Report - crazyoffer.in/?clickid=39444118

Report Overview

Submitted URL
crazyoffer.in/?clickid=39444118
IP
172.67.194.51
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 07:14:36
Access
public
Website Title
crazyoffer.in/?clickid=39444118
Final URL
crazyoffer.in/?clickid=39444118
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn0.cuelinks.com	unknown	2012-03-06	2012-12-16	2024-01-22	3.3 kB	46 kB	104.26.11.161
crazyoffer.in	unknown	unknown	No data	No data	1.4 kB	14 kB	172.67.194.51
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-05-05	433 B	20 kB	172.67.142.245
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-06	999 B	1.1 kB	139.45.197.250
jouteetu.net	260109	2021-07-08	2021-07-15	2024-05-06	1.3 kB	1.9 kB	139.45.197.251
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-06	443 B	69 kB	104.18.11.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	441 B	1.4 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	521 B	8.7 kB	142.250.74.67
cdn.onesignal.com	3015	2011-09-10	2015-04-22	2024-05-06	425 B	2.5 kB	104.17.111.223
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	429 B	28 kB	104.17.25.14
www.freepnglogos.com	169270	2016-10-07	2017-02-09	2024-05-01	480 B	126 kB	78.46.22.25
woudaufe.net	unknown	2022-10-03	2022-10-03	2024-04-30	1.1 kB	38 kB	139.45.197.251
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-06	449 B	146 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	woudaufe.net	Sinkholed
2024-05-07	medium	amunfezanttor.com	Sinkholed
2024-05-07	medium	amunfezanttor.com	Sinkholed
2024-05-07	medium	woudaufe.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	crazyoffer.in/?clickid=39444118	664 B	2024-05-07	2024-05-07
Pretty URL crazyoffer.in/?clickid=39444118 IP 172.67.194.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 09:14:42 Last Seen2024-05-07 09:14:42 Times Seen1 Hash 25eba5253b729899777f132a766b2b4a 8082852d32bfbe637174adf6dd9948180aa3473b 3189b276a700f42719b98010a2d22b024ebccae02c02dadc5c528f64e05f6845 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js	68 kB	2023-03-07	2024-05-17
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-05-17 09:24:59 Times Seen1670 Hash 98d2c1da1c0a495f8fc8ad144ea1d3d2 a0f7a287003f6d0c8a2543e6183fdc14417b6793 bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-19 17:47:38 Times Seen68036 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js	1.7 kB	2024-05-03	2024-05-19
Pretty URL cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js IP 104.17.111.223 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 21:47:14 Last Seen2024-05-19 18:04:17 Times Seen119 Hash e97acd0bc7104d45af67c0c1d883418e 0deae2a69922785d45b51d53c4e6fce053631742 d1cc8e2214a41a9230081c383912319694ad158fac9483a22ec3f6230af88826 Loading...

	woudaufe.net/pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js	37 kB	2024-04-25	2024-05-15
Pretty URL woudaufe.net/pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

HTTP Transactions (25)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
27 kB (27277 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 568057
expires: Sun, 27 Apr 2025 07:14:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8eRvlvBbxqb9CLfCtznBDQb15nP8Kn%2BjHdii0ev0Fayo0iICZ2%2Fp6ygvQAqsPRXGTHyBEHD8quloRNH41Vx2O9Qr7f5q1odo7X6etMSCDCKHR8PaPv5E1ZQ3r%2Bxk63Xw5zIFnU8z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ff6960e8ffb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn0.cuelinks.com/merchant/2126/medium/tata.png?1495706175

104.26.11.161

200 OK

3.8 kB

URL GET HTTP/2
cdn0.cuelinks.com/merchant/2126/medium/tata.png?1495706175
IP
104.26.11.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectcuelinks.com
Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45
ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT

File type
PNG image data, 250 x 100, 8-bit colormap, non-interlaced
Size
3.8 kB (3824 bytes)
Hash
d3bb0a062c45e9e823d8e7bc24a70166
9e81a7378bd4bd9025d4332d98d9e154e6f193ed
e6a226370ee096cfee0326ba5877a6a3394ad74b3eda776d3f2aa2b19a30592c

HTTP Headers

GET /merchant/2126/medium/tata.png?1495706175 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/png
content-length: 3824
cf-bgj: imgq:85,h2pri
cf-polished: origSize=4258
etag: "0f2f836bd943162c0d0cfb64977d5617"
last-modified: Thu, 25 May 2017 09:56:17 GMT
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-id: ScBfgbLnUDSJ-YTDy53D6f9Kcj2_32S6dR85W9RyiGRF4rQy1p_TSg==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oH3dN%2FiLkW2s%2BZEtzF7hi9o7LMUoGTYwo%2FzflWtd8vMUXzLbtktBv6Nx6n%2Fcb4vQZllkCt7j%2BMyLqFuN6eO79rOK7uqIvSDbge9OQ40niVBRYhNFFTlFsxUv7M2VCq4XPr2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f12b503-OSL
X-Firefox-Spdy: h2

crazyoffer.in/?clickid=39444118

172.67.194.51

200 OK

3.9 kB

URL User Request GET HTTP/2
crazyoffer.in/?clickid=39444118
IP
172.67.194.51:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcrazyoffer.in
Fingerprint0C:73:AD:88:12:89:0F:D2:6B:DD:AA:E2:DA:B4:74:C9:64:F6:25:6B
ValiditySun, 05 May 2024 09:27:04 GMT - Sat, 03 Aug 2024 09:27:03 GMT

File type
HTML document, ASCII text
Size
3.9 kB (3855 bytes)
Hash
1c4b16ec476dd8452a929644fc5df90a
c34bbc19a502f25fed1e74a8a3ab9a3d8bccc4a7
a6f9acf8a16b4275816af4becd46591a73d2da071b5ff695b24f82f24ddb0969

HTTP Headers

GET /?clickid=39444118 HTTP/1.1
Host: crazyoffer.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WB56Xq%2BbXX7adW8NYWW7D4gjffo47tTmG7esy9Ro2KJ2sxXxmbjrUL739s7Ug9sdNsxa0Dbi%2BNUo3del8%2BDripOpbgJM5NwhLVRjD5dE44KsICkA5oGAkUmJDGSK4ih"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff695c3a05b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn0.cuelinks.com/merchant/645/medium/Amazon.png?1487933195

104.26.11.161

200 OK

6.7 kB

URL GET HTTP/2
cdn0.cuelinks.com/merchant/645/medium/Amazon.png?1487933195
IP
104.26.11.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectcuelinks.com
Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45
ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT

File type
PNG image data, 250 x 100, 8-bit colormap, non-interlaced
Size
6.7 kB (6700 bytes)
Hash
fdc1df60f7096f5611c96406b997fc82
3ebd936f54d03de5a69599592d2ba40a413f3935
794e0e423761fa33c5bcd06c1a9ce5ac3134106852bdb818ffa17eaf22258fee

HTTP Headers

GET /merchant/645/medium/Amazon.png?1487933195 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/png
content-length: 6700
cf-bgj: imgq:85,h2pri
cf-polished: origSize=7484
etag: "9968e7b8ad907f0d4bb25ae5ed2151a9"
last-modified: Fri, 24 Feb 2017 10:46:37 GMT
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-id: 94BdMjWUuup1W9a39lEfeGzZ8JP0Ec296DDfZBmHGXQXC5_HktP9vQ==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dj5tMwyLLoDkoRZJWe1Ij4JjoBTe%2FS0iaCO7uddAOV9psKFxAk7um7IFnigc5fsn45YSNO0tpZRvGTWqyVcK8EL08xSu3LedRluv4zcYXPqaeveNAqIBJbVBNyklRv3VKckn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f1ab503-OSL
X-Firefox-Spdy: h2

cdn0.cuelinks.com/merchant/2011/medium/udemy.png?1626699157

104.26.11.161

200 OK

3.7 kB

URL GET HTTP/2
cdn0.cuelinks.com/merchant/2011/medium/udemy.png?1626699157
IP
104.26.11.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectcuelinks.com
Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45
ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT

File type
PNG image data, 250 x 100, 8-bit/color RGB, non-interlaced
Size
3.7 kB (3736 bytes)
Hash
7751724e7b40be13b8473987377e95c2
1aef3236364eb84e0f9c223a2830b1ecf2a213eb
625e7e5b1f2ec6cd7cdb42860655b8d1549825c5b365cc3c2c4e7a1246c1cb7e

HTTP Headers

GET /merchant/2011/medium/udemy.png?1626699157 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/png
content-length: 3736
cf-bgj: imgq:85,h2pri
cf-polished: origSize=5201
etag: "3603ea50750663ad238d73573c4c7a21"
last-modified: Mon, 19 Jul 2021 12:52:39 GMT
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-id: KUyCCVoLCu3HpSww0qOrccf1wo8T8ZGi33j1wj91OJSDri7UwqnPNw==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsZuuTUoJrq5eNJ3EQZ3gPQIBHNI2HceY1MQPTdjrN6V4haAL7d6zFEHwbGnKwitrajPbcFXedxOBoy4XEWnFhv9KYy38COehiqMXzzY4%2F18TTJq9mEM9Qa5hTeFyJwaHzgG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f24b503-OSL
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.2/css/all.css

172.67.142.245

200 OK

20 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.2/css/all.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54456), with no line terminators
Size
20 kB (19731 bytes)
Hash
7b1d7f457d056ace7b230b587b9f3753
4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

HTTP Headers

GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 572190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bierjCIzfcM3KhmZZOyvOFpaUO4UWpLB4tJPTu%2B5GOP6Fc2UAI8pvtCBc0Kh%2BAR7S4JRO0Gq9r0p01W7XZDkGXHdQzH%2B0ILlZ4SyKT2KVTKwldLEpMIZfa2Yxxovhrx0yyFUTtKz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff6961e9efb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.freepnglogos.com/uploads/plane-png/plane-png-fort-wayne-international-airport-2.png

78.46.22.25

200 OK

125 kB

URL GET HTTP/2
www.freepnglogos.com/uploads/plane-png/plane-png-fort-wayne-international-airport-2.png
IP
78.46.22.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectfreepnglogos.com
Fingerprint58:80:0B:38:10:AC:0D:46:99:F2:1E:50:E5:2A:A1:8C:62:D0:D2:39
ValidityTue, 12 Mar 2024 22:31:19 GMT - Mon, 10 Jun 2024 22:31:18 GMT

File type
PNG image data, 442 x 396, 8-bit/color RGBA, non-interlaced
Size
125 kB (125188 bytes)
Hash
e348b545adbb0254432ee3f116383ee1
b19fb1a1ded087d9401051ec0195c7e5e90dc832
193955d771028af984813fe4d3cbac1cb13208624aa4173b4e89e84f84faae2c

HTTP Headers

GET /uploads/plane-png/plane-png-fort-wayne-international-airport-2.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 125188
last-modified: Sat, 20 Aug 2022 14:09:52 GMT
etag: "6300eb30-1e904"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

woudaufe.net/zone?&pub=0&zone_id=7429629&is_mobile=false&domain=crazyoffer.in&var=null&ymid=39444118&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ffad619c-04e7-48f0-ab35-8678307984cc&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
woudaufe.net/zone?&pub=0&zone_id=7429629&is_mobile=false&domain=crazyoffer.in&var=null&ymid=39444118&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ffad619c-04e7-48f0-ab35-8678307984cc&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectwoudaufe.net
Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5
ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=7429629&is_mobile=false&domain=crazyoffer.in&var=null&ymid=39444118&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ffad619c-04e7-48f0-ab35-8678307984cc&action=prerequest HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-length: 0
x-trace-id: b44478237d8e518c807461290546f80e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 297
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 607a7a1f174c8618b013757c0cf0a376
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 299
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2cbe487d6fc61cabc4ff83271a9a81fc
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 300
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 761b4bc3033bc339d3e44caebbde0834
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://crazyoffer.in/
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
39d70f59d248d3790e51c3109bda965a
bf468f0f519cebb0a0dd36a5de4c0c7d9fa098a3
37b423f13694d4d68e1bbf89911684e69410fc0e1f15ba8a95bd4b609b85ebe7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crazyoffer.in/
Content-Type: application/json
Content-Length: 998
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn0.cuelinks.com/merchant/47/medium/FC-Logo-big_store_tagline.png?1582718962

104.26.11.161

200 OK

14 kB

URL GET HTTP/2
cdn0.cuelinks.com/merchant/47/medium/FC-Logo-big_store_tagline.png?1582718962
IP
104.26.11.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectcuelinks.com
Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45
ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT

File type
PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced
Size
14 kB (14124 bytes)
Hash
576b9492c258e76d402eeb2589a62eeb
9f74209a017c0417798a3ac28d7a2ec399d7425c
57dbb899142eb952c8a7f199311be2ba9030a30f883e0d74b738405937ac7036

HTTP Headers

GET /merchant/47/medium/FC-Logo-big_store_tagline.png?1582718962 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 14124
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18345
etag: "fdf3337c73732e527209fa97fa2ac63e"
last-modified: Wed, 26 Feb 2020 12:09:26 GMT
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: re5CbpA5MCS2VmWAsW8VnNwfD-Hmki6jdELfK6zjPSXFH9_fbSy19w==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNzPQ2mcXCo0iap5rdCDn376Q%2BEAx4vVnL5AMs%2FJohB4%2BVAulptyOycA8LkJ0T9yhpVDbbu6XAK%2BP3d5mj%2FsP%2BcqZYaibjt%2B9Y4BR779dFZySb0bS4Rv6VNpttEgNYxFR0sv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f17b503-OSL
X-Firefox-Spdy: h2

cdn0.cuelinks.com/merchant/16/medium/Big-Rock.png?1493898201

104.26.11.161

200 OK

4.0 kB

URL GET HTTP/2
cdn0.cuelinks.com/merchant/16/medium/Big-Rock.png?1493898201
IP
104.26.11.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectcuelinks.com
Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45
ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT

File type
PNG image data, 250 x 100, 8-bit colormap, non-interlaced
Size
4.0 kB (4014 bytes)
Hash
876d79b299352daf8171d15ab47e7654
5d038f5d392e6d64aece95db8cc275b84b61a2d7
da41a4773f73dc1994c540c20d6f751a67f9f76430139785ecff601eb44ec1aa

HTTP Headers

GET /merchant/16/medium/Big-Rock.png?1493898201 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 4014
cf-bgj: imgq:85,h2pri
cf-polished: origSize=4363
etag: "1db671044833690775773bfd7cca7ebb"
last-modified: Thu, 04 May 2017 11:43:23 GMT
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-id: toRKUt0-nTPQ_hS56ZxL94ko3i_7K1h9w9otiSeZHOExwdMwyj4_eA==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMg4snFJ%2Bf9h57KCRamm%2BSUrL4eK%2FLStufmxtIfH84POiDTTMfgfR%2Ft34X7Ez0J%2B38hJbKsBZGUPzUWtDxBeHBVsWhphvsyFE0CNBPmJrva4TMSG5K4pyA5gsHaVLSaLSrxg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f20b503-OSL
X-Firefox-Spdy: h2

cdn0.cuelinks.com/merchant/1/medium/Flipkart.png?1487937945

104.26.11.161

200 OK

5.6 kB

URL GET HTTP/2
cdn0.cuelinks.com/merchant/1/medium/Flipkart.png?1487937945
IP
104.26.11.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectcuelinks.com
Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45
ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT

File type
PNG image data, 250 x 100, 8-bit colormap, non-interlaced
Size
5.6 kB (5555 bytes)
Hash
71a30942618ae221889631af68853433
b9c56cd8816df21320419b0227920f5dcb0c9197
1ce6fcf7d9d8ddbc4522a901619b9e27e912dd0c1bb294ee01733eed2604e2b3

HTTP Headers

GET /merchant/1/medium/Flipkart.png?1487937945 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 5555
cf-bgj: imgq:85,h2pri
cf-polished: origSize=6368
etag: "8093bccf0251329e339bfae4522c0998"
last-modified: Fri, 24 Feb 2017 12:05:46 GMT
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-id: WzIJg0r1eC868_oLVWNDTAkYllGTnb0YCnZ0ZgNADpzjOsigHNrDvQ==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6eQlhIsVu0NvVSpPknyV%2BPXQtTbNkU0NxiWS%2Bqq8XX08uaOjjm%2BHpdY2AR9%2FxE8%2BnCy%2BrOnUmOZaEjMV%2F68v0VW3A7fNUEdleaImaOq3fwWcwylHp5f5qsgPTzKehWtEQN9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f15b503-OSL
X-Firefox-Spdy: h2

crazyoffer.in/favicon.ico

172.67.194.51

404 Not Found

7.9 kB

URL GET HTTP/3
crazyoffer.in/favicon.ico
IP
172.67.194.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerGoogle Trust Services LLC
Subjectcrazyoffer.in
Fingerprint0C:73:AD:88:12:89:0F:D2:6B:DD:AA:E2:DA:B4:74:C9:64:F6:25:6B
ValiditySun, 05 May 2024 09:27:04 GMT - Sat, 03 Aug 2024 09:27:03 GMT

File type
HTML document, ASCII text
Size
7.9 kB (7894 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: crazyoffer.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/?clickid=39444118
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 07 May 2024 07:14:12 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suVZLnSqKdZ2VtHBgXj3QLT6vy%2BnYudoXG3%2BMytrDYJzmgNksTgpFyauZerro9EOLWi%2BcNHdp9Eic%2FsI7CWKUElMRudk%2FCiQNyLZHED3PGNczqM2ws2XcQDocUuF43pH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff6967adfa5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.11.207

200 OK

145 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65325)
Size
145 kB (144877 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 10/31/2023 18:48:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6f2d14e9436097e66447b103aa0360de
cdn-cache: HIT
cf-cache-status: HIT
age: 563750
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ff6960face56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js

104.18.11.207

200 OK

68 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65298)
Size
68 kB (67742 bytes)
Hash
98d2c1da1c0a495f8fc8ad144ea1d3d2
a0f7a287003f6d0c8a2543e6183fdc14417b6793
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"98d2c1da1c0a495f8fc8ad144ea1d3d2"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 17:49:46
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6a56f242ace5e5833a5a9f508b6b148e
cdn-cache: HIT
cf-cache-status: HIT
age: 557892
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ff6960eac356bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

woudaufe.net/pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js

139.45.197.251

200 OK

37 kB

URL GET HTTP/2
woudaufe.net/pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectwoudaufe.net
Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5
ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT

File type
JavaScript source, ASCII text, with very long lines (37142), with no line terminators
Size
37 kB (37142 bytes)
Hash
32d6dbd00a639e2cd10d1704b9159bd5
0dab4c95675393f1d0e13d20f13d80ee12e41d95
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins&display=swap

142.250.74.106

200 OK

781 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (799), with no line terminators
Size
781 B (781 bytes)
Hash
f2734c367eb54d2729867445e0ea79a8
18f8b32901dae48bedc55cc12baca116e56e6bb7
d5f6fe55368116052648d76167ba4c103db2e0e52680340cd0cb014d3f6cf1d4

HTTP Headers

GET /css2?family=Poppins&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 07:14:10 GMT
date: Tue, 07 May 2024 07:14:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn0.cuelinks.com/campaigns/101/thumb/myntra.jpg?1613124982

104.26.11.161

200 OK

1.9 kB

URL GET HTTP/2
cdn0.cuelinks.com/campaigns/101/thumb/myntra.jpg?1613124982
IP
104.26.11.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerLet's Encrypt
Subjectcuelinks.com
Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45
ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x40, components 3
Size
1.9 kB (1877 bytes)
Hash
4d3dcd5b0f851eef02fad0854af40f00
f91b2905b3fc0e42094bba0eb9c573658e657f87
68519648dd537bd6f9c2d2b01c98bf7a92760c12022c6ddcdfd6297487312a93

HTTP Headers

GET /campaigns/101/thumb/myntra.jpg?1613124982 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/jpeg
content-length: 1877
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=2919
etag: "facfbff33bea1ed6e9ea11aa978642f2"
last-modified: Fri, 12 Feb 2021 10:16:25 GMT
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-id: zZxAmsIflTawK1s1eLbOXtqcR_w0cVe1TeTSysFXaic687MMhpdTzw==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fmhVLTwKsAz1J17YW%2BqwH5OU9bwR1DQZNQivxtefx67%2BhkC%2FnpjFtiLg9ZjvPr0Hce%2Fk6eQ0qFGccc1YNa7L20Hqz9BRklVXffdFmQCEADI07Q7FbaVW7HIKUMkH9L6gQOM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f21b503-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.67

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 386219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

104.17.111.223

200 OK

1.7 kB

URL GET HTTP/2
cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
IP
104.17.111.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerGoogle Trust Services LLC
Subjectonesignal.com
Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70
ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT

File type
JavaScript source, ASCII text, with very long lines (1766), with no line terminators
Size
1.7 kB (1741 bytes)
Hash
17ba573ef8bde8f7bae54697ae98b376
56fe76e7c409cb8648a811dc6c6fb81a7af5d772
e2067dd5fb289b0bc34fe8d08b17eced27667f4d216f10cfa596a2d2f679d592

HTTP Headers

GET /sdks/web/v16/OneSignalSDK.page.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: application/javascript
etag: W/"e97acd0bc7104d45af67c0c1d883418e"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1711
expires: Fri, 10 May 2024 07:14:10 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=6al4wuggk4wrzN_IeXB1QbWT7JPp3gmToI9fWL26aQw-1715066050-1.0.1.1-wOiL1PiFszxX0aZtJND0.I7pXXjAo9sN5Oxvd3A._pBoGlL193h3_rNQav5QvEhK5KoFTLcz2VijYFfvKxb9lQ; path=/; expires=Tue, 07-May-24 07:44:10 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 87ff6960ba9db524-OSL
content-encoding: br
X-Firefox-Spdy: h2

crazyoffer.in/sw-check-permissions-019e0.js?var=null&ymid=39444118&zoneId=7429629

172.67.194.51

200 OK

566 B

URL GET HTTP/3
crazyoffer.in/sw-check-permissions-019e0.js?var=null&ymid=39444118&zoneId=7429629
IP
172.67.194.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://crazyoffer.in/?clickid=39444118
Certificate
IssuerGoogle Trust Services LLC
Subjectcrazyoffer.in
Fingerprint0C:73:AD:88:12:89:0F:D2:6B:DD:AA:E2:DA:B4:74:C9:64:F6:25:6B
ValiditySun, 05 May 2024 09:27:04 GMT - Sat, 03 Aug 2024 09:27:03 GMT

File type
ASCII text, with very long lines (605), with no line terminators
Size
566 B (566 bytes)
Hash
650a25602d99ab9186c8e7f2afd8364e
b45f0aa5a9a14b557087a44a8ba6ff91aa36a580
688121780d111d68ff12b20a9a160366784ed398fb75820b3ab059fd8d2c2c20

HTTP Headers

GET /sw-check-permissions-019e0.js?var=null&ymid=39444118&zoneId=7429629 HTTP/1.1
Host: crazyoffer.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/?clickid=39444118
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 07:14:12 GMT
content-type: application/javascript
last-modified: Sat, 04 May 2024 13:37:40 GMT
etag: W/"236-617a0f0b0e08a-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WwG4vvAI6c2nf6ABbypMXHaOGy90Tq6l%2B%2B77iTLb2nm2nJyOEFU7BBLdSCTkg9nkfSwF9wkb7aZFlKvVz6NmLpXkkvrPmQPH2m8FVjnR49GYDjHq6B%2B%2BkyvQJs%2B2eG1s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff69683f095688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (25)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers