016
x-amzn-requestid: 6b08b00e-9a66-495a-9ff5-230d2e7fb669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTz6FqxIAMFW4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d334c-110955ca7d08b521056fcd25;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:44:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TV6ykU-zZI2GEoxYQp0T4TkxNaSfaWQFiNDZczXoazxlOIq-H9PCCw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:08:13 GMT
etag: "af26d7b3fa647c85c764d7193c5232c2f7c7e464"
age: 35779
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6016
Md5:    3e3054d6e0a44ea80988e14f355914ea
Sha1:   af26d7b3fa647c85c764d7193c5232c2f7c7e464
Sha256: c95ece22aedd8669a8bae56552924baf2d9feb8f7873db24d4ac682970a0f985
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: text/html
                                        
date: Mon, 29 Aug 2022 22:41:44 GMT
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
etag: W/"4391cbaa2f2bcb92c1efafdffea9caea"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RBmxG3f6Ky5hqs6chSXKNl5pFC8xETxWVVTkGe3S8bQ4yGFtLPCk8Q==
age: 33767
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/fb-like.svg HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 29 Aug 2022 21:13:42 GMT
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
etag: W/"765203989756e91925e8f947e660b644"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kiVECWtlFm_72hlD1_bYlOrREbPPpr49UaqneKjAvv7qFjrG2P1BgQ==
age: 39049
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf HTTP/1.1 
Host: www.besquari.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.52
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: W/"faeeab905e832dbfc66bfaf3b62ac850"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2XSzVV3uuquliyP15IqS_bjqCrV-hbhiJK_g1EBbowEBlXlKP7ojfA==
age: 32648
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/tag.min.js?z=3507687 HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.391 HTTP/1.1 
Host: deefauph.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-20481"
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed