| cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js | 104.17.25.14 | 200 OK | 27 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP104.17.25.14:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 568057
expires: Sun, 27 Apr 2025 07:14:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8eRvlvBbxqb9CLfCtznBDQb15nP8Kn%2BjHdii0ev0Fayo0iICZ2%2Fp6ygvQAqsPRXGTHyBEHD8quloRNH41Vx2O9Qr7f5q1odo7X6etMSCDCKHR8PaPv5E1ZQ3r%2Bxk63Xw5zIFnU8z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ff6960e8ffb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn0.cuelinks.com/merchant/2126/medium/tata.png?1495706175 | 104.26.11.161 | 200 OK | 3.8 kB |
URL GET HTTP/2cdn0.cuelinks.com/merchant/2126/medium/tata.png?1495706175 IP104.26.11.161:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectcuelinks.com Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45 ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT
File typePNG image data, 250 x 100, 8-bit colormap, non-interlaced Hashd3bb0a062c45e9e823d8e7bc24a70166 9e81a7378bd4bd9025d4332d98d9e154e6f193ed e6a226370ee096cfee0326ba5877a6a3394ad74b3eda776d3f2aa2b19a30592c
GET /merchant/2126/medium/tata.png?1495706175 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/png
content-length: 3824
cf-bgj: imgq:85,h2pri
cf-polished: origSize=4258
etag: "0f2f836bd943162c0d0cfb64977d5617"
last-modified: Thu, 25 May 2017 09:56:17 GMT
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-id: ScBfgbLnUDSJ-YTDy53D6f9Kcj2_32S6dR85W9RyiGRF4rQy1p_TSg==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oH3dN%2FiLkW2s%2BZEtzF7hi9o7LMUoGTYwo%2FzflWtd8vMUXzLbtktBv6Nx6n%2Fcb4vQZllkCt7j%2BMyLqFuN6eO79rOK7uqIvSDbge9OQ40niVBRYhNFFTlFsxUv7M2VCq4XPr2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f12b503-OSL
X-Firefox-Spdy: h2
|
|
| crazyoffer.in/?clickid=39444118 | 172.67.194.51 | 200 OK | 3.9 kB |
URL User Request GET HTTP/2crazyoffer.in/?clickid=39444118 IP172.67.194.51:443
CertificateIssuerGoogle Trust Services LLC Subjectcrazyoffer.in Fingerprint0C:73:AD:88:12:89:0F:D2:6B:DD:AA:E2:DA:B4:74:C9:64:F6:25:6B ValiditySun, 05 May 2024 09:27:04 GMT - Sat, 03 Aug 2024 09:27:03 GMT
File typeHTML document, ASCII text Hash1c4b16ec476dd8452a929644fc5df90a c34bbc19a502f25fed1e74a8a3ab9a3d8bccc4a7 a6f9acf8a16b4275816af4becd46591a73d2da071b5ff695b24f82f24ddb0969
GET /?clickid=39444118 HTTP/1.1
Host: crazyoffer.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WB56Xq%2BbXX7adW8NYWW7D4gjffo47tTmG7esy9Ro2KJ2sxXxmbjrUL739s7Ug9sdNsxa0Dbi%2BNUo3del8%2BDripOpbgJM5NwhLVRjD5dE44KsICkA5oGAkUmJDGSK4ih"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff695c3a05b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn0.cuelinks.com/merchant/645/medium/Amazon.png?1487933195 | 104.26.11.161 | 200 OK | 6.7 kB |
URL GET HTTP/2cdn0.cuelinks.com/merchant/645/medium/Amazon.png?1487933195 IP104.26.11.161:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectcuelinks.com Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45 ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT
File typePNG image data, 250 x 100, 8-bit colormap, non-interlaced Hashfdc1df60f7096f5611c96406b997fc82 3ebd936f54d03de5a69599592d2ba40a413f3935 794e0e423761fa33c5bcd06c1a9ce5ac3134106852bdb818ffa17eaf22258fee
GET /merchant/645/medium/Amazon.png?1487933195 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/png
content-length: 6700
cf-bgj: imgq:85,h2pri
cf-polished: origSize=7484
etag: "9968e7b8ad907f0d4bb25ae5ed2151a9"
last-modified: Fri, 24 Feb 2017 10:46:37 GMT
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-id: 94BdMjWUuup1W9a39lEfeGzZ8JP0Ec296DDfZBmHGXQXC5_HktP9vQ==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dj5tMwyLLoDkoRZJWe1Ij4JjoBTe%2FS0iaCO7uddAOV9psKFxAk7um7IFnigc5fsn45YSNO0tpZRvGTWqyVcK8EL08xSu3LedRluv4zcYXPqaeveNAqIBJbVBNyklRv3VKckn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f1ab503-OSL
X-Firefox-Spdy: h2
|
|
| cdn0.cuelinks.com/merchant/2011/medium/udemy.png?1626699157 | 104.26.11.161 | 200 OK | 3.7 kB |
URL GET HTTP/2cdn0.cuelinks.com/merchant/2011/medium/udemy.png?1626699157 IP104.26.11.161:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectcuelinks.com Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45 ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT
File typePNG image data, 250 x 100, 8-bit/color RGB, non-interlaced Hash7751724e7b40be13b8473987377e95c2 1aef3236364eb84e0f9c223a2830b1ecf2a213eb 625e7e5b1f2ec6cd7cdb42860655b8d1549825c5b365cc3c2c4e7a1246c1cb7e
GET /merchant/2011/medium/udemy.png?1626699157 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/png
content-length: 3736
cf-bgj: imgq:85,h2pri
cf-polished: origSize=5201
etag: "3603ea50750663ad238d73573c4c7a21"
last-modified: Mon, 19 Jul 2021 12:52:39 GMT
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-id: KUyCCVoLCu3HpSww0qOrccf1wo8T8ZGi33j1wj91OJSDri7UwqnPNw==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsZuuTUoJrq5eNJ3EQZ3gPQIBHNI2HceY1MQPTdjrN6V4haAL7d6zFEHwbGnKwitrajPbcFXedxOBoy4XEWnFhv9KYy38COehiqMXzzY4%2F18TTJq9mEM9Qa5hTeFyJwaHzgG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f24b503-OSL
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.7.2/css/all.css | 172.67.142.245 | 200 OK | 20 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.7.2/css/all.css IP172.67.142.245:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (54456), with no line terminators Hash7b1d7f457d056ace7b230b587b9f3753 4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 572190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bierjCIzfcM3KhmZZOyvOFpaUO4UWpLB4tJPTu%2B5GOP6Fc2UAI8pvtCBc0Kh%2BAR7S4JRO0Gq9r0p01W7XZDkGXHdQzH%2B0ILlZ4SyKT2KVTKwldLEpMIZfa2Yxxovhrx0yyFUTtKz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff6961e9efb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.freepnglogos.com/uploads/plane-png/plane-png-fort-wayne-international-airport-2.png | 78.46.22.25 | 200 OK | 125 kB |
URL GET HTTP/2www.freepnglogos.com/uploads/plane-png/plane-png-fort-wayne-international-airport-2.png IP78.46.22.25:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectfreepnglogos.com Fingerprint58:80:0B:38:10:AC:0D:46:99:F2:1E:50:E5:2A:A1:8C:62:D0:D2:39 ValidityTue, 12 Mar 2024 22:31:19 GMT - Mon, 10 Jun 2024 22:31:18 GMT
File typePNG image data, 442 x 396, 8-bit/color RGBA, non-interlaced Size125 kB (125188 bytes) Hashe348b545adbb0254432ee3f116383ee1 b19fb1a1ded087d9401051ec0195c7e5e90dc832 193955d771028af984813fe4d3cbac1cb13208624aa4173b4e89e84f84faae2c
GET /uploads/plane-png/plane-png-fort-wayne-international-airport-2.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 125188
last-modified: Sat, 20 Aug 2022 14:09:52 GMT
etag: "6300eb30-1e904"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| woudaufe.net/zone?&pub=0&zone_id=7429629&is_mobile=false&domain=crazyoffer.in&var=null&ymid=39444118&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ffad619c-04e7-48f0-ab35-8678307984cc&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2woudaufe.net/zone?&pub=0&zone_id=7429629&is_mobile=false&domain=crazyoffer.in&var=null&ymid=39444118&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ffad619c-04e7-48f0-ab35-8678307984cc&action=prerequest IP139.45.197.251:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7429629&is_mobile=false&domain=crazyoffer.in&var=null&ymid=39444118&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=ffad619c-04e7-48f0-ab35-8678307984cc&action=prerequest HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-length: 0
x-trace-id: b44478237d8e518c807461290546f80e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 297
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 607a7a1f174c8618b013757c0cf0a376
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 299
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2cbe487d6fc61cabc4ff83271a9a81fc
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 300
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 761b4bc3033bc339d3e44caebbde0834
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://crazyoffer.in/
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash39d70f59d248d3790e51c3109bda965a bf468f0f519cebb0a0dd36a5de4c0c7d9fa098a3 37b423f13694d4d68e1bbf89911684e69410fc0e1f15ba8a95bd4b609b85ebe7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crazyoffer.in/
Content-Type: application/json
Content-Length: 998
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://crazyoffer.in
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| cdn0.cuelinks.com/merchant/47/medium/FC-Logo-big_store_tagline.png?1582718962 | 104.26.11.161 | 200 OK | 14 kB |
URL GET HTTP/2cdn0.cuelinks.com/merchant/47/medium/FC-Logo-big_store_tagline.png?1582718962 IP104.26.11.161:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectcuelinks.com Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45 ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT
File typePNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced Hash576b9492c258e76d402eeb2589a62eeb 9f74209a017c0417798a3ac28d7a2ec399d7425c 57dbb899142eb952c8a7f199311be2ba9030a30f883e0d74b738405937ac7036
GET /merchant/47/medium/FC-Logo-big_store_tagline.png?1582718962 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 14124
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18345
etag: "fdf3337c73732e527209fa97fa2ac63e"
last-modified: Wed, 26 Feb 2020 12:09:26 GMT
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: re5CbpA5MCS2VmWAsW8VnNwfD-Hmki6jdELfK6zjPSXFH9_fbSy19w==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNzPQ2mcXCo0iap5rdCDn376Q%2BEAx4vVnL5AMs%2FJohB4%2BVAulptyOycA8LkJ0T9yhpVDbbu6XAK%2BP3d5mj%2FsP%2BcqZYaibjt%2B9Y4BR779dFZySb0bS4Rv6VNpttEgNYxFR0sv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f17b503-OSL
X-Firefox-Spdy: h2
|
|
| cdn0.cuelinks.com/merchant/16/medium/Big-Rock.png?1493898201 | 104.26.11.161 | 200 OK | 4.0 kB |
URL GET HTTP/2cdn0.cuelinks.com/merchant/16/medium/Big-Rock.png?1493898201 IP104.26.11.161:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectcuelinks.com Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45 ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT
File typePNG image data, 250 x 100, 8-bit colormap, non-interlaced Hash876d79b299352daf8171d15ab47e7654 5d038f5d392e6d64aece95db8cc275b84b61a2d7 da41a4773f73dc1994c540c20d6f751a67f9f76430139785ecff601eb44ec1aa
GET /merchant/16/medium/Big-Rock.png?1493898201 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 4014
cf-bgj: imgq:85,h2pri
cf-polished: origSize=4363
etag: "1db671044833690775773bfd7cca7ebb"
last-modified: Thu, 04 May 2017 11:43:23 GMT
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-id: toRKUt0-nTPQ_hS56ZxL94ko3i_7K1h9w9otiSeZHOExwdMwyj4_eA==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMg4snFJ%2Bf9h57KCRamm%2BSUrL4eK%2FLStufmxtIfH84POiDTTMfgfR%2Ft34X7Ez0J%2B38hJbKsBZGUPzUWtDxBeHBVsWhphvsyFE0CNBPmJrva4TMSG5K4pyA5gsHaVLSaLSrxg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f20b503-OSL
X-Firefox-Spdy: h2
|
|
| cdn0.cuelinks.com/merchant/1/medium/Flipkart.png?1487937945 | 104.26.11.161 | 200 OK | 5.6 kB |
URL GET HTTP/2cdn0.cuelinks.com/merchant/1/medium/Flipkart.png?1487937945 IP104.26.11.161:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectcuelinks.com Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45 ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT
File typePNG image data, 250 x 100, 8-bit colormap, non-interlaced Hash71a30942618ae221889631af68853433 b9c56cd8816df21320419b0227920f5dcb0c9197 1ce6fcf7d9d8ddbc4522a901619b9e27e912dd0c1bb294ee01733eed2604e2b3
GET /merchant/1/medium/Flipkart.png?1487937945 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:11 GMT
content-type: image/png
content-length: 5555
cf-bgj: imgq:85,h2pri
cf-polished: origSize=6368
etag: "8093bccf0251329e339bfae4522c0998"
last-modified: Fri, 24 Feb 2017 12:05:46 GMT
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-id: WzIJg0r1eC868_oLVWNDTAkYllGTnb0YCnZ0ZgNADpzjOsigHNrDvQ==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6eQlhIsVu0NvVSpPknyV%2BPXQtTbNkU0NxiWS%2Bqq8XX08uaOjjm%2BHpdY2AR9%2FxE8%2BnCy%2BrOnUmOZaEjMV%2F68v0VW3A7fNUEdleaImaOq3fwWcwylHp5f5qsgPTzKehWtEQN9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f15b503-OSL
X-Firefox-Spdy: h2
|
|
| crazyoffer.in/favicon.ico | 172.67.194.51 | 404 Not Found | 7.9 kB |
URL GET HTTP/3crazyoffer.in/favicon.ico IP172.67.194.51:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerGoogle Trust Services LLC Subjectcrazyoffer.in Fingerprint0C:73:AD:88:12:89:0F:D2:6B:DD:AA:E2:DA:B4:74:C9:64:F6:25:6B ValiditySun, 05 May 2024 09:27:04 GMT - Sat, 03 Aug 2024 09:27:03 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1
Host: crazyoffer.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/?clickid=39444118
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Tue, 07 May 2024 07:14:12 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suVZLnSqKdZ2VtHBgXj3QLT6vy%2BnYudoXG3%2BMytrDYJzmgNksTgpFyauZerro9EOLWi%2BcNHdp9Eic%2FsI7CWKUElMRudk%2FCiQNyLZHED3PGNczqM2ws2XcQDocUuF43pH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff6967adfa5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 145 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65325) Size145 kB (144877 bytes) Hash450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 10/31/2023 18:48:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6f2d14e9436097e66447b103aa0360de
cdn-cache: HIT
cf-cache-status: HIT
age: 563750
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ff6960face56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js | 104.18.11.207 | 200 OK | 68 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.bundle.min.js IP104.18.11.207:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (65298) Hash98d2c1da1c0a495f8fc8ad144ea1d3d2 a0f7a287003f6d0c8a2543e6183fdc14417b6793 bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
GET /bootstrap/4.0.0/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"98d2c1da1c0a495f8fc8ad144ea1d3d2"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 17:49:46
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6a56f242ace5e5833a5a9f508b6b148e
cdn-cache: HIT
cf-cache-status: HIT
age: 557892
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ff6960eac356bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| woudaufe.net/pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2woudaufe.net/pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js IP139.45.197.251:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=7429629&ymid=39444118&var=null&sw=/sw-check-permissions-019e0.js HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:14:11 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins&display=swap | 142.250.74.106 | 200 OK | 781 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins&display=swap IP142.250.74.106:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (799), with no line terminators Hashf2734c367eb54d2729867445e0ea79a8 18f8b32901dae48bedc55cc12baca116e56e6bb7 d5f6fe55368116052648d76167ba4c103db2e0e52680340cd0cb014d3f6cf1d4
GET /css2?family=Poppins&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 07:14:10 GMT
date: Tue, 07 May 2024 07:14:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn0.cuelinks.com/campaigns/101/thumb/myntra.jpg?1613124982 | 104.26.11.161 | 200 OK | 1.9 kB |
URL GET HTTP/2cdn0.cuelinks.com/campaigns/101/thumb/myntra.jpg?1613124982 IP104.26.11.161:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerLet's Encrypt Subjectcuelinks.com Fingerprint0C:49:81:FB:AF:86:0F:66:A9:70:39:FF:E5:67:2A:39:E9:EA:C2:45 ValidityWed, 17 Apr 2024 02:05:29 GMT - Tue, 16 Jul 2024 02:05:28 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x40, components 3 Hash4d3dcd5b0f851eef02fad0854af40f00 f91b2905b3fc0e42094bba0eb9c573658e657f87 68519648dd537bd6f9c2d2b01c98bf7a92760c12022c6ddcdfd6297487312a93
GET /campaigns/101/thumb/myntra.jpg?1613124982 HTTP/1.1
Host: cdn0.cuelinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: image/jpeg
content-length: 1877
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=2919
etag: "facfbff33bea1ed6e9ea11aa978642f2"
last-modified: Fri, 12 Feb 2021 10:16:25 GMT
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-id: zZxAmsIflTawK1s1eLbOXtqcR_w0cVe1TeTSysFXaic687MMhpdTzw==
x-amz-cf-pop: OSL50-P1
x-cache: RefreshHit from cloudfront
cache-control: max-age=14400
cf-cache-status: HIT
age: 5603
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fmhVLTwKsAz1J17YW%2BqwH5OU9bwR1DQZNQivxtefx67%2BhkC%2FnpjFtiLg9ZjvPr0Hce%2Fk6eQ0qFGccc1YNa7L20Hqz9BRklVXffdFmQCEADI07Q7FbaVW7HIKUMkH9L6gQOM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff69614f21b503-OSL
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.67 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.67:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crazyoffer.in
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 386219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js | 104.17.111.223 | 200 OK | 1.7 kB |
URL GET HTTP/2cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js IP104.17.111.223:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerGoogle Trust Services LLC Subjectonesignal.com Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70 ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File typeJavaScript source, ASCII text, with very long lines (1766), with no line terminators Hash17ba573ef8bde8f7bae54697ae98b376 56fe76e7c409cb8648a811dc6c6fb81a7af5d772 e2067dd5fb289b0bc34fe8d08b17eced27667f4d216f10cfa596a2d2f679d592
GET /sdks/web/v16/OneSignalSDK.page.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:14:10 GMT
content-type: application/javascript
etag: W/"e97acd0bc7104d45af67c0c1d883418e"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1711
expires: Fri, 10 May 2024 07:14:10 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=6al4wuggk4wrzN_IeXB1QbWT7JPp3gmToI9fWL26aQw-1715066050-1.0.1.1-wOiL1PiFszxX0aZtJND0.I7pXXjAo9sN5Oxvd3A._pBoGlL193h3_rNQav5QvEhK5KoFTLcz2VijYFfvKxb9lQ; path=/; expires=Tue, 07-May-24 07:44:10 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 87ff6960ba9db524-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| crazyoffer.in/sw-check-permissions-019e0.js?var=null&ymid=39444118&zoneId=7429629 | 172.67.194.51 | 200 OK | 566 B |
URL GET HTTP/3crazyoffer.in/sw-check-permissions-019e0.js?var=null&ymid=39444118&zoneId=7429629 IP172.67.194.51:443
Requested byhttps://crazyoffer.in/?clickid=39444118 CertificateIssuerGoogle Trust Services LLC Subjectcrazyoffer.in Fingerprint0C:73:AD:88:12:89:0F:D2:6B:DD:AA:E2:DA:B4:74:C9:64:F6:25:6B ValiditySun, 05 May 2024 09:27:04 GMT - Sat, 03 Aug 2024 09:27:03 GMT
File typeASCII text, with very long lines (605), with no line terminators Hash650a25602d99ab9186c8e7f2afd8364e b45f0aa5a9a14b557087a44a8ba6ff91aa36a580 688121780d111d68ff12b20a9a160366784ed398fb75820b3ab059fd8d2c2c20
GET /sw-check-permissions-019e0.js?var=null&ymid=39444118&zoneId=7429629 HTTP/1.1
Host: crazyoffer.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://crazyoffer.in/?clickid=39444118
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:14:12 GMT
content-type: application/javascript
last-modified: Sat, 04 May 2024 13:37:40 GMT
etag: W/"236-617a0f0b0e08a-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WwG4vvAI6c2nf6ABbypMXHaOGy90Tq6l%2B%2B77iTLb2nm2nJyOEFU7BBLdSCTkg9nkfSwF9wkb7aZFlKvVz6NmLpXkkvrPmQPH2m8FVjnR49GYDjHq6B%2B%2BkyvQJs%2B2eG1s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff69683f095688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|