Report - braokeextrefore.com/50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4

Report Overview

Submitted URL
braokeextrefore.com/50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4
IP
3.124.99.72
ASN
#16509 AMAZON-02
Submitted
2023-01-25 07:01:47
Access
Website Title
Final URL
Tags
urlquery detections
Scam / Brand infringement

Detections

urlquery
1
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.luckyducky.pics	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	807 kB	54.230.111.30
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	865 B	54.230.245.118
hop.greenbluefrog.click	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	1.9 kB	108.178.23.115
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.81.36.195
braokeextrefore.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	1.4 kB	3.124.99.72
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-25	medium	braokeextrefore.com/50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_1.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_2.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/4.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/7.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/2.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/1.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/3.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/8.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/6.jpeg	Phishing
2023-01-25	medium	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	1.1 kB	2023-03-07	2023-04-02
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:16 Last Seen2023-04-02 21:28:51 Times Seen46 Hash 1629f29514117ffdefd6e0cda89473ba 66fcacae4ccf9f3257f5f6f171765dcf0dd318b4 a6ec8beb732e01c3b7e9c727fc4446abac69c55b8acae0499db6b01c3016b7b6 Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	53 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen4282 Hash dd8e86846df7475f64bbc9c4367b8391 e1ce18194173fe35c6e8631ee16f6b2949f4da47 26c421f08b61018d4992f49af505a4fab8131f3a86e83fbce1e313bb6916ebca Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	63 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen3751 Hash 4ea644fbd5eac3cd150c6a6bd9376381 0569e4eccc6268d6269d62d668a6a0f0037136fa 74fc66c86f7576a6d4320c0697e7a140f42643f5b2de18c0b397f415a9f85cc4 Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	324 B	2023-03-07	2023-08-13
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:58 Last Seen2023-08-13 23:17:07 Times Seen937 Hash 5480d203977689d2ff6fe74d692ed30a 67e858ce8f57c9c3faefa339806036458f1ca390 646efcc10e6a99cdc2e7278f9cdf964c474dbfc23c6227ed99456d862f52fc8c Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	63 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen3772 Hash 0834480c4fa7f04b51060b13dfe109b3 6cd16ed7608f670d4c7ce372042143796c969e29 d7c4a3583b05f0bd80a69334065977f4d2f392e9ef06eed87615de595c48a96f Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	55 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen4304 Hash f2789015e0649bc72614431b78924b41 1818b8205140a52a257456968badd5d9a82947a4 291750e177d954fe5585629e317b30eb5e83bb21e461162e42965ca4c151793b Loading...

	hop.greenbluefrog.click/js/pub.min.js	2.8 kB	2023-03-07	2024-04-24
Pretty URL hop.greenbluefrog.click/js/pub.min.js IP 108.178.23.115 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:14:23 Last Seen2024-04-24 23:24:21 Times Seen5984 Hash 842d4889c73f6664245d70112389026a 3f5d934289e1acfebce633760640881a81ac8299 99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03 Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	62 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen4268 Hash b0a7a72de754cef5d187f68f46fe650f 17ee306e84f47e85aa08d322096ae1adcecb3f04 1851dcdb31bf0126a88f682225a7fc268a6786c216003371267d357a19753556 Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	55 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen4303 Hash cbecd830ce9c4a4e21070d3ed1e7dfb6 11a2d16ff0e9587d5661b3248e82cc8b68d64306 25ca77c9862cfb75bc014afb8aff17ddbfb25b6f60e40dd8bb2694fbc56ba93a Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	334 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:58 Last Seen2024-04-25 02:00:36 Times Seen1388 Hash 5422c5726eb09a65b49cba4b0d2fdb29 7e1d2444cffac148f5a3ca7e994a1e6f130b36e5 85d19c133a138605d641eadc494fe21c8ecd6e142460b1296e93238679567e8b Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	548 B	2023-03-07	2023-08-13
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:58 Last Seen2023-08-13 23:17:07 Times Seen364 Hash f92c7b0717b68f62be74f4497a1138d5 5d9e6cd8ea8cb02bfce88179c7ec5fc307ef2df6 35f29da4a04ad0843d7b981a4093f3cf0bf25c1ad6167b1f6c4fccdcb1551cde Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	30 B	2023-03-07	2023-12-10
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:30 Last Seen2023-12-10 02:07:11 Times Seen1174 Hash 3d37e4c28a40c6c1586d82406423c79a 151ae100ea8f888b7195beff7e309c77eeeb0df3 fbd8b191c54807a76b7ad3807d67e65d31203230357a2536994f43365a035ee8 Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	56 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen3755 Hash a27f2054003e74e74e2b92f37b6a2b4e 13a65a252a704ea3dc346ce6025819ad10d17e8c 9e4c9f97fbd42628763f6e6226b0d561342ca86d4da13f805d078760087b82b0 Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f	55 B	2023-03-07	2024-04-25
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-25 02:00:36 Times Seen4303 Hash 96cff319c449c289afc205a47063a52e 8a179621613722b918cb18a6e3e301334338498b 433e2dd9df18b9b78d8a9a199f9999918b0d9bce9d5a903b9c40c0c20979d7e2 Loading...

	www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js	2.9 kB	2023-03-12	2024-03-02
Pretty URL www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js IP 54.230.111.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:43:21 Last Seen2024-03-02 10:48:01 Times Seen39 Hash f775da719fb8bd4bf8037463f5cb36e2 6462d6e37850d4d89625f1ca12e37b705a494c6b cd0db54c8738410a1cbdd6e484e2b934726d0455cae9754b293b1683508d6307 Loading...

		Size	First Seen	Last Seen
	#1 Write - c6ac87227c5b1c264446be947af53462	30 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:00:53 Last Seen2023-03-13 07:05:15 Times Seen1 Hash c6ac87227c5b1c264446be947af53462 29c3f67da7723bcc241ca3fcb0583ecbfab84027 d0bce9fe67ebe9a9d754dcfcd04aee08c6b6d242807cd8700a75fe1883cfd3a6 Loading...

	#2 Write - c7530e00384d25d1da72290b759a4ed1	17 B	2023-03-07	2024-02-28
Pretty Observations First Seen2023-03-07 01:26:35 Last Seen2024-02-28 23:12:24 Times Seen99 Hash c7530e00384d25d1da72290b759a4ed1 e6b94ba188a56c3fcd6616c8be913f884332f8f1 3aa7ce84875ccfc2fe517b9a229a20a2cc8245b0a4a4e225e1fe192062e344f3 Loading...

	#3 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 03:52:44 Times Seen37053570 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#4 Write - 39282307df50e54b4f7add120ebc7932	16 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:00:53 Last Seen2023-03-13 08:08:11 Times Seen1 Hash 39282307df50e54b4f7add120ebc7932 2c68a97e337b8ef7972f3f4abf41e8215d10353a d5c1b1d82b75fec78f82e87a148d61a5d22aacdee0f4f94346198d4e27979016 Loading...

	#5 Write - a292b1b884039b6ef33942c1ed7ce86d	16 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:00:54 Last Seen2023-03-13 07:30:51 Times Seen1 Hash a292b1b884039b6ef33942c1ed7ce86d 8335c30017b8e5984e8fa8f17e6fe72624ff5a32 c6865959b041093bf7eb19ab9e03911192e63b285475d8c80f6bd2c2acfe4c96 Loading...

	#6 Write - 65260e8bd305a12373b8ea3a4814b612	16 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:00:54 Last Seen2023-03-13 07:05:15 Times Seen1 Hash 65260e8bd305a12373b8ea3a4814b612 af8db3481b3c015ed2ec0dc5220c041954150070 5c766ec881bca692ad59b27b5db7a9d16b5e729661d80fafee995feadfae9fea Loading...

HTTP Transactions (46)

URL IP Response Size

braokeextrefore.com/50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4

3.124.99.72

302

0 B

URL HTTP/1.1
braokeextrefore.com/50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4
IP
3.124.99.72:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4 HTTP/1.1
Host: braokeextrefore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Wed, 25 Jan 2023 07:01:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Pragma: no-cache
Set-Cookie: 50bfe51d-5f93-4a2e-a1b7-0f3d627dd1e4-v4=ODTiwW8aNw8cGixie1PvjhIKfop7JkKx3kKIampNcPY; Max-Age=86400; Expires=Thu, 26-Jan-2023 07:01:36 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly
cep-v4=WiUIl7JSOLSC1SaaJnXcQFlLS1f3-H66uauaZ0mIA2jGlfbk2ns98fXarSz8kDgRvETo5X8tiTMCfOpxiNol-t6sJeRlVphc95lUuHDdkieOdLtVnk8SkMYBe3O9PQgB7df3hBzSb1YjnC11KJ3Sc70ENchpREkhCHFzgZrRGEKtkfkuhYw7INX9kEsmFWi2T4fGgr-EhcnefsSm_NE9qZ93mHSAW0r-CDpvYMG6BtFOwWtwfyM5B8Od4e0XeDMlZI_Fr8Xe1RkLABNfLC2n1nlHLFOaRmQFdRJLR8bCO-PocAxgqVqoak4fyoC7tBIJbcvlsK47lKCKyHR8RvHRejaNBgTyqZT-f8qXHhPWjI3F6I6mbsCUre235BHEemOo; Max-Age=86400; Expires=Thu, 26-Jan-2023 07:01:36 GMT; Domain=braokeextrefore.com; Path=/; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17137
Expires: Wed, 25 Jan 2023 11:47:13 GMT
Date: Wed, 25 Jan 2023 07:01:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9010
Expires: Wed, 25 Jan 2023 09:31:46 GMT
Date: Wed, 25 Jan 2023 07:01:36 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 06:42:47 GMT
content-type: application/json
age: 1129
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5470
Expires: Wed, 25 Jan 2023 08:32:46 GMT
Date: Wed, 25 Jan 2023 07:01:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WfF56uTxeK77qU25psZVZTf6nK6AtDNKHGgufFQdn0qiZqGLoqEfryinzgsqNpAdoYwvYuN+4AY=
x-amz-request-id: YB64E92W96G5F80F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 06:19:34 GMT
age: 2522
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 07:01:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
91e4a1e4eced47e1aae4d7b31b7449ce
eb07185c8474f71ea577ffd0b314e3d9d7a9ea6d
841165396a1cdb88727740f3f3d1a7b7e2591e18c8a5167eac36513470a4f2cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 07:01:37 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X4eMGwEem7MJWT_o_SeEtpxzIr4JM2kMbo2G93KqNENBprpWUhFsxg==

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/Flag.png

54.230.111.30

200 OK

767 B

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/Flag.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 30 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
767 B (767 bytes)
Hash
9f840973c585a8eebf3eb9c30c3e9afe
00c798130ea55f3da30bbbac19c418c0d01c15b0
ae301968cba4735ba233cbbd8f397aa34612d861198f60dbd073258d8b9bc52a

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/Flag.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 767
last-modified: Tue, 10 Jan 2023 09:02:30 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:21 GMT
etag: "9f840973c585a8eebf3eb9c30c3e9afe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PWE7v0M6Zu76KQhKQuD5zu1IfeA39dVtWcq6a3aCUocJTkBX0nF4cA==
age: 83597
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ixo.png

54.230.111.30

200 OK

562 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ixo.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 423 x 880, 8-bit/color RGBA, non-interlaced\012- data
Size
562 kB (561946 bytes)
Hash
3db6e9a86a250c13268be4a224a40333
63fdc9bdf962bd044cc99800e68a7c945298e05b
0f3a2e2e7f8ab18b9513fd334f82e227911e2f0f378ddc63b8b34347f12534c6

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ixo.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 561946
date: Tue, 24 Jan 2023 09:16:49 GMT
last-modified: Tue, 17 Jan 2023 06:07:48 GMT
etag: "3db6e9a86a250c13268be4a224a40333"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZxRGZCQp4EKBDmX-9yWvM0G0jPKfZRFWHoetDu8KI6E28GdxqJN5BQ==
age: 78289
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-s.png

54.230.111.30

200 OK

42 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-s.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 165 x 212, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42079 bytes)
Hash
736e7e354b90708992ab2d838a8b04f1
8ae5ab0feb3a125ea34ea358b5ec10f4383c5e1a
89b7de644238c265d038359a986d7465cd92738a7fe69e6abb8824a9c37f6f5f

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-s.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 42079
last-modified: Tue, 17 Jan 2023 06:07:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:40 GMT
etag: "736e7e354b90708992ab2d838a8b04f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L8wC9CG4Yh5H4mby08d5nudrBmmNf5VmWAlOEwG5NXVzzCy_tLAaVg==
age: 83578
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-g.png

54.230.111.30

200 OK

57 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-g.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 203 x 249, 8-bit/color RGBA, non-interlaced\012- data
Size
57 kB (57134 bytes)
Hash
fc87e6a06c9842b4bd244f8bd8e33fd4
b0bf120fc2abd7c534893b8023efc22f3e641e31
dfb6ecde497777903127055cbee46dd838794c655d80071c17fc466acdb1431a

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/ix-g.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 57134
date: Tue, 24 Jan 2023 07:38:09 GMT
last-modified: Tue, 17 Jan 2023 06:07:46 GMT
etag: "fc87e6a06c9842b4bd244f8bd8e33fd4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -UgkfnDrZG6_pKr6bpY-DMyToPRRDnw9LBE5PxRxAVoxsnGkzmVbWQ==
age: 84209
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_1.jpeg

54.230.111.30

200 OK

1.3 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_1.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1293 bytes)
Hash
2aa0d43e70d60d76ac4bdff139f8c7cb
d7e3433297ad90f5d99249aee29b645265c9f3eb
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_1.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1293
last-modified: Tue, 10 Jan 2023 09:02:38 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:25 GMT
etag: "2aa0d43e70d60d76ac4bdff139f8c7cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4W6LXLNBjPAsS7Ty09Z0Y6n_THQYBgwjiBAsILC6I50qj4HNcu9FYw==
age: 83593
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_2.jpeg

54.230.111.30

200 OK

1.2 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_2.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1216 bytes)
Hash
f9299c2023539a8f27a6e1b12ed260e5
046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/like_user_2.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1216
last-modified: Tue, 10 Jan 2023 09:02:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 18:47:56 GMT
etag: "f9299c2023539a8f27a6e1b12ed260e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sf61jikPW_cVnQ85svPjMNFYRlp6Ype0WlIflrwHZ3Epf49hTj0z2g==
age: 44022
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/4.jpeg

54.230.111.30

200 OK

1.3 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/4.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1268 bytes)
Hash
2d7f012ab9054524c755b469917c86c4
4012a215511c950261b9a612ea9a504f01e785bc
c8159e3c4734f421942fa3cabec5481d80500e395b1652f22dbd18aa1150ea4f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/4.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1268
date: Tue, 24 Jan 2023 07:38:09 GMT
last-modified: Tue, 10 Jan 2023 09:02:23 GMT
etag: "2d7f012ab9054524c755b469917c86c4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8EP7gswr8da7oiKgjaNfzuCdReW0vgXNqrndTTLS5J0XgInjRX_GQw==
age: 84209
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/clip_footer_3.png

54.230.111.30

200 OK

2.5 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/clip_footer_3.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Size
2.5 kB (2460 bytes)
Hash
e1b626392882cc25b4d891afaa68afd4
454d7abdbc2548d04feb95436ea0ab4126b4f00b
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/clip_footer_3.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2460
last-modified: Tue, 10 Jan 2023 09:02:28 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:26 GMT
etag: "e1b626392882cc25b4d891afaa68afd4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rL2fLoz1Zkt6pO6pYGvDY1y6qwPc03LUIpA0ykJx4gqGDBND2iHklQ==
age: 83592
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/7.jpeg

54.230.111.30

200 OK

1.1 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/7.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.1 kB (1111 bytes)
Hash
93a68c406cecabf85d9cca80150cff97
cb051ce9d579bc5886afc137ec9ff4a42e4fbbc4
8b55e2390a6206d5bbc8947c9003c1381e64a064239c0aa757826683b168d755

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/7.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1111
last-modified: Tue, 10 Jan 2023 09:02:25 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "93a68c406cecabf85d9cca80150cff97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QsnB6O_MVelsP_luQCxO_L3Y9fw-X-tNF0rorFbsl-5z4-9pF_TXKA==
age: 10834
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/2.jpeg

54.230.111.30

200 OK

1.2 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/2.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1154 bytes)
Hash
dba9ae7a7ddca56332daa3db554873ee
42c44132ec0e635fbd95b431c49c01345c963bcf
6d52f1bed6a64a89473c9b39f74c4900b8534a75d52e6bb4785d8c9046d12b8e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/2.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1154
last-modified: Tue, 10 Jan 2023 09:02:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "dba9ae7a7ddca56332daa3db554873ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BHmI01QVXoZ_Eunqnk1qxRQ0msav4z8Ur4RkUJYk9hTlr9vBXTFxCg==
age: 2557
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/1.jpeg

54.230.111.30

200 OK

1.1 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/1.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.1 kB (1051 bytes)
Hash
04ab47334cf6507aba4897fc6184fad3
bf1018551225f851a7620e3abf84567c11e24edb
1f4e1ed5e3694cd7c748c27a2081cf05ab76866b945d55ce8a7cf8c21c424fda

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/1.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1051
last-modified: Tue, 10 Jan 2023 09:02:19 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "04ab47334cf6507aba4897fc6184fad3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iyql4c7csyDtt_O96Hdb3nRztKN1Hnq3uUfFZSaIPLPIsONk1KK4HA==
age: 12839
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/3.jpeg

54.230.111.30

200 OK

1.1 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/3.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.1 kB (1129 bytes)
Hash
8d0a835746e47abd0e612753cd3b8500
adbb56e921d194390557dbb9afbfea9ffc29f81a
a9ab01d3ccd9fad247c4d19343f45a1de228542b166e5cfe6dd0c2a613ddd064

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/3.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1129
last-modified: Tue, 10 Jan 2023 09:02:22 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "8d0a835746e47abd0e612753cd3b8500"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rxGtEbxUDXaJ31ydKU1M9Ckg6Li0LRN3tkBbBA6Qlhc0FrEIIq73Vw==
age: 12841
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/8.jpeg

54.230.111.30

200 OK

1.4 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/8.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.4 kB (1377 bytes)
Hash
2f1e9ab76a99474f6ab6e56f6f9609d1
6913bd46092337f0398ee3e2a964406fcee7bb8e
1e31e659dabaaa79c7efa58b72d2e982e7598db298084cd2865e354425287330

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/8.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1377
last-modified: Tue, 10 Jan 2023 09:02:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "2f1e9ab76a99474f6ab6e56f6f9609d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QdWF-VBRnqyiPJU8OhbdXMul_EevfKIl8iCfwJFyxIPS5bDZZgQ65g==
age: 12839
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/action_icons_20px_2x.png

54.230.111.30

200 OK

1.7 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/action_icons_20px_2x.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1726 bytes)
Hash
b699975b5fe73b087e711a33ff24ee1e
0e33cc5c32a5e7d18440751e3946076664caaf53
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/action_icons_20px_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1726
last-modified: Tue, 10 Jan 2023 09:02:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 24 Jan 2023 07:48:43 GMT
etag: "b699975b5fe73b087e711a33ff24ee1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lpWcHsjEHgo5sNfmqsUBYlFORpiYP9xtNxyvRj38Igu3Su4WzKw3Jw==
age: 83575
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/footer_right.png

54.230.111.30

200 OK

4.9 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/footer_right.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data
Size
4.9 kB (4919 bytes)
Hash
0e786b7344ac0b63609290a3a415fc4f
c2e77827e895aaa13522f1c5c0ef79d4caef0bb2
f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/footer_right.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 4919
last-modified: Tue, 10 Jan 2023 09:02:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "0e786b7344ac0b63609290a3a415fc4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zPpvxb0SKfPdjoVipkhZdbvZHaD-Z8tap5VCE8sizW3dBCIKuCid-g==
age: 3888
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/notify_2x.png

54.230.111.30

200 OK

229 B

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/notify_2x.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data
Size
229 B (229 bytes)
Hash
988234626ae7a880ed9c6a92f6336c0f
173967c2b59baed4a06997d874aba32ab65da201
4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/notify_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 229
last-modified: Tue, 10 Jan 2023 09:02:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "988234626ae7a880ed9c6a92f6336c0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: efyUkQJOAYDV-kbY8l2aVIbPmipb1j0lMSNKcRUpXj-778RCHmaOtg==
age: 3888
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/menu_2x.png

54.230.111.30

200 OK

124 B

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/menu_2x.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced\012- data
Size
124 B (124 bytes)
Hash
8f68efd9388ccd80b43759b2ed542305
9f2cf96efe3bdec2ab64bc51856619cc02958fe6
455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/menu_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 124
last-modified: Tue, 10 Jan 2023 09:02:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "8f68efd9388ccd80b43759b2ed542305"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9lgQQuzdz62ybOaRnHbMOmaymWLN73IkUpZM9yRoC35oKE80BZ9LAw==
age: 12841
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/comment_action_2x.png

54.230.111.30

200 OK

641 B

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/comment_action_2x.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Size
641 B (641 bytes)
Hash
e9b3872b3e63e19728176d45f0aa6986
b638f89d5d80c4cd65327da973c52f778e30bd55
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/comment_action_2x.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 641
last-modified: Tue, 10 Jan 2023 09:02:29 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "e9b3872b3e63e19728176d45f0aa6986"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WzF-aPSD0bDYa0R5oqOD7C0Suq3h4Z-x7zs6TKfrTp-mxD_1JgQqig==
age: 12841
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/pw_ix.png

54.230.111.30

200 OK

109 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/pw_ix.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size
109 kB (109151 bytes)
Hash
3ae8e9c19f72680e3b612c7dad852073
359fb5f4f5f498b9cc5f38920e90eb000904f669
0964d4a08d0e9f9b6877b9c07c2724d16c23569a1cc39857a83564af26875413

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/pw_ix.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 109151
last-modified: Tue, 17 Jan 2023 05:44:23 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "3ae8e9c19f72680e3b612c7dad852073"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ikJiwvuI46v9nH4cuGDnaHRa5lHIRplGekevwqIHGZXp2N-gywOlyQ==
age: 3889
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/spin_prize2.png

54.230.111.30

200 OK

2.8 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/spin_prize2.png
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data
Size
2.8 kB (2814 bytes)
Hash
f278c8d30fc51b72e0774b9ecb49214c
03b574db82b31ee5758eb5093fda8ea25d1b00d8
43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/spin_prize2.png HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2814
last-modified: Tue, 10 Jan 2023 09:02:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "f278c8d30fc51b72e0774b9ecb49214c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _XyamHYDtD9OiN71WDHXjm3cnu0SDxQ8XRmewoUQM0D3p_mVldAbxA==
age: 10834
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/6.jpeg

54.230.111.30

200 OK

1.3 kB

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/6.jpeg
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1314 bytes)
Hash
8224e96358b5f3cff15b5a95dda8bf16
159b632deb160c901c9b8754715272a070c1945b
c67dfaceacc0ecf671300a3636ae7d464d873385a9077f3fa207f4053b681dfc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/6.jpeg HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1314
last-modified: Tue, 10 Jan 2023 09:02:24 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: "8224e96358b5f3cff15b5a95dda8bf16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kxZ-fkm4NUR_VY5cxKTfvE3InNKFyUuEvu5nPGdXfemY4ZUtJBPhuA==
age: 3889
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 06:48:59 GMT
age: 758
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

hop.greenbluefrog.click/js/pub.min.js

108.178.23.115

200 OK

1.5 kB

URL HTTP/2
hop.greenbluefrog.click/js/pub.min.js
IP
108.178.23.115:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (2752)
Size
1.5 kB (1482 bytes)
Hash
31c303586c1b78e33984bd252b8e2644
8083e2aad4cbf8242a4e6fb53657d49552b85f82
d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be

HTTP Headers

GET /js/pub.min.js HTTP/1.1
Host: hop.greenbluefrog.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 07:01:37 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Thu, 26 Jan 2023 07:01:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3883
Expires: Wed, 25 Jan 2023 08:06:20 GMT
Date: Wed, 25 Jan 2023 07:01:37 GMT
Connection: keep-alive

push.services.mozilla.com/

35.81.36.195

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.81.36.195:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kzyHfXTYilfQF3BgPDa9rg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P1mILk0IiHGwnUjJ9kvlXuQMK4s=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12407
Expires: Wed, 25 Jan 2023 10:28:26 GMT
Date: Wed, 25 Jan 2023 07:01:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12407
Expires: Wed, 25 Jan 2023 10:28:26 GMT
Date: Wed, 25 Jan 2023 07:01:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12407
Expires: Wed, 25 Jan 2023 10:28:26 GMT
Date: Wed, 25 Jan 2023 07:01:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11918 bytes)
Hash
4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: df7df0ae-d70e-4b80-9483-2ecd5c8ee4a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqvPEXMoAMF5Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57fa-04193e0514c1c1e85d9d023b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fznabMNG3n9Uo4L1jrrewtL_hJnQv8oR2qggeZtruvOLVzpUpcs7Tw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:28:51 GMT
age: 12768
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9864 bytes)
Hash
03ba93e6c29fb268712e33228fa5ee38
2528a659d067ce39b31d5d8a0a9943e313a4caa6
2a3dfcbafd31bfc0cc653f9f43cfa98206334551b8ab76e9ab6d20338c8d6e1c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9864
x-amzn-requestid: dd368937-de20-4e2a-82e3-e82bc20a806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AtgGu3oAMFaoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-7efe789a5411c14a74ec327a;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MDBCOwO8k543vmWo7ROvYyqyzju9iJIyGZvMpzHv7VqIoats0p3Nxg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 10:10:42 GMT
age: 75057
etag: "2528a659d067ce39b31d5d8a0a9943e313a4caa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6715 bytes)
Hash
6fa8338e574e2b8272ad3ca7cd9d1d63
298cafecdcac99de25fe5c2c4c993487f73ced6b
f75c20ebc4c0db2df40d958337cd87768714bdf53a48609ad0f97b7129b0b100

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6715
x-amzn-requestid: c808c9d9-bbbb-43ff-ab15-33074a760093
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BO5En_oAMFTzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648c5-67151eb46f5a10b0732fbd09;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0pvebF903zoRPgzBK2gxMlcYQTurylOzzCfOO07hYCG5aD7wX_fl9g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 19:26:10 GMT
age: 41729
etag: "298cafecdcac99de25fe5c2c4c993487f73ced6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5732 bytes)
Hash
24a73392615d623dc852bdab43c9f133
3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4
edc11bdc8b40a513dc62b32f7eff0ba1f80db27208bd80bd16235da3c369157b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5732
x-amzn-requestid: 779904e5-f2c8-4d10-a3bf-0ed43b9ca019
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULOFf3oAMFfUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a47-22f5fe110d67b7d8215368d4;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kYNlMFpl4zmNWdYW1WatxKIqjZw4lWONAX0uXKBi0mfwzND1kTeLOg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 13:55:37 GMT
age: 61562
etag: "3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9650 bytes)
Hash
13891ffe8a0cc240be63b7945e4b7688
958b50e9e7e5e02882d55612a5d6d2402e225390
1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:16:15 GMT
age: 13524
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2130ca0-4287-4def-9d97-00fdb518ced4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7691 bytes)
Hash
6254fc1aaa5fbb1d87114b5b28d52c40
8d7bd3af0b9bfc3d3eb2751cb1ba211169eaefe8
866e0b364026754b2a88d73da5ccabf5b5df59fb75bc60b3aa5c66e8322ee764

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2130ca0-4287-4def-9d97-00fdb518ced4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7691
x-amzn-requestid: ee5858ec-ae6b-4a83-81f0-84903bea9786
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLP5HGwRIAMF2Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdf9d3-1b9f899e1d9e9ba67adbeeac;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:06:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 59rOv8-DhAIGQx240tISV3X6FskvU33S-4LVzv8fP45qQilEpp2VwQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:11:49 GMT
age: 10190
etag: "8d7bd3af0b9bfc3d3eb2751cb1ba211169eaefe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f

54.230.111.30

200 OK

0 B

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 17 Jan 2023 06:13:38 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: W/"cc6eada5afc77c57851d87ea0806b9e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CaQOyqdHYptNCZSuGg61ngQBEioZnZvUOLVFVgj46HJ-lgq6oV-c6Q==
age: 13624
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css

54.230.111.30

200 OK

0 B

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/style.css HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Tue, 24 Jan 2023 09:34:50 GMT
last-modified: Tue, 10 Jan 2023 09:02:18 GMT
etag: W/"8c24a5cb4c55b9d6cd3029f5fd2c6fe7"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WCJFO8Qn3IB6fGhr3yh3oC-GdmXWCON4VwVdJ_jWXnr_0_rgnrEEOA==
age: 77208
X-Firefox-Spdy: h2

www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js

54.230.111.30

200 OK

0 B

URL HTTP/2
www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/main_script.js HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 09:02:41 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 25 Jan 2023 07:01:37 GMT
etag: W/"f775da719fb8bd4bf8037463f5cb36e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 06Um9VAMHih-rc6PeEgn9KsNpsOCaNYuuxI7AjuQ68FK1XVU-vw2Jg==
age: 3889
X-Firefox-Spdy: h2

www.luckyducky.pics/favicon.ico

54.230.111.30

403 Forbidden

0 B

URL HTTP/2
www.luckyducky.pics/favicon.ico
IP
54.230.111.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.luckyducky.pics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.luckyducky.pics/sweeps/MZ/MZ+-+iPhone14+-+SpinnFlag+Test/index.html?cep=UnA5BK1TXz2CBIjW65vDlUUknYOo8ZeCPEUdf6G79AHoTlQen3fsJpE_cN-UoYjI5UC_rVhdUkAKRPjg9XBSlwaXxMMrwyhyDngxk2HkmBXbALgGaF8z5XBlrjcm5XGu9u0grMYFouw18bMBGbpdE8QhjMEiXrVAsMc5WvoQyTWr7clmrPiqaFlVU4JLWtFi-oVeoUxVwV2RdaI9_6d_wAEM9qN5GGhuUoOq96k0C_rMbroAhWGDS_19fXHrZuQY3nQOapW81SqDs33ftaRE-Lm85yQmlLDTiHt2VaqIMMYfS8npEpY1_U91_Jxxkv1IxuwBQZ5uh3hJXbF49PgLfgp1ytL_88I6fsKoTT6LhHg7vczvdUR_IGx7zmfEl0NJ&lptoken=16a1747f63b01853960f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
content-type: application/xml
date: Wed, 25 Jan 2023 07:01:37 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 16gYUZ38MqqQfwwNZ0l6XGOMpGPNE-TIKvJxD9StcZp3FqXhEojiMw==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML