Report - fastweblink.com/418d1a5a-5e99-40c4-8789-07b01f610385

Report Overview

Submitted URL
fastweblink.com/418d1a5a-5e99-40c4-8789-07b01f610385
IP
18.156.16.63
ASN
#16509 AMAZON-02
Submitted
2023-03-23 20:54:40
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	2.7 kB	47 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-29T09:11:13Z	350 B	984 B	54.230.80.227
giftz4u.xyz	unknown	2023-03-17T05:55:39Z	2023-03-27T20:46:03Z	17 kB	191 kB	54.230.111.121
desekansr.com	unknown	2022-05-12T10:00:20Z	2023-03-29T10:49:51Z	935 B	21 kB	139.45.197.250
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.148.238.104
fastweblink.com	unknown	2021-01-29T10:21:21Z	2023-03-29T05:38:28Z	383 B	1.4 kB	18.156.16.63
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-23	medium	fastweblink.com/418d1a5a-5e99-40c4-8789-07b01f610385	Phishing
2023-03-23	medium	giftz4u.xyz/1/prizewheel/cash/trcash/css/app.css?id=c588c17324f2be0e0ec9	Phishing
2023-03-23	medium	giftz4u.xyz/1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179	Phishing
2023-03-23	medium	giftz4u.xyz/1/prizewheel/cash/trcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444	Phishing
2023-03-23	medium	giftz4u.xyz/1/prizewheel/cash/trcash/img/fb-like.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	498 B	2023-03-07	2023-07-17
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:49:23 Last Seen2023-07-17 14:06:33 Times Seen639 Hash 5883cd53a4e3788bac0bf84ec6569353 c131a703eaca10a46c4a6eb1e212caa6d13e5541 3d802fe84930509454d19d1340b5c340c6acbc2a08c8a8eb89dd0349714ebfa8 Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	40 B	2023-03-07	2024-04-19
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-19 12:58:37 Times Seen3861 Hash fe0dc8d4915af0701a005086d0696180 2e65cc10554fde204edbde4d3b1e4fedff82cfa7 909b1dec809484d438fc8a24deba298ffbed61663709c5f0a5302746a8ac41be Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	366 B	2023-03-07	2024-04-15
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-15 01:27:42 Times Seen586 Hash 40f2114f951199cb58a18a09aced59ac 2e8668b1491bc84c8cb4b968c52367a7d0ca83be 5bd0b29def7bdcfa084a85c9f395f801cb264976c7ae682d944c37d05d7ef97a Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	720 B	2023-03-07	2023-12-06
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:37 Last Seen2023-12-06 23:07:57 Times Seen71 Hash e5078e3fb75f07b36caaba15e4400e99 5e7e4183726907eaa7cef42054001d65f2e4f969 19dc1d2e47a3e048a7549108561ca5895dfd81b2572b0304cbc1c4ddce32b976 Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179	977 B	2023-03-07	2024-04-19
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179 IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-19 12:58:37 Times Seen3061 Hash 15b1bae461854d516179a34a8c9b5f08 330c1d191253fe07c5fe6b5af37872408f2e5904 1bd25e467ea078265aee433e0cf9732a7e127514304634590a2de17fb2330896 Loading...

	desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js	41 kB	2023-03-26	2023-07-15
Pretty URL desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:36:09 Last Seen2023-07-15 19:09:01 Times Seen1562 Hash 39e2c858ae674bcd586c05c4ce804985 1b4877d33ff9ff907345036cdcaa40819ec32e5d 986b86e6675d511be045876f03623f7c3d7fd944fe2c5b75e2edc2bcd88a8b4a Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	241 B	2023-03-07	2024-04-18
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-18 08:23:10 Times Seen3041 Hash 825899569915b84f68b26d0cd783de56 25980612702ec59729cd51a1ae4889d90b2d81c0 5d5f9e205ad51e722a55d693a4a02c4e55728ffc4d19cc3b2fcf36d6aea17536 Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	879 B	2023-03-07	2023-04-05
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2023-04-05 02:10:58 Times Seen280 Hash 6773165f880d9c5aee5e7eebe7b73621 684a5d8200ae966b0da79881d6691cdf1ee584d1 6edcdc5cc151163e6547e5bbaff85aee07dfd9d0d270c6d8e72ac992976165ed Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	118 B	2023-03-07	2023-04-02
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:37 Last Seen2023-04-02 21:32:39 Times Seen27 Hash e79c2349c43d5311d6fa0e24e4e795e5 628a0689d34e874aca03b05d26e4748a327afa73 99e3cbe7f3c249a2a5f56ad2e847c0ca5d33ed7034c9684dfd11f38a69028b40 Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6	150 kB	2023-03-07	2024-04-19
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6 IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-19 12:58:37 Times Seen2079 Hash cdf97653c213f02233f50a1ec975633c 0445187a07bfa933c3328d8248f61503f5f3fef0 c7eb3be411c7a475be0b5cb8d8979b47025b834180494c58d77fcf16a6a9a861 Loading...

	giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de	102 B	2023-03-29	2023-03-29
Pretty URL giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP 54.230.111.121 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:07:43 Last Seen2023-03-29 21:07:43 Times Seen1 Hash 1c6eb74c2764141a67b73ccaa41ad82d 01ac983b40638c28c730477718643ca208318d52 e0620234fc8b19fe81a69c00f15e4b5f69510e2c2c554ab0412321c9b8d07e06 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8eba2e279a204b7fece360c6722200ec	79 B	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 21:07:43 Last Seen2023-03-29 21:07:43 Times Seen1 Hash 8eba2e279a204b7fece360c6722200ec 71bcb3b8f0a5160ec30a97fbb6a907627c6e050e 7e5dad4614ea7b402fb15390c42892c65e4223e10c36d3aad2efcf411cb57e4b Loading...

		Size	First Seen	Last Seen
	#1 Write - 2310408a63388fe57e3a4177168a8798	7 B	2023-03-07	2024-03-02
Pretty Observations First Seen2023-03-07 01:02:27 Last Seen2024-03-02 10:53:39 Times Seen1245 Hash 2310408a63388fe57e3a4177168a8798 532c67fe1b5afae15d2d08fba7a78de0f63cc4b5 9bd88f2485acbb9426ad3dd9e06842ede8c7516d0ba8559298675f09419681fa Loading...

	#2 Write - b10663a3a70d8c31b065a461d70cf574	83 B	2023-03-26	2023-04-02
Pretty Observations First Seen2023-03-26 09:53:32 Last Seen2023-04-02 21:27:16 Times Seen5 Hash b10663a3a70d8c31b065a461d70cf574 dc8cfdcf8b5d0963329719feb304fc0d01907e6a 232892e9986b61c525667928fefa503a152d31a973e0a1bd891e5707a6fcca1d Loading...

HTTP Transactions (40)

URL IP Response Size

fastweblink.com/418d1a5a-5e99-40c4-8789-07b01f610385

18.156.16.63

302

0 B

URL HTTP/1.1
fastweblink.com/418d1a5a-5e99-40c4-8789-07b01f610385
IP
18.156.16.63:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /418d1a5a-5e99-40c4-8789-07b01f610385 HTTP/1.1
Host: fastweblink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Thu, 23 Mar 2023 20:54:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Pragma: no-cache
Set-Cookie: 418d1a5a-5e99-40c4-8789-07b01f610385-v4=PNBaoS_YnhiBdgAhP6hqf8ru1BZxNTGHpLBr4cwPj3M; Max-Age=86400; Expires=Fri, 24-Mar-2023 20:54:29 GMT; Domain=fastweblink.com; Path=/; HttpOnly
cep-v4=qOIY3YiZdkw-J6mCRY-EWQLPil84_gqk61m3mtisU88amsyTiCsGPlfv88iFc7IJagwW6s0I8lSR9rMBUAnsRn9RtbejnoXOFpOlHBbSnxvYHyvMSdvB95KJP-2n9fXocYNyamyYnaGFjVr3-g9xAi9ht2rVd1PQkV1t7Jwt1CRvPmoJ72sSR-FDjwH4YCzmPFw7Yr42PafdZU5QvAROt08kQ5rt17bMOEs96QpIeGeembm83COcn_T19N_0gBekOXWSrMdUVTBJR8EcSRjw0m0qOyXluLoIvttrdsQk9lPg0zUR1DyCkffkHA0tUhEz5FI_R1gbB0aQqU5CwURa3zjpIzojlUveWbLSU1q649M; Max-Age=86400; Expires=Fri, 24-Mar-2023 20:54:29 GMT; Domain=fastweblink.com; Path=/; HttpOnly

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Fri, 24 Mar 2023 02:01:07 GMT
Date: Thu, 23 Mar 2023 20:54:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14725
Expires: Fri, 24 Mar 2023 00:59:54 GMT
Date: Thu, 23 Mar 2023 20:54:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 20:15:07 GMT
content-type: application/json
age: 2362
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20664
Expires: Fri, 24 Mar 2023 02:38:53 GMT
Date: Thu, 23 Mar 2023 20:54:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: h8bl3L33pgC0g4lTfo7a9cFoIBNzKteBfqv9XrRMRGpFjE73yxXaS8Fy4xsGX2fibLBMjbOIIzY=
x-amz-request-id: DN9HXHJ68TVFHXNZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 20:00:05 GMT
age: 3264
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 20:54:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
36aca5e9cec523ef91439186e26bb420
0c849baae95c1f97f85fb868043803ce6e1705c6
97d670581b56a4a96b2ae63a882e27b77d59f03006d3c818e3797b8d344d8c22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126393
Date: Thu, 23 Mar 2023 20:54:29 GMT
Etag: "641c073e-1d7"
Expires: Sat, 25 Mar 2023 08:01:02 GMT
Last-Modified: Thu, 23 Mar 2023 08:01:02 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: htWl6Y4VmyNuet7AVWhv-po1rpnZ8UOs9JPmhiNjB7I2-lKl3QNM7w==

giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg

54.230.111.121

200 OK

32 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Size
32 kB (32496 bytes)
Hash
d4655cba21d806e849eed4e4119fbe1a
6453039d85005643e9d65074ca022f63b5d47cdd
90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7

HTTP Headers

GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 32496
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:03 GMT
etag: "d4655cba21d806e849eed4e4119fbe1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wqirulko0242uQeZoiq-Mz9LdhTD8RGJkm8y19ihaaVlho-QrSIo7A==
age: 73106
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/prizes/iphone-12-pro-max/default@0.5x.png

54.230.111.121

200 OK

20 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/prizes/iphone-12-pro-max/default@0.5x.png
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
PNG image data, 250 x 179, 8-bit colormap, non-interlaced\012- data
Size
20 kB (20297 bytes)
Hash
21c566d339878bab58101cee37adbce8
741159c0dd360a904ffcb63057e165d57e8fedd4
18f266f89565ca902fbf9c6dca8abff01cf0e29e1eafbcf6e93a832126d1b3b2

HTTP Headers

GET /1/prizewheel/cash/trcash/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 20297
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:01 GMT
etag: "21c566d339878bab58101cee37adbce8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gw7Aq6v6bzYOC0HIF0miJZEfDQ5P1yUPDVGyWnXpfY4t6KkNjuJ_Zg==
age: 73110
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/css/app.css?id=c588c17324f2be0e0ec9

54.230.111.121

200 OK

33 B

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/css/app.css?id=c588c17324f2be0e0ec9
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
c588c17324f2be0e0ec90a18f39e7d7c
69d360eddd15f527aac7f7e610346517732b7770
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /1/prizewheel/cash/trcash/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 33
date: Thu, 23 Mar 2023 06:54:12 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "c588c17324f2be0e0ec90a18f39e7d7c"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 47PNq9tga3EEpgotVVi52cp7yHAyuXwdbvV6sVxl80U3lEE5JJcxuw==
age: 50419
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179

54.230.111.121

200 OK

977 B

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (977), with no line terminators
Size
977 B (977 bytes)
Hash
15b1bae461854d516179a34a8c9b5f08
330c1d191253fe07c5fe6b5af37872408f2e5904
1bd25e467ea078265aee433e0cf9732a7e127514304634590a2de17fb2330896

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 977
date: Thu, 23 Mar 2023 06:54:12 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "15b1bae461854d516179a34a8c9b5f08"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kVmuriRPHbpRZEB86dkyjxvomOu1VwicQx7a1j0Hrc87CcSZsZtO8g==
age: 50418
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/notification.png

54.230.111.121

200 OK

449 B

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/notification.png
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Size
449 B (449 bytes)
Hash
bd5203f2cc9e7a9125e4575e029541b0
9fa565ab2f4b55da4735b79e529562252b3c9afe
db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f

HTTP Headers

GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 449
date: Thu, 23 Mar 2023 10:30:59 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "bd5203f2cc9e7a9125e4575e029541b0"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tvWFcZq-kFQOqe7hkH99ssQs3Bp2D6ngqbz3U3Y5Nw57SHXpnElLTw==
age: 37412
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/loader.gif

54.230.111.121

200 OK

5.1 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/loader.gif
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 50 x 50\012- data
Size
5.1 kB (5083 bytes)
Hash
ed786659a534e0d183c09a90c50abc9d
a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97

HTTP Headers

GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 5083
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 20:54:30 GMT
etag: "ed786659a534e0d183c09a90c50abc9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wG7B11_5ShhhPXCEZzfagGocy9G_rXkflANvtPo_C1JHiICM0S5yZA==
age: 23941
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 20:14:33 GMT
age: 2397
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d6e46c78046ed77c7cef9584d4fbbf2
af4b692d705633e4c5c0e03de36f778f6b4d9710
004eecd5ee4f2786adaaa51ca0358873a05b0407d26219dfd7ddc6250542a6d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "004EECD5EE4F2786ADAAA51CA0358873A05B0407D26219DFD7DDC6250542A6D8"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20610
Expires: Fri, 24 Mar 2023 02:38:00 GMT
Date: Thu, 23 Mar 2023 20:54:30 GMT
Connection: keep-alive

giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_static.png

54.230.111.121

200 OK

3.4 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_static.png
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data
Size
3.4 kB (3370 bytes)
Hash
dc484e0043b5ff6191b1880c8779863c
a5b67e3dff3dea3940eed090431aecbb36611b1d
30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6

HTTP Headers

GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3370
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "dc484e0043b5ff6191b1880c8779863c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r2VScM7DhARDUxwclUMxTh2uUstnD_Tx6KheH6BEPL4Galu1-sFI9A==
age: 73107
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/3@0.25x.jpg

54.230.111.121

200 OK

2.5 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/3@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.5 kB (2506 bytes)
Hash
e69e56799051d24a67414a67301ac984
7d7db0281213342c25abf9e08937e38c7d1e8449
cff50b269e3afdcf620ba9a8f6d3ac55b03a953136f3148d1b3296798bf57210

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/female/3@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2506
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "e69e56799051d24a67414a67301ac984"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xv1qwSDUa4CuDwI3XkXbpQ2uh64auNkpXKrnxEBHwSPcsOXc15vSiA==
age: 73107
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/10@0.25x.jpg

54.230.111.121

200 OK

3.2 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/10@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
3.2 kB (3175 bytes)
Hash
f8002e02aac0ac1bb22d2c80f36ebf15
bf277a8747caf561b91a25860e772cf0f1a834a5
0e98e32d27f59276dc137de153e32c28220a635701413565a4646dc8361fd94c

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/male/10@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 3175
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "f8002e02aac0ac1bb22d2c80f36ebf15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y7p-kVoh7x75SxGWXGc27DrIsnq442GTepoQaUrl1m4934pynyW0Og==
age: 73107
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/1@0.25x.jpg

54.230.111.121

200 OK

2.9 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/1@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.9 kB (2853 bytes)
Hash
4ccf612375cb7df45e271ecd2983281e
db4bc5414c30c39531e38c9a3f34b087cd68b4b6
75f237c0722d2dd3ef7d7e4bad43a70ac57bad90c81b9cb8b9c9b445c0a76a1b

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/female/1@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2853
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "4ccf612375cb7df45e271ecd2983281e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E_ej0aQI2o5Q1yFRK5fE-AYtILn_nVnZMoTi2iyMNezO1ULgTAk3AA==
age: 73107
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/6@0.25x.jpg

54.230.111.121

200 OK

3.0 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/6@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
3.0 kB (2950 bytes)
Hash
5f6bc62e6e66a94b4ce9b971a798ceff
05faaed9dbd1a5462485d4deeed888312a3b4973
cfa55f5831710c40e2429ec2528b080fb2e6b11b560abfa8eaa1710b63770af3

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/female/6@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2950
date: Thu, 23 Mar 2023 06:54:13 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "5f6bc62e6e66a94b4ce9b971a798ceff"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QSRSY8U65SYslsmBI6Y4qn7tSRRRZNGpOosI1iOit4IeHNkwfsa-9g==
age: 50418
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/9@0.25x.jpg

54.230.111.121

200 OK

2.2 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/9@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.2 kB (2224 bytes)
Hash
444a95e7661a07d48ae8a2b7d67792be
e31aa744a72a17d6a3e04cd0e6f9a9fc59a47b59
d815f00761793a93ef88b73ea6451d9300a052ce64f454d30f9446af3bd9ccda

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/male/9@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2224
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 20:54:30 GMT
etag: "444a95e7661a07d48ae8a2b7d67792be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a6-KW3d4CfKy9hUePyQHopwJg7N81u6IeO6ikuXJUo2V_X0pW0utAQ==
age: 23941
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444

54.230.111.121

200 OK

46 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3495), with no line terminators
Size
46 kB (45504 bytes)
Hash
774d58bf95e2d39f1a3491d63ba9ae96
a8feb2e19bacc2f1bdd2b6b64f810f0054875c7a
79a0b3cbd20f937353d4b50db7622ab6877c1030523b27e7f1ffd003d7b31150

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /1/prizewheel/cash/trcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 23 Mar 2023 15:32:36 GMT
etag: W/"cd41123a11e97e0f2444b57d180631a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b7ly1Yg4I5CBUMGCNeH9VxDY3fxTRusTDXUG2RW60lHIo6ZUZdfXzg==
age: 19315
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/5@0.25x.jpg

54.230.111.121

200 OK

2.8 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/5@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.8 kB (2787 bytes)
Hash
6063e3355d6e928b55810c359ee1d382
a6a19cb61b8a8f9ed538a6467a7a41ed85fc01ad
9db1c16bd8c27942b3d83cff9d81462ced2b7827ab45fe53ff3fcec32ed138d9

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/female/5@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2787
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 20:54:30 GMT
etag: "6063e3355d6e928b55810c359ee1d382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bldx-cde8JNaMiwckzOzAgwcrk4fEuRne8GHWXHxuvYL7MenrDQF8w==
age: 23941
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/2@0.25x.jpg

54.230.111.121

200 OK

2.3 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/2@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
2.3 kB (2258 bytes)
Hash
07ee3d87dba4f97110c83432fcc8f3f6
80f21d2258991eaecca028683f58b16019bf9deb
50479fd6ff7c08b64aa01f0a415bba20d8ddd79a43becae604955e9086098cff

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/male/2@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 2258
date: Thu, 23 Mar 2023 06:54:13 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "07ee3d87dba4f97110c83432fcc8f3f6"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TIGZ8RUhmFttbLG3-Sd9rDyghOmXn7sa-XPCEROAv7la5zk_Mp17dA==
age: 50418
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/3@0.25x.jpg

54.230.111.121

200 OK

3.3 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/3@0.25x.jpg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Size
3.3 kB (3301 bytes)
Hash
49f1b40f2ed2ef127cb64293ae8b1524
7939aacf51d0ba9b4358cb17ef40eb91fa31e27b
c5e6dbfaac2e982618aa4ea88a1785ca965b57f3149551f194cdaae2d8406a53

HTTP Headers

GET /1/prizewheel/cash/trcash/img/profiles/mena/male/3@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 3301
date: Thu, 23 Mar 2023 06:54:13 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "49f1b40f2ed2ef127cb64293ae8b1524"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NJM6KeuEFVUFxx7RQfBT7WleiH-CmtygNOCUSHQ1oG9w2EN5044bwA==
age: 50418
X-Firefox-Spdy: h2

desekansr.com/zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest

139.45.197.250

200 OK

0 B

URL HTTP/2
desekansr.com/zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://giftz4u.xyz
Connection: keep-alive
Referer: https://giftz4u.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 20:54:30 GMT
content-length: 0
x-trace-id: 5cd1e6c8ff8ab005c073620550b28e7b
access-control-allow-origin: https://giftz4u.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8040
Expires: Thu, 23 Mar 2023 23:08:30 GMT
Date: Thu, 23 Mar 2023 20:54:30 GMT
Connection: keep-alive

push.services.mozilla.com/

54.148.238.104

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.238.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rNwkLBYirnxB+/TVwiaHHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9V6CTmpC1LvQm7XJF4pBRPHAgVs=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5010
Expires: Thu, 23 Mar 2023 22:18:02 GMT
Date: Thu, 23 Mar 2023 20:54:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5010
Expires: Thu, 23 Mar 2023 22:18:02 GMT
Date: Thu, 23 Mar 2023 20:54:32 GMT
Connection: keep-alive

giftz4u.xyz/1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6

54.230.111.121

200 OK

51 kB

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65475)
Size
51 kB (50700 bytes)
Hash
d4b60d6b11347068f86ba148f9ccaedb
50c3f74c22f7e07f3842bbe58ffddaa9b047d747
44dff7a1e7054a2bd8f66391e8892227b27024198d476e19ccc1883c94ab9f88

HTTP Headers

GET /1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 23 Mar 2023 03:19:20 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: W/"cdf97653c213f02233f50a1ec975633c"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4eC0PSqwAIAbJOf5klIBwlW-vgBq9TugRlV-PncRbpb3lM04_zzEUQ==
age: 63311
X-Firefox-Spdy: h2

desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js

139.45.197.250

200 OK

20 kB

URL HTTP/2
desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
20 kB (20129 bytes)
Hash
bfa3bd4f552b8b1000c040a67ba6b1c3
6631fc48ee90b9a7a4156f5a4c01c372f2afd837
b52c6b444002ff2a743867877dc6fee4dc858ce29132879637a476463f4b96c2

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 20:54:30 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 15:32:57 GMT
etag: W/"641336a9-a161"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6692 bytes)
Hash
c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:34 GMT
age: 83458
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3EQiNxuVVZEQZb14f9NC8565Ky3LV0Oj5JWg-_fVc9-B91xgBuHB5Q==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:05 GMT
age: 83187
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4912 bytes)
Hash
f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:33 GMT
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
age: 83459
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10480 bytes)
Hash
6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:09:40 GMT
age: 81892
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10284 bytes)
Hash
4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: g53sZY66fiEL8H79MzI7c7rqI-c-XxMvgB3myz79aw_lE9Aqgc66LQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:32:23 GMT
age: 48129
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de

54.230.111.121

200 OK

0 B

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 23 Mar 2023 13:16:56 GMT
etag: W/"8e75fdbf5442275699fa56274e800335"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7StXXWfrBlrHZhVTNBC2x4V9upAeXSDrTWgKcqOx9K4AutZaQ0YYmQ==
age: 27454
X-Firefox-Spdy: h2

giftz4u.xyz/1/prizewheel/cash/trcash/img/fb-like.svg

54.230.111.121

200 OK

0 B

URL HTTP/2
giftz4u.xyz/1/prizewheel/cash/trcash/img/fb-like.svg
IP
54.230.111.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /1/prizewheel/cash/trcash/img/fb-like.svg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 23 Mar 2023 05:09:53 GMT
etag: W/"765203989756e91925e8f947e660b644"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ke91R9ZU61ORU3id6AOAH0VfO4dyuZKxPHI9gZRYDt73RF8wZLkOSw==
age: 56678
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML