Report - crazy-spin.online/go/dc26c419-4bb2-4522-a4df-b592392dfbe7

Report Overview

Submitted URL
crazy-spin.online/go/dc26c419-4bb2-4522-a4df-b592392dfbe7
IP
3.70.16.242
ASN
#16509 AMAZON-02
Submitted
2022-08-30 08:04:41
Access
Website Title
Final URL
Tags
None
urlquery detections
Scam / Brand infringement

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	2.0 kB	5.3 kB	23.36.77.32
www.besquari.xyz	unknown	2022-06-25T13:56:29Z	2023-02-20T21:20:31Z	14 kB	131 kB	54.230.111.52
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	329 B	737 B	93.184.220.29
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-06T08:18:39Z	466 B	745 B	139.45.195.8
deefauph.com	135892	2021-03-12T14:41:43Z	2023-03-06T05:25:29Z	4.9 kB	45 kB	139.45.197.251
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	35.163.147.190
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-06T05:59:33Z	328 B	963 B	104.18.32.68
crazy-spin.online	unknown	2021-04-27T23:07:23Z	2023-03-03T10:05:20Z	376 B	1.8 kB	3.70.16.242
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	944 B	54.230.245.39
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.2 kB	54 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed
2022-08-30	medium	deefauph.com	Sinkholed

JavaScript (12)

	URL	Size	First Seen	Last Seen
	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0	739 B	2023-03-07	2023-03-17
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 11:40:17 Times Seen1 Hash 3ba067c76e5d0353c6a4beb5330c7d82 0018cb4f2ba193bf4b6769c307b33f87a28b7627 21d23e2456ca179190dc4ead483966e1b08e93952f6db87ce3735e6c1d05a04e Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0	449 B	2023-03-07	2023-03-17
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 11:40:17 Times Seen1 Hash 0f5a505a1787260b3d86f6a7e446bdd3 656a0d53fa874f1bf0381713c607df18f73cc192 f479f59761171f46f2d4486ef20172c9b827f853384cf47baae7d3b63398352d Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0	356 B	2023-03-07	2023-05-12
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-05-12 03:32:49 Times Seen16 Hash e02313e28c8aeea48513925c2b6dc3a2 be0e6afbb8f40e432370aff8fa102799b7cc37a0 ad275e3a1d4703ae55dc544726babf9f578e9e296402d1f22e4aa9597a18c86c Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50	977 B	2023-03-07	2024-05-03
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:49 Last Seen2024-05-03 05:12:58 Times Seen367 Hash 70153298ff6fb62a5a503e72721f87e3 d8187ecb541a29f69f98478223a29fe36295cba3 b2354d697496125f1a21bf5dc497b877b87e51293538402e726a1c2bc146644b Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf	150 kB	2023-03-07	2024-05-03
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:50 Last Seen2024-05-03 05:12:58 Times Seen262 Hash faeeab905e832dbfc66bfaf3b62ac850 6d1ec2fc7a9272ee979d29a3e7f1ca5a16d25dea b63d2122f578c1c74c5509f248d6791b26e21a9c7241e2fe53ab48f40cccdc54 Loading...

	deefauph.com/pfe/current/tag.min.js?z=3507687	15 kB	2023-03-07	2023-03-17
Pretty URL deefauph.com/pfe/current/tag.min.js?z=3507687 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2023-03-17 10:42:13 Times Seen1 Hash a07ba0c74dad72bfaad85603463ecda7 054664eccd4a1034b384f774712abcfc602f68d3 d625629118237abaad5fefb48e104a7220d26759d022955c9ee584285328de2a Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0	104 kB	2023-03-07	2023-03-17
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2023-03-17 10:42:12 Times Seen1 Hash 34950529500b4d2641b06fb0cdc93033 9880dd158e504df578d8f4574774de8dd1d12219 9699e87124fdbd7fab5a285a51edd5b1e422b3461e8522be969e3b5e9f00c07e Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0	170 B	2023-03-07	2023-03-07
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:49 Last Seen2023-03-07 12:58:47 Times Seen1 Hash 13a385b0b57e44a8e235946bdf82cecd 49dcf9c78ea1e0329362f4afa11346fc9ebca817 b3294243f33f5f23e8b9465ed63970f69057cea5295ae64c2de4611cb7567881 Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0	2.4 kB	2023-03-07	2024-05-04
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-05-04 17:57:25 Times Seen621 Hash 3de97a04efa668b184b092ff551ac9e8 2fe11e92ea1ea24345fd14ebd9744e0c6dca6058 63e13915687fc7e341faccaa8ec2b288e808f1be5d88d605a46741442f3929b0 Loading...

	www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0	103 B	2023-03-07	2023-03-07
Pretty URL www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP 54.230.111.52 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:50 Last Seen2023-03-07 01:19:50 Times Seen1 Hash 135432b763093c5374cb5e2890299f05 46b570163571d0ca3de401cbf3e5b229cc0e44dc 8ac514db1ae54a5e0f04dbc2865c86ad80ad105b718eb4e8bc8ad408fe796e7d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5f29ec86039b97c3b4c084b125a19f5b	80 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 01:19:50 Last Seen2023-03-07 01:19:50 Times Seen1 Hash 5f29ec86039b97c3b4c084b125a19f5b 7b0fe38b2d2231b2f02af7d5a8d3fa01d3e7e1c8 d70cbe966b1a5e95190c7529644a012b0c72e13168848bef5fde38962e282236 Loading...

	#2 Eval - f7fef8930207b23ec9c04386f9a02c76	24 B	2023-03-07	2024-05-09
Pretty Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-09 23:05:24 Times Seen9442 Hash f7fef8930207b23ec9c04386f9a02c76 146273d1c716700bb25aaa15e8595624b611ffdf 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3 Loading...

HTTP Transactions (53)

URL IP Response Size

crazy-spin.online/go/dc26c419-4bb2-4522-a4df-b592392dfbe7

3.70.16.242

302 Found

514 B

URL HTTP/1.1
crazy-spin.online/go/dc26c419-4bb2-4522-a4df-b592392dfbe7
IP
3.70.16.242:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (514), with no line terminators
Size
514 B (514 bytes)
Hash
9417fabb51063f4d39c5e5187da9f07a
0921cd99a98080561c051372b340e4899e9fd907
9cb68b848376a025d2279bb8d2780c2e1b62907389b15bd2da5eaf74eaa71fda

HTTP Headers

GET /go/dc26c419-4bb2-4522-a4df-b592392dfbe7 HTTP/1.1
Host: crazy-spin.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: openresty
Date: Tue, 30 Aug 2022 08:04:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 514
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Set-Cookie: bemob-uniq-visit:dc26c419-4bb2-4522-a4df-b592392dfbe7=1; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly
bemob-rotation:dc26c419-4bb2-4522-a4df-b592392dfbe7:random:7522d317def4089f9ffe6226f9a918eb=0-0-0; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly
bemob-track-url=https%3A%2F%2Fwww.besquari.xyz%2Fsweepstake6%2Fsweepstake-notix%2Fsweepstake-notix%2Fspinwheel%2FArabic-spinwheel-iphone13%2Findex.html%3Fbrand%3D%26bemobdata%3Dc%253Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%253Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%253D0..b%253D0; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly
Vary: Accept
X-Response-Time: 11.800ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16428
Expires: Tue, 30 Aug 2022 12:38:18 GMT
Date: Tue, 30 Aug 2022 08:04:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 07:25:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZVBXdncOxQb7KdttYzIKmIbGwmaCuXdZznG-u4NeuLR9WmeNHRWOZQ==
Age: 2319

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fDd3ycmgIgdW6G9j4Su988H6h5Cv-viwdw0HDSjw7EXUmuKXQBzcOQ==
age: 34112
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
7eeb3c615b54dfc0e43730093f359e0c
56b699af38df643ee77b2fe9108794fdcfa63599
677f07f8bbf946a88e552a20f2bae6b9a703e1f460b965d770e501d12b2abbd5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 08:04:30 GMT
Last-Modified: Tue, 30 Aug 2022 06:34:45 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fhxd7Ix5MMENdsQCBxNLlYxAYJC_a6_kkyqeI-nFsXbEsm8ssK2PAw==
Age: 5385

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/app.css?id=c588c17324f2be0e0ec9

54.230.111.52

200 OK

33 B

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/app.css?id=c588c17324f2be0e0ec9
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
c588c17324f2be0e0ec90a18f39e7d7c
69d360eddd15f527aac7f7e610346517732b7770
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 33
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:52 GMT
etag: "c588c17324f2be0e0ec90a18f39e7d7c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lBTtfK40tKwKR9wQ2gY52gpKrNWj-lZAxp7fgyEtrvv4krsL3CMNKw==
age: 7546
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/notification.png

54.230.111.52

200 OK

449 B

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/notification.png
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Size
449 B (449 bytes)
Hash
bd5203f2cc9e7a9125e4575e029541b0
9fa565ab2f4b55da4735b79e529562252b3c9afe
db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 449
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "bd5203f2cc9e7a9125e4575e029541b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DxBslRE0JkomPm3vZlp_uJz2ntJcyhT7Q_f66fROQjJX2I6ZtDtKtQ==
age: 7528
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/prizewheel_spinner.jpg

54.230.111.52

200 OK

32 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Size
32 kB (32496 bytes)
Hash
d4655cba21d806e849eed4e4119fbe1a
6453039d85005643e9d65074ca022f63b5d47cdd
90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 32496
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "d4655cba21d806e849eed4e4119fbe1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d364W_NcHmwJs6ti8RRbB7HA9gpgKL1pOLstvwZ2S1YhjeUOkubxRg==
age: 7753
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/default@0.5x.png

54.230.111.52

200 OK

32 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/default@0.5x.png
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (32266 bytes)
Hash
c562f63263ffff2688791c38014b36bc
59fe19592cb3f6a2709c418026f0a1ddb12c1314
c331ce815fcd0ed99bc592c082eed6e51efd0f107d2ae967021d0273def59ae8

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 32266
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "c562f63263ffff2688791c38014b36bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O8tIlAxS-hvp72tTO_WLeEt-vk2tcXp9QmkOfl8EShqy1bM50UwuJg==
age: 7528
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/loader.gif

54.230.111.52

200 OK

5.1 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/loader.gif
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 50 x 50\012- data
Size
5.1 kB (5083 bytes)
Hash
ed786659a534e0d183c09a90c50abc9d
a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 5083
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "ed786659a534e0d183c09a90c50abc9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vk8wLdSVADS75rWfQUqSUJp7pk8wx2M-obGaEVIWAh0HXVt_LfpxRA==
age: 7528
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50

54.230.111.52

200 OK

977 B

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (977), with no line terminators
Size
977 B (977 bytes)
Hash
70153298ff6fb62a5a503e72721f87e3
d8187ecb541a29f69f98478223a29fe36295cba3
b2354d697496125f1a21bf5dc497b877b87e51293538402e726a1c2bc146644b

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 977
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "70153298ff6fb62a5a503e72721f87e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EbeTn9-xkxX5xAtqqTXIT_u9Q7Nxu2se6a7LrSboh_yQt0LtJe4KJw==
age: 7546
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d

54.230.111.52

200 OK

4.5 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
data
Size
4.5 kB (4479 bytes)
Hash
5c206692ade1fc227e1029ff9c8d7801
9dba56c22a30987ed11aff77b79861387aa50f9a
f0a01408d69c36ce20d345da6170c594d3727a349ff7b1b378d2e5e82fe99b61

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 30 Aug 2022 07:53:52 GMT
etag: W/"e87a829f5f34398d1f2d4ee0d9953dfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J-vB1bXIyzTz9F__VJiN_Bp_8ejUTI8SvM6GaUVnWkdjQWZ74bmzSw==
age: 24226
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/3@0.25x.jpg

54.230.111.52

200 OK

2.5 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/3@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.5 kB (2506 bytes)
Hash
e69e56799051d24a67414a67301ac984
7d7db0281213342c25abf9e08937e38c7d1e8449
cff50b269e3afdcf620ba9a8f6d3ac55b03a953136f3148d1b3296798bf57210

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/3@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2506
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "e69e56799051d24a67414a67301ac984"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zeZGrsVpmVF_bf88bjLggmrC4jI8WTSyrNIv_zsfGzzy6qwZ-fP6RQ==
age: 27022
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/3@0.25x.jpg

54.230.111.52

200 OK

3.3 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/3@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
3.3 kB (3301 bytes)
Hash
49f1b40f2ed2ef127cb64293ae8b1524
7939aacf51d0ba9b4358cb17ef40eb91fa31e27b
c5e6dbfaac2e982618aa4ea88a1785ca965b57f3149551f194cdaae2d8406a53

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/3@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 3301
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "49f1b40f2ed2ef127cb64293ae8b1524"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A5mYmvHTboZi9ti4GnMGf6X7U_xylHoA_HvwA4G-jAMnCognXm172Q==
age: 26564
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/10@0.25x.jpg

54.230.111.52

200 OK

3.2 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/10@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
3.2 kB (3175 bytes)
Hash
f8002e02aac0ac1bb22d2c80f36ebf15
bf277a8747caf561b91a25860e772cf0f1a834a5
0e98e32d27f59276dc137de153e32c28220a635701413565a4646dc8361fd94c

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/10@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 3175
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "f8002e02aac0ac1bb22d2c80f36ebf15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1ePH16IuzX4klphxG5Ftznny6pEiQsROmzCosEcRaZw7uYnHqGVNXA==
age: 11982
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/6@0.25x.jpg

54.230.111.52

200 OK

3.0 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/6@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
3.0 kB (2950 bytes)
Hash
5f6bc62e6e66a94b4ce9b971a798ceff
05faaed9dbd1a5462485d4deeed888312a3b4973
cfa55f5831710c40e2429ec2528b080fb2e6b11b560abfa8eaa1710b63770af3

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/6@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2950
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "5f6bc62e6e66a94b4ce9b971a798ceff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ki6M9NNK3cZZjbGVK0r_MhxG6jc8Po1TaT1CyvwvGoN_OF0EHidNzg==
age: 3757
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/9@0.25x.jpg

54.230.111.52

200 OK

2.2 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/9@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.2 kB (2224 bytes)
Hash
444a95e7661a07d48ae8a2b7d67792be
e31aa744a72a17d6a3e04cd0e6f9a9fc59a47b59
d815f00761793a93ef88b73ea6451d9300a052ce64f454d30f9446af3bd9ccda

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/9@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2224
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "444a95e7661a07d48ae8a2b7d67792be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: THcIYYEZcZ8HUUwRJAtOWkrDvh4HEhrocSGC9I0ewXyWureWIHFY9A==
age: 2427
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/proof.jpg

54.230.111.52

200 OK

23 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/proof.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data
Size
23 kB (23152 bytes)
Hash
029d38095e06ced0688fd67a58e70781
b5bdaddeb39b947c35f883f001f34dd163bcb362
5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 23152
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "029d38095e06ced0688fd67a58e70781"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aQNDdnEVpbkoOtOVje8wq-0N22lgUOkIMYpTZTB2cYTloFPi-vyvNg==
age: 11982
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/5@0.25x.jpg

54.230.111.52

200 OK

2.8 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/5@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.8 kB (2787 bytes)
Hash
6063e3355d6e928b55810c359ee1d382
a6a19cb61b8a8f9ed538a6467a7a41ed85fc01ad
9db1c16bd8c27942b3d83cff9d81462ced2b7827ab45fe53ff3fcec32ed138d9

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/5@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2787
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "6063e3355d6e928b55810c359ee1d382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QfzAWlmfns2cVr-71ZWrP8Zl10AP2RKP2i3_RqaIuxA80zYHr3vVqw==
age: 8418
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/1@0.25x.jpg

54.230.111.52

200 OK

2.9 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/1@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.9 kB (2853 bytes)
Hash
4ccf612375cb7df45e271ecd2983281e
db4bc5414c30c39531e38c9a3f34b087cd68b4b6
75f237c0722d2dd3ef7d7e4bad43a70ac57bad90c81b9cb8b9c9b445c0a76a1b

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/1@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2853
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "4ccf612375cb7df45e271ecd2983281e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9_r0q9YHGhXmZSX2eVmnQmMGuFBNbU7ZsaG-X5ZF_oZblWqCeZVLyA==
age: 26563
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/2@0.25x.jpg

54.230.111.52

200 OK

2.3 kB

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/2@0.25x.jpg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.3 kB (2258 bytes)
Hash
07ee3d87dba4f97110c83432fcc8f3f6
80f21d2258991eaecca028683f58b16019bf9deb
50479fd6ff7c08b64aa01f0a415bba20d8ddd79a43becae604955e9086098cff

Detections

Analyzer	Verdict	Alert
urlquery		Scam / Brand infringement

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/2@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2258
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "07ee3d87dba4f97110c83432fcc8f3f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7dUgIt9w3FfYsBb4NsR-_Ys51714TWMSpmz-gOnqpnSqd9EiBncFIg==
age: 10494
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d1d7bdd048db63a74c1287f1b7b24c60
50e62d317dcb761cb74ad2cd1d02eb0436f9bfa6
9b6de26fa7de06195ff36d6aff78292ddb38f9e6d21890b9458ec619fdf15de1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B6DE26FA7DE06195FF36D6AFF78292DDB38F9E6D21890B9458EC619FDF15DE1"
Last-Modified: Mon, 29 Aug 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1274
Expires: Tue, 30 Aug 2022 08:25:44 GMT
Date: Tue, 30 Aug 2022 08:04:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 30 Aug 2022 07:17:12 GMT
Cache-Control: max-age=3600
Expires: Tue, 30 Aug 2022 08:15:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t3AwPcouj38GFvkCrNDb308CfNMLYRjYFQIJ-FeRCNoUGIfGFW-i1Q==
Age: 2838

deefauph.com/zone?pub=0&zone_id=3507687&is_mobile=false&domain=www.besquari.xyz&var=&ymid=&var_3=

139.45.197.251

200 OK

720 B

URL HTTP/2
deefauph.com/zone?pub=0&zone_id=3507687&is_mobile=false&domain=www.besquari.xyz&var=&ymid=&var_3=
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (719)
Size
720 B (720 bytes)
Hash
de78a16d987b883e407098564f37de38
1c0e210f37c120761f8f97b7f4f47ac6a277359a
cb7c74086b2338d2f834a5d7842632ee26bd1ea9cd819f0bd54160d72466fe4b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=3507687&is_mobile=false&domain=www.besquari.xyz&var=&ymid=&var_3= HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/json; charset=utf-8
content-length: 720
x-trace-id: 22c7f99bff3f3bd3301988c41de55585
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

deefauph.com/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
deefauph.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

deefauph.com/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
deefauph.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

deefauph.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
deefauph.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 574
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f6b09bc9fe00bc1f68a9e102ab33d491
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

deefauph.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
deefauph.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 952
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 29c206c7afb46fa753b56c2c4aca1fa9
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
482aaffff49fe5727a2771a30d1a5a51
f615becd41a1e28054d6f213db9646d26b48253a
0c9687ceab24c778de0010ff6d03991fd789a93290bf09e4026165decdf356b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1157
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 08:04:31 GMT
Last-Modified: Tue, 30 Aug 2022 07:45:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

deefauph.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
deefauph.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 583
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bb80261cef71e83eedd64953c7bb5e35
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.147.190

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.147.190:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ZvIbc5Pzz3AzpOYhsZoVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: orNNEgOpxFP1jrDCHsHsHTsugRY=

www.besquari.xyz/sw-909c7.js?v=3.1.391&o=148c139e34e54be88ae34a15c013385a&pub=0&p=3507687

54.230.111.52

200 OK

163 B

URL HTTP/2
www.besquari.xyz/sw-909c7.js?v=3.1.391&o=148c139e34e54be88ae34a15c013385a&pub=0&p=3507687
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
163 B (163 bytes)
Hash
e997c4376faf2f8d6a01b2c6a25df730
4c1c5e3687757515b5da0221ca4a167bf9884c87
5520de348e5b67f4895cb96179bab87bafbbe16eb57cddd92ec4609f636af7ee

HTTP Headers

GET /sw-909c7.js?v=3.1.391&o=148c139e34e54be88ae34a15c013385a&pub=0&p=3507687 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 163
last-modified: Wed, 29 Jun 2022 14:16:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 01:26:35 GMT
etag: "e997c4376faf2f8d6a01b2c6a25df730"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sQQpY2XpMBsHlXLhCeFtT_9o7QurB-28r_75HU7u7yL6IlHoLuxHlA==
age: 23878
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=148c139e34e54be88ae34a15c013385a&zoneId=3507687&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=148c139e34e54be88ae34a15c013385a&zoneId=3507687&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
28e4eda814ffcd8ad17e7442bbf62104
3bc61fdfef6cf21c470ad5397a664fa4a6a22fe3
7e9e284cb62bbe9faba7ab12d9578fe299237e3f3712dd2c5c525b4439b41313

HTTP Headers

GET /gid.js?pub=0&userId=148c139e34e54be88ae34a15c013385a&zoneId=3507687&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=148c139e34e54be88ae34a15c013385a; expires=Wed, 30 Aug 2023 08:04:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

deefauph.com/pfe/current/service-worker.min.js?r=sw

139.45.197.251

200 OK

40 kB

URL HTTP/2
deefauph.com/pfe/current/service-worker.min.js?r=sw
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
data
Size
40 kB (39597 bytes)
Hash
58f602908da839e465ec40d676009884
98da39a24b132e2041be31ea56ae37679d07f97d
71d27622e1c5ea345f4e9b6bf06c665d1841df5ed8ac0eef638de5e96e4c48d3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

deefauph.com/event

139.45.197.251

200 OK

0 B

URL HTTP/2
deefauph.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

deefauph.com/event

139.45.197.251

200 OK

94 B

URL HTTP/2
deefauph.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
ca06530ba93d2b0e6a66051e3dacb983
cb393171c81eefc079c78094fd8692ac952170f5
8f18c774bae7fef8a6e7d24e5e3542a2fb9806ed0256d90b81e58e8ef47ffe09

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 411
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: caa2ee780d40aa5d7ed63a308bb49e05
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9bff5b388e91cc067521e4269f699c96
d20d93c4ed1b30a5e65d3a37c8873836a2e5c291
3eea78d8113b58b2df1579c2b97582cfa5a3fe5617254666cf7dce18ae78ae8e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 08:04:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 06:25:19 GMT
Expires: Mon, 05 Sep 2022 06:25:18 GMT
Etag: "d20d93c4ed1b30a5e65d3a37c8873836a2e5c291"
Cache-Control: max-age=511845,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742c041efcb5fab8-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e82b5b-a56c-41b0-a279-56f51141a886.jpeg

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e82b5b-a56c-41b0-a279-56f51141a886.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7104 bytes)
Hash
27d8d37b27d0408328438cffd4f0aee8
1d99159e207d5010b802244d2ed5599845147ba1
f69d79367acb29222021e5d3d0ff2bf4dbdced8adfe1291370a695144879d15b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e82b5b-a56c-41b0-a279-56f51141a886.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b25f82cc-2df3-473a-a799-aa3be6eb3034
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTR0GbUIAMF12g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3271-2a332bd536e5ba2822bf8a8f;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ta8pVV4YTiCFUbhiWa9E7tT-Jz0Vx0l-IfPO52usuWuuvy-boDc5xA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:50:49 GMT
age: 36823
etag: "1d99159e207d5010b802244d2ed5599845147ba1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0723d767-3952-4f23-b0f5-682645db0c35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6934 bytes)
Hash
4966645d4e5b352318554122607a075a
0fef4cc787f1b5d191a50cdeec5604a684b7c922
89c55c211ff2a2a1be8bcaf7dcf50bdb730b91c9fb7dde45316ee4998fbf2526

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0723d767-3952-4f23-b0f5-682645db0c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6934
x-amzn-requestid: d0b9c203-b693-4847-9aad-e2a59affc3f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdalkFNrIAMFbgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087156-518be58625dd3f260c9d0f52;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:08:06 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ZpfTeIaIIVzGU1G2tyxLFw1-y3LXTn9VaurmYFEPs5Qz0Ol5MH5_7w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 06:46:26 GMT
age: 4686
etag: "0fef4cc787f1b5d191a50cdeec5604a684b7c922"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8684 bytes)
Hash
4aa2a22c2851d082acd55c1c9782cee9
20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e
d0d6a3cc781786f5377191e2b1f3495ac76f4f8af7c56291f761a49a167b8726

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8684
x-amzn-requestid: e02c26f6-e28d-4b3f-971a-f42cbbf67845
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTWIGH0oAMFpEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d328d-3183e76132b622350a75a86b;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: T1FGC5fMnwea3ltKnLgvqI1AueU8xp5ukWXnRptxDQoAH0DUbXPOEA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:59:22 GMT
age: 36310
etag: "20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10672 bytes)
Hash
9f9132960db725a095b0db1773dc6f69
bf1d4347e1641da5aebe6ae438c0431232ae6242
0e0b84df674d48517a04819604deb555c904518f093784691de4914b6ddb9e9d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10672
x-amzn-requestid: 9044b578-ffc7-4890-a16f-bf6d5e242f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWcEUnoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-4397932f1417f6ab2463c4b0;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uc8twk9uXve3wFxTvsZa_sg-aduiVBxXjTvOdqBc_BZmgw4BldMyHQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:15:20 GMT
age: 2952
etag: "bf1d4347e1641da5aebe6ae438c0431232ae6242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321cc46f-c52c-4e14-b971-1c3736df4a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8059 bytes)
Hash
b6343aab841cb5a4aeafd140c5dda50e
717e845ed02177c243fdc27f44b0189c0eea8cf7
783c8c5a9de5b4297c633db42c10fa4a9752eea970670ca10ff1c607a863ae6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321cc46f-c52c-4e14-b971-1c3736df4a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: 0645afa6-9d78-4bbf-a662-60af8affb5cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSwDHccIAMF4Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3199-7e1a9c0728ac5e2b670e7c3e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OpoDGPweKTm6W_HBDqt1SeQdTMtgR2fqyBwVQg91MgiW6PU7U7IMfQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:01:34 GMT
age: 36178
etag: "717e845ed02177c243fdc27f44b0189c0eea8cf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13af6d89-1e61-4bbe-bcfd-0ced9f0adccc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6016 bytes)
Hash
3e3054d6e0a44ea80988e14f355914ea
af26d7b3fa647c85c764d7193c5232c2f7c7e464
c95ece22aedd8669a8bae56552924baf2d9feb8f7873db24d4ac682970a0f985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13af6d89-1e61-4bbe-bcfd-0ced9f0adccc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6016
x-amzn-requestid: 6b08b00e-9a66-495a-9ff5-230d2e7fb669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTz6FqxIAMFW4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d334c-110955ca7d08b521056fcd25;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:44:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TV6ykU-zZI2GEoxYQp0T4TkxNaSfaWQFiNDZczXoazxlOIq-H9PCCw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:08:13 GMT
etag: "af26d7b3fa647c85c764d7193c5232c2f7c7e464"
content-type: image/jpeg
age: 35779
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0

54.230.111.52

200 OK

0 B

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
date: Mon, 29 Aug 2022 22:41:44 GMT
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
etag: W/"4391cbaa2f2bcb92c1efafdffea9caea"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RBmxG3f6Ky5hqs6chSXKNl5pFC8xETxWVVTkGe3S8bQ4yGFtLPCk8Q==
age: 33767
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/fb-like.svg

54.230.111.52

200 OK

0 B

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/fb-like.svg
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/fb-like.svg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 29 Aug 2022 21:13:42 GMT
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
etag: W/"765203989756e91925e8f947e660b644"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kiVECWtlFm_72hlD1_bYlOrREbPPpr49UaqneKjAvv7qFjrG2P1BgQ==
age: 39049
X-Firefox-Spdy: h2

www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf

54.230.111.52

200 OK

0 B

URL HTTP/2
www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: W/"faeeab905e832dbfc66bfaf3b62ac850"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2XSzVV3uuquliyP15IqS_bjqCrV-hbhiJK_g1EBbowEBlXlKP7ojfA==
age: 32648
X-Firefox-Spdy: h2

deefauph.com/pfe/current/tag.min.js?z=3507687

139.45.197.251

200 OK

0 B

URL HTTP/2
deefauph.com/pfe/current/tag.min.js?z=3507687
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/tag.min.js?z=3507687 HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

deefauph.com/pfe/current/universal.min.js?v=3.1.391

139.45.197.251

200 OK

0 B

URL HTTP/2
deefauph.com/pfe/current/universal.min.js?v=3.1.391
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.391 HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-20481"
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations