| crazy-spin.online/go/dc26c419-4bb2-4522-a4df-b592392dfbe7 | 3.70.16.242 | 302 Found | 514 B |
URL HTTP/1.1crazy-spin.online/go/dc26c419-4bb2-4522-a4df-b592392dfbe7 IP3.70.16.242:0
File typeHTML document, ASCII text, with very long lines (514), with no line terminators Hash9417fabb51063f4d39c5e5187da9f07a 0921cd99a98080561c051372b340e4899e9fd907 9cb68b848376a025d2279bb8d2780c2e1b62907389b15bd2da5eaf74eaa71fda
GET /go/dc26c419-4bb2-4522-a4df-b592392dfbe7 HTTP/1.1
Host: crazy-spin.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: openresty
Date: Tue, 30 Aug 2022 08:04:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 514
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Set-Cookie: bemob-uniq-visit:dc26c419-4bb2-4522-a4df-b592392dfbe7=1; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly
bemob-rotation:dc26c419-4bb2-4522-a4df-b592392dfbe7:random:7522d317def4089f9ffe6226f9a918eb=0-0-0; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly
bemob-track-url=https%3A%2F%2Fwww.besquari.xyz%2Fsweepstake6%2Fsweepstake-notix%2Fsweepstake-notix%2Fspinwheel%2FArabic-spinwheel-iphone13%2Findex.html%3Fbrand%3D%26bemobdata%3Dc%253Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%253Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%253D0..b%253D0; Domain=crazy-spin.online; Path=/; Expires=Wed, 31 Aug 2022 08:04:30 GMT; HttpOnly
Vary: Accept
X-Response-Time: 11.800ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash517693963cc46e7a35a054296d0edfd5 11dfcd7e118e5f8d31e664e56ac29c57f973b8b3 ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16428
Expires: Tue, 30 Aug 2022 12:38:18 GMT
Date: Tue, 30 Aug 2022 08:04:30 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash91dd975a7b17b2922dd23c0e49314e40 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 07:25:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZVBXdncOxQb7KdttYzIKmIbGwmaCuXdZznG-u4NeuLR9WmeNHRWOZQ==
Age: 2319
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.110 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.110:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fDd3ycmgIgdW6G9j4Su988H6h5Cv-viwdw0HDSjw7EXUmuKXQBzcOQ==
age: 34112
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hash7eeb3c615b54dfc0e43730093f359e0c 56b699af38df643ee77b2fe9108794fdcfa63599 677f07f8bbf946a88e552a20f2bae6b9a703e1f460b965d770e501d12b2abbd5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 08:04:30 GMT
Last-Modified: Tue, 30 Aug 2022 06:34:45 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fhxd7Ix5MMENdsQCBxNLlYxAYJC_a6_kkyqeI-nFsXbEsm8ssK2PAw==
Age: 5385
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/app.css?id=c588c17324f2be0e0ec9 | 54.230.111.52 | 200 OK | 33 B |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/app.css?id=c588c17324f2be0e0ec9 IP54.230.111.52:0
File typeASCII text, with no line terminators Hashc588c17324f2be0e0ec90a18f39e7d7c 69d360eddd15f527aac7f7e610346517732b7770 b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 33
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:52 GMT
etag: "c588c17324f2be0e0ec90a18f39e7d7c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lBTtfK40tKwKR9wQ2gY52gpKrNWj-lZAxp7fgyEtrvv4krsL3CMNKw==
age: 7546
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/notification.png | 54.230.111.52 | 200 OK | 449 B |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/notification.png IP54.230.111.52:0
File typePNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data Hashbd5203f2cc9e7a9125e4575e029541b0 9fa565ab2f4b55da4735b79e529562252b3c9afe db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 449
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "bd5203f2cc9e7a9125e4575e029541b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DxBslRE0JkomPm3vZlp_uJz2ntJcyhT7Q_f66fROQjJX2I6ZtDtKtQ==
age: 7528
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/prizewheel_spinner.jpg | 54.230.111.52 | 200 OK | 32 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/prizewheel_spinner.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data Hashd4655cba21d806e849eed4e4119fbe1a 6453039d85005643e9d65074ca022f63b5d47cdd 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 32496
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "d4655cba21d806e849eed4e4119fbe1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d364W_NcHmwJs6ti8RRbB7HA9gpgKL1pOLstvwZ2S1YhjeUOkubxRg==
age: 7753
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/default@0.5x.png | 54.230.111.52 | 200 OK | 32 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/default@0.5x.png IP54.230.111.52:0
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Hashc562f63263ffff2688791c38014b36bc 59fe19592cb3f6a2709c418026f0a1ddb12c1314 c331ce815fcd0ed99bc592c082eed6e51efd0f107d2ae967021d0273def59ae8
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 32266
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "c562f63263ffff2688791c38014b36bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O8tIlAxS-hvp72tTO_WLeEt-vk2tcXp9QmkOfl8EShqy1bM50UwuJg==
age: 7528
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/loader.gif | 54.230.111.52 | 200 OK | 5.1 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/loader.gif IP54.230.111.52:0
File typeGIF image data, version 89a, 50 x 50\012- data Hashed786659a534e0d183c09a90c50abc9d a6c3d90bfaa86a7cda490bc5d04c8939c31a414e cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 5083
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "ed786659a534e0d183c09a90c50abc9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vk8wLdSVADS75rWfQUqSUJp7pk8wx2M-obGaEVIWAh0HXVt_LfpxRA==
age: 7528
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50 | 54.230.111.52 | 200 OK | 977 B |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50 IP54.230.111.52:0
File typeASCII text, with very long lines (977), with no line terminators Hash70153298ff6fb62a5a503e72721f87e3 d8187ecb541a29f69f98478223a29fe36295cba3 b2354d697496125f1a21bf5dc497b877b87e51293538402e726a1c2bc146644b
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/app.js?id=70153298ff6fb62a5a50 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 977
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "70153298ff6fb62a5a503e72721f87e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EbeTn9-xkxX5xAtqqTXIT_u9Q7Nxu2se6a7LrSboh_yQt0LtJe4KJw==
age: 7546
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d | 54.230.111.52 | 200 OK | 4.5 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d IP54.230.111.52:0
Hash5c206692ade1fc227e1029ff9c8d7801 9dba56c22a30987ed11aff77b79861387aa50f9a f0a01408d69c36ce20d345da6170c594d3727a349ff7b1b378d2e5e82fe99b61
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/css/landers/prizewheel-fb/app.css?id=e87a829f5f34398d1f2d HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 30 Aug 2022 07:53:52 GMT
etag: W/"e87a829f5f34398d1f2d4ee0d9953dfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J-vB1bXIyzTz9F__VJiN_Bp_8ejUTI8SvM6GaUVnWkdjQWZ74bmzSw==
age: 24226
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/3@0.25x.jpg | 54.230.111.52 | 200 OK | 2.5 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/3@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hashe69e56799051d24a67414a67301ac984 7d7db0281213342c25abf9e08937e38c7d1e8449 cff50b269e3afdcf620ba9a8f6d3ac55b03a953136f3148d1b3296798bf57210
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/3@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2506
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "e69e56799051d24a67414a67301ac984"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zeZGrsVpmVF_bf88bjLggmrC4jI8WTSyrNIv_zsfGzzy6qwZ-fP6RQ==
age: 27022
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/3@0.25x.jpg | 54.230.111.52 | 200 OK | 3.3 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/3@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash49f1b40f2ed2ef127cb64293ae8b1524 7939aacf51d0ba9b4358cb17ef40eb91fa31e27b c5e6dbfaac2e982618aa4ea88a1785ca965b57f3149551f194cdaae2d8406a53
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/3@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3301
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "49f1b40f2ed2ef127cb64293ae8b1524"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A5mYmvHTboZi9ti4GnMGf6X7U_xylHoA_HvwA4G-jAMnCognXm172Q==
age: 26564
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/10@0.25x.jpg | 54.230.111.52 | 200 OK | 3.2 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/10@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hashf8002e02aac0ac1bb22d2c80f36ebf15 bf277a8747caf561b91a25860e772cf0f1a834a5 0e98e32d27f59276dc137de153e32c28220a635701413565a4646dc8361fd94c
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/10@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3175
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "f8002e02aac0ac1bb22d2c80f36ebf15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1ePH16IuzX4klphxG5Ftznny6pEiQsROmzCosEcRaZw7uYnHqGVNXA==
age: 11982
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/6@0.25x.jpg | 54.230.111.52 | 200 OK | 3.0 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/6@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash5f6bc62e6e66a94b4ce9b971a798ceff 05faaed9dbd1a5462485d4deeed888312a3b4973 cfa55f5831710c40e2429ec2528b080fb2e6b11b560abfa8eaa1710b63770af3
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/6@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2950
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "5f6bc62e6e66a94b4ce9b971a798ceff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ki6M9NNK3cZZjbGVK0r_MhxG6jc8Po1TaT1CyvwvGoN_OF0EHidNzg==
age: 3757
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/9@0.25x.jpg | 54.230.111.52 | 200 OK | 2.2 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/9@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash444a95e7661a07d48ae8a2b7d67792be e31aa744a72a17d6a3e04cd0e6f9a9fc59a47b59 d815f00761793a93ef88b73ea6451d9300a052ce64f454d30f9446af3bd9ccda
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/9@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2224
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "444a95e7661a07d48ae8a2b7d67792be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: THcIYYEZcZ8HUUwRJAtOWkrDvh4HEhrocSGC9I0ewXyWureWIHFY9A==
age: 2427
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/proof.jpg | 54.230.111.52 | 200 OK | 23 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/proof.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data Hash029d38095e06ced0688fd67a58e70781 b5bdaddeb39b947c35f883f001f34dd163bcb362 5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 23152
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "029d38095e06ced0688fd67a58e70781"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aQNDdnEVpbkoOtOVje8wq-0N22lgUOkIMYpTZTB2cYTloFPi-vyvNg==
age: 11982
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/5@0.25x.jpg | 54.230.111.52 | 200 OK | 2.8 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/5@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash6063e3355d6e928b55810c359ee1d382 a6a19cb61b8a8f9ed538a6467a7a41ed85fc01ad 9db1c16bd8c27942b3d83cff9d81462ced2b7827ab45fe53ff3fcec32ed138d9
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/5@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2787
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "6063e3355d6e928b55810c359ee1d382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QfzAWlmfns2cVr-71ZWrP8Zl10AP2RKP2i3_RqaIuxA80zYHr3vVqw==
age: 8418
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/1@0.25x.jpg | 54.230.111.52 | 200 OK | 2.9 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/1@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash4ccf612375cb7df45e271ecd2983281e db4bc5414c30c39531e38c9a3f34b087cd68b4b6 75f237c0722d2dd3ef7d7e4bad43a70ac57bad90c81b9cb8b9c9b445c0a76a1b
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/female/1@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2853
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "4ccf612375cb7df45e271ecd2983281e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9_r0q9YHGhXmZSX2eVmnQmMGuFBNbU7ZsaG-X5ZF_oZblWqCeZVLyA==
age: 26563
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/2@0.25x.jpg | 54.230.111.52 | 200 OK | 2.3 kB |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/2@0.25x.jpg IP54.230.111.52:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash07ee3d87dba4f97110c83432fcc8f3f6 80f21d2258991eaecca028683f58b16019bf9deb 50479fd6ff7c08b64aa01f0a415bba20d8ddd79a43becae604955e9086098cff
Analyzer | Verdict | Alert | urlquery | | Scam / Brand infringement |
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/profiles/mena/male/2@0.25x.jpg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2258
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: "07ee3d87dba4f97110c83432fcc8f3f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7dUgIt9w3FfYsBb4NsR-_Ys51714TWMSpmz-gOnqpnSqd9EiBncFIg==
age: 10494
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd1d7bdd048db63a74c1287f1b7b24c60 50e62d317dcb761cb74ad2cd1d02eb0436f9bfa6 9b6de26fa7de06195ff36d6aff78292ddb38f9e6d21890b9458ec619fdf15de1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B6DE26FA7DE06195FF36D6AFF78292DDB38F9E6D21890B9458EC619FDF15DE1"
Last-Modified: Mon, 29 Aug 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1274
Expires: Tue, 30 Aug 2022 08:25:44 GMT
Date: Tue, 30 Aug 2022 08:04:30 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 30 Aug 2022 07:17:12 GMT
Cache-Control: max-age=3600
Expires: Tue, 30 Aug 2022 08:15:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t3AwPcouj38GFvkCrNDb308CfNMLYRjYFQIJ-FeRCNoUGIfGFW-i1Q==
Age: 2838
|
|
| deefauph.com/zone?pub=0&zone_id=3507687&is_mobile=false&domain=www.besquari.xyz&var=&ymid=&var_3= | 139.45.197.251 | 200 OK | 720 B |
URL HTTP/2deefauph.com/zone?pub=0&zone_id=3507687&is_mobile=false&domain=www.besquari.xyz&var=&ymid=&var_3= IP139.45.197.251:0
File typeJSON data\012- , ASCII text, with very long lines (719) Hashde78a16d987b883e407098564f37de38 1c0e210f37c120761f8f97b7f4f47ac6a277359a cb7c74086b2338d2f834a5d7842632ee26bd1ea9cd819f0bd54160d72466fe4b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /zone?pub=0&zone_id=3507687&is_mobile=false&domain=www.besquari.xyz&var=&ymid=&var_3= HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/json; charset=utf-8
content-length: 720
x-trace-id: 22c7f99bff3f3bd3301988c41de55585
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deefauph.com/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| deefauph.com/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| deefauph.com/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 574
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f6b09bc9fe00bc1f68a9e102ab33d491
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| deefauph.com/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 952
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 29c206c7afb46fa753b56c2c4aca1fa9
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash482aaffff49fe5727a2771a30d1a5a51 f615becd41a1e28054d6f213db9646d26b48253a 0c9687ceab24c778de0010ff6d03991fd789a93290bf09e4026165decdf356b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1157
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 08:04:31 GMT
Last-Modified: Tue, 30 Aug 2022 07:45:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| deefauph.com/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /custom HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 583
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bb80261cef71e83eedd64953c7bb5e35
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.163.147.190 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.163.147.190:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ZvIbc5Pzz3AzpOYhsZoVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: orNNEgOpxFP1jrDCHsHsHTsugRY=
|
|
| www.besquari.xyz/sw-909c7.js?v=3.1.391&o=148c139e34e54be88ae34a15c013385a&pub=0&p=3507687 | 54.230.111.52 | 200 OK | 163 B |
URL HTTP/2www.besquari.xyz/sw-909c7.js?v=3.1.391&o=148c139e34e54be88ae34a15c013385a&pub=0&p=3507687 IP54.230.111.52:0
Hashe997c4376faf2f8d6a01b2c6a25df730 4c1c5e3687757515b5da0221ca4a167bf9884c87 5520de348e5b67f4895cb96179bab87bafbbe16eb57cddd92ec4609f636af7ee
GET /sw-909c7.js?v=3.1.391&o=148c139e34e54be88ae34a15c013385a&pub=0&p=3507687 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 163
last-modified: Wed, 29 Jun 2022 14:16:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Aug 2022 01:26:35 GMT
etag: "e997c4376faf2f8d6a01b2c6a25df730"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sQQpY2XpMBsHlXLhCeFtT_9o7QurB-28r_75HU7u7yL6IlHoLuxHlA==
age: 23878
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?pub=0&userId=148c139e34e54be88ae34a15c013385a&zoneId=3507687&checkDuplicate=true&ymid=&var= | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?pub=0&userId=148c139e34e54be88ae34a15c013385a&zoneId=3507687&checkDuplicate=true&ymid=&var= IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash28e4eda814ffcd8ad17e7442bbf62104 3bc61fdfef6cf21c470ad5397a664fa4a6a22fe3 7e9e284cb62bbe9faba7ab12d9578fe299237e3f3712dd2c5c525b4439b41313
GET /gid.js?pub=0&userId=148c139e34e54be88ae34a15c013385a&zoneId=3507687&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=148c139e34e54be88ae34a15c013385a; expires=Wed, 30 Aug 2023 08:04:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| deefauph.com/pfe/current/service-worker.min.js?r=sw | 139.45.197.251 | 200 OK | 40 kB |
URL HTTP/2deefauph.com/pfe/current/service-worker.min.js?r=sw IP139.45.197.251:0
Hash58f602908da839e465ec40d676009884 98da39a24b132e2041be31ea56ae37679d07f97d 71d27622e1c5ea345f4e9b6bf06c665d1841df5ed8ac0eef638de5e96e4c48d3
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| deefauph.com/event | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /event HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| deefauph.com/event | 139.45.197.251 | 200 OK | 94 B |
IP139.45.197.251:0
File typeJSON data\012- , ASCII text Hashca06530ba93d2b0e6a66051e3dacb983 cb393171c81eefc079c78094fd8692ac952170f5 8f18c774bae7fef8a6e7d24e5e3542a2fb9806ed0256d90b81e58e8ef47ffe09
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /event HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Content-Type: application/json
Origin: https://www.besquari.xyz
Content-Length: 411
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:32 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: caa2ee780d40aa5d7ed63a308bb49e05
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash9bff5b388e91cc067521e4269f699c96 d20d93c4ed1b30a5e65d3a37c8873836a2e5c291 3eea78d8113b58b2df1579c2b97582cfa5a3fe5617254666cf7dce18ae78ae8e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 08:04:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 06:25:19 GMT
Expires: Mon, 05 Sep 2022 06:25:18 GMT
Etag: "d20d93c4ed1b30a5e65d3a37c8873836a2e5c291"
Cache-Control: max-age=511845,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742c041efcb5fab8-OSL
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16233
Expires: Tue, 30 Aug 2022 12:35:05 GMT
Date: Tue, 30 Aug 2022 08:04:32 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e82b5b-a56c-41b0-a279-56f51141a886.jpeg | 34.120.237.76 | 200 OK | 7.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e82b5b-a56c-41b0-a279-56f51141a886.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash27d8d37b27d0408328438cffd4f0aee8 1d99159e207d5010b802244d2ed5599845147ba1 f69d79367acb29222021e5d3d0ff2bf4dbdced8adfe1291370a695144879d15b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e82b5b-a56c-41b0-a279-56f51141a886.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b25f82cc-2df3-473a-a799-aa3be6eb3034
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTR0GbUIAMF12g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3271-2a332bd536e5ba2822bf8a8f;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ta8pVV4YTiCFUbhiWa9E7tT-Jz0Vx0l-IfPO52usuWuuvy-boDc5xA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:50:49 GMT
age: 36823
etag: "1d99159e207d5010b802244d2ed5599845147ba1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0723d767-3952-4f23-b0f5-682645db0c35.jpeg | 34.120.237.76 | 200 OK | 6.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0723d767-3952-4f23-b0f5-682645db0c35.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4966645d4e5b352318554122607a075a 0fef4cc787f1b5d191a50cdeec5604a684b7c922 89c55c211ff2a2a1be8bcaf7dcf50bdb730b91c9fb7dde45316ee4998fbf2526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0723d767-3952-4f23-b0f5-682645db0c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6934
x-amzn-requestid: d0b9c203-b693-4847-9aad-e2a59affc3f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdalkFNrIAMFbgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087156-518be58625dd3f260c9d0f52;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:08:06 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ZpfTeIaIIVzGU1G2tyxLFw1-y3LXTn9VaurmYFEPs5Qz0Ol5MH5_7w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 06:46:26 GMT
age: 4686
etag: "0fef4cc787f1b5d191a50cdeec5604a684b7c922"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4aa2a22c2851d082acd55c1c9782cee9 20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e d0d6a3cc781786f5377191e2b1f3495ac76f4f8af7c56291f761a49a167b8726
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8684
x-amzn-requestid: e02c26f6-e28d-4b3f-971a-f42cbbf67845
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTWIGH0oAMFpEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d328d-3183e76132b622350a75a86b;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: T1FGC5fMnwea3ltKnLgvqI1AueU8xp5ukWXnRptxDQoAH0DUbXPOEA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:59:22 GMT
age: 36310
etag: "20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9f9132960db725a095b0db1773dc6f69 bf1d4347e1641da5aebe6ae438c0431232ae6242 0e0b84df674d48517a04819604deb555c904518f093784691de4914b6ddb9e9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10672
x-amzn-requestid: 9044b578-ffc7-4890-a16f-bf6d5e242f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWcEUnoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-4397932f1417f6ab2463c4b0;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uc8twk9uXve3wFxTvsZa_sg-aduiVBxXjTvOdqBc_BZmgw4BldMyHQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:15:20 GMT
age: 2952
etag: "bf1d4347e1641da5aebe6ae438c0431232ae6242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321cc46f-c52c-4e14-b971-1c3736df4a23.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321cc46f-c52c-4e14-b971-1c3736df4a23.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb6343aab841cb5a4aeafd140c5dda50e 717e845ed02177c243fdc27f44b0189c0eea8cf7 783c8c5a9de5b4297c633db42c10fa4a9752eea970670ca10ff1c607a863ae6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321cc46f-c52c-4e14-b971-1c3736df4a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: 0645afa6-9d78-4bbf-a662-60af8affb5cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSwDHccIAMF4Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3199-7e1a9c0728ac5e2b670e7c3e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OpoDGPweKTm6W_HBDqt1SeQdTMtgR2fqyBwVQg91MgiW6PU7U7IMfQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:01:34 GMT
age: 36178
etag: "717e845ed02177c243fdc27f44b0189c0eea8cf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13af6d89-1e61-4bbe-bcfd-0ced9f0adccc.jpeg | 34.120.237.76 | 200 OK | 6.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13af6d89-1e61-4bbe-bcfd-0ced9f0adccc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3e3054d6e0a44ea80988e14f355914ea af26d7b3fa647c85c764d7193c5232c2f7c7e464 c95ece22aedd8669a8bae56552924baf2d9feb8f7873db24d4ac682970a0f985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13af6d89-1e61-4bbe-bcfd-0ced9f0adccc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6016
x-amzn-requestid: 6b08b00e-9a66-495a-9ff5-230d2e7fb669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTz6FqxIAMFW4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d334c-110955ca7d08b521056fcd25;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:44:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TV6ykU-zZI2GEoxYQp0T4TkxNaSfaWQFiNDZczXoazxlOIq-H9PCCw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:08:13 GMT
etag: "af26d7b3fa647c85c764d7193c5232c2f7c7e464"
content-type: image/jpeg
age: 35779
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 | 54.230.111.52 | 200 OK | 0 B |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 IP54.230.111.52:0
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0 HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
date: Mon, 29 Aug 2022 22:41:44 GMT
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
etag: W/"4391cbaa2f2bcb92c1efafdffea9caea"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RBmxG3f6Ky5hqs6chSXKNl5pFC8xETxWVVTkGe3S8bQ4yGFtLPCk8Q==
age: 33767
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/fb-like.svg | 54.230.111.52 | 200 OK | 0 B |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/fb-like.svg IP54.230.111.52:0
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/img/fb-like.svg HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 29 Aug 2022 21:13:42 GMT
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
etag: W/"765203989756e91925e8f947e660b644"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kiVECWtlFm_72hlD1_bYlOrREbPPpr49UaqneKjAvv7qFjrG2P1BgQ==
age: 39049
X-Firefox-Spdy: h2
|
|
| www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf | 54.230.111.52 | 200 OK | 0 B |
URL HTTP/2www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf IP54.230.111.52:0
GET /sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/js/landers/prizewheel-fb/app.js?id=a1804ccdb473eaf8e1bf HTTP/1.1
Host: www.besquari.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/sweepstake6/sweepstake-notix/sweepstake-notix/spinwheel/Arabic-spinwheel-iphone13/index.html?brand=&bemobdata=c%3Ddc26c419-4bb2-4522-a4df-b592392dfbe7..l%3Df48b0c62-dcdd-49fe-b94a-82e6b4350a41..a%3D0..b%3D0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Jun 2022 14:16:59 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 30 Aug 2022 07:53:53 GMT
etag: W/"faeeab905e832dbfc66bfaf3b62ac850"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2XSzVV3uuquliyP15IqS_bjqCrV-hbhiJK_g1EBbowEBlXlKP7ojfA==
age: 32648
X-Firefox-Spdy: h2
|
|
| deefauph.com/pfe/current/tag.min.js?z=3507687 | 139.45.197.251 | 200 OK | 0 B |
URL HTTP/2deefauph.com/pfe/current/tag.min.js?z=3507687 IP139.45.197.251:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pfe/current/tag.min.js?z=3507687 HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.besquari.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| deefauph.com/pfe/current/universal.min.js?v=3.1.391 | 139.45.197.251 | 200 OK | 0 B |
URL HTTP/2deefauph.com/pfe/current/universal.min.js?v=3.1.391 IP139.45.197.251:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pfe/current/universal.min.js?v=3.1.391 HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.besquari.xyz/
Origin: https://www.besquari.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 08:04:30 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:18:11 GMT
etag: W/"63037403-20481"
access-control-allow-origin: https://www.besquari.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|