Report - arkinvestgives.net/

Report Overview

Submitted URL
arkinvestgives.net/
IP
3.67.234.155
ASN
#16509 AMAZON-02
Submitted
2022-09-12 22:17:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.208.34.131
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	44 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	25 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	24 kB	142.250.74.163
arkinvestgives.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	709 B	34.141.103.251
www.arkinvestgives.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	905 kB	3.67.255.218
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
vsa18.tawk.to	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	439 B	172.67.38.66
embed.tawk.to	8650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	845 B	1.1 kB	172.67.38.66
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	95.101.11.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-12	medium	arkinvestgives.net/	Phishing
2022-09-12	medium	arkinvestgives.net/	Phishing
2022-09-12	medium	www.arkinvestgives.net/	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/check.svg	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-app.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-main.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-2d0b9454.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-runtime.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/1g632k6os	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/chart	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-4fe9d5dd.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/chart(1)	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/console-ban.min.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/emojione.min.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-32507910.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-vendors.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-2d0d2b7c.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/jquery.min.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/css2	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-48f46bef.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/emojione.min.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-vendor.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-f1596d96.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-696bc286.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-f163fcd0.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/script.js	Phishing
2022-09-12	medium	www.arkinvestgives.net/img/twk-chunk-common.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	www.arkinvestgives.net/img/twk-chunk-vendors.js	211 kB	2023-03-07	2023-11-17
Pretty URL www.arkinvestgives.net/img/twk-chunk-vendors.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-11-17 23:19:02 Times Seen5 Hash 0022ca6ee8862a21867d497826b1d4ab aafdc57f6d1f79d8a788b40d54911e012f1074cd b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f Loading...

	www.arkinvestgives.net/img/twk-chunk-common.js	161 kB	2023-03-07	2023-10-26
Pretty URL www.arkinvestgives.net/img/twk-chunk-common.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-10-26 11:33:04 Times Seen4 Hash a971da9828a19bc856261914c19bc242 c31f60bec0150c41833e610c21aebae349ff6ed6 0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411 Loading...

	www.arkinvestgives.net/img/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL www.arkinvestgives.net/img/twk-chunk-4fe9d5dd.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	www.arkinvestgives.net/img/twk-chunk-696bc286.js	17 kB	2023-03-07	2023-03-29
Pretty URL www.arkinvestgives.net/img/twk-chunk-696bc286.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-29 23:24:56 Times Seen2 Hash 6712af3933a068dc9ca1293e0c2c828f a2954b915a9e43fa36429be9183d31204a3748c5 9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d Loading...

	www.arkinvestgives.net/img/twk-main.js	121 B	2023-03-07	2024-04-23
Pretty URL www.arkinvestgives.net/img/twk-main.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-23 12:08:25 Times Seen45917 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	www.arkinvestgives.net/img/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-11-23
Pretty URL www.arkinvestgives.net/img/twk-chunk-f163fcd0.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-11-23 09:21:19 Times Seen6 Hash 5d825157bfbb4872b9ce8ea19e5eb7e6 c3dd866d903d10c4d31bf7a233571d68262ad48f bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19 Loading...

	www.arkinvestgives.net/img/twk-runtime.js	2.3 kB	2023-03-07	2023-10-26
Pretty URL www.arkinvestgives.net/img/twk-runtime.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-10-26 11:33:03 Times Seen4 Hash a15483b174cf94cb489a53ce9789161d 1bdcddb76ab1470c4b1ed4c0ba42a6188ebe8c13 161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1 Loading...

	www.arkinvestgives.net/	334 B	2023-03-07	2023-03-07
Pretty URL www.arkinvestgives.net/ IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-07 15:27:47 Times Seen1 Hash 34c4aa3fa844aadd60c0dec2f2b71ae9 03e21dc42c8d5a15fe9198e8a96c9c54c6d11bc6 221ecb13d579b6a5d08570bf4dd840044d4b3c9e96b868bee9a2dcc682059c67 Loading...

	www.arkinvestgives.net/img/console-ban.min.js	2.3 kB	2023-03-07	2024-03-27
Pretty URL www.arkinvestgives.net/img/console-ban.min.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:42 Last Seen2024-03-27 22:33:44 Times Seen59 Hash 65bcc95f5c595112f6b5f05705aa76c1 ac16dfd7043a4dbec0fc648b5397420b9f3bd836 c3172f40c0b891c351a8844aa979038ea8c00e3f755cb7521617095e2758c165 Loading...

	embed.tawk.to/62b1b4c3b0d10b6f3e7890a8/1g632k6os	2.1 kB	2023-03-07	2023-03-07
Pretty URL embed.tawk.to/62b1b4c3b0d10b6f3e7890a8/1g632k6os IP 172.67.38.66 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-07 15:27:47 Times Seen1 Hash 93ae723743bd20e9e1bbfea9a3e45bcb d9f11761b46b7a71f47e62ff1d7a207a5d18686c f50c30e3aa2e6d839f9413edc71fd7a31c7e53912426357c2110369395b289ef Loading...

	www.arkinvestgives.net/	283 B	2023-03-07	2023-07-19
Pretty URL www.arkinvestgives.net/ IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-07-19 13:15:03 Times Seen2 Hash d8cbb7c47cd443bfa1d8f214d653ac6e b45977fc8ee93016e465a4df11198d0afcdf8d11 261c2b99581b2c481d75e1b915005548f2499f9e9868f86e2aba7569bc2aa14f Loading...

	www.arkinvestgives.net/img/twk-chunk-2d0d2b7c.js	6.9 kB	2023-03-07	2023-11-23
Pretty URL www.arkinvestgives.net/img/twk-chunk-2d0d2b7c.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-11-23 09:21:18 Times Seen6 Hash 1180d712a02848854eab38e1736e2616 8de5f23f274dce20a418a6f2b8ec36ffed158558 fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed Loading...

	www.arkinvestgives.net/img/twk-chunk-48f46bef.js	16 kB	2023-03-07	2023-03-29
Pretty URL www.arkinvestgives.net/img/twk-chunk-48f46bef.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-29 23:24:56 Times Seen2 Hash 601eb77cd91dcb708add40ebe9d149e0 f660c3a9823189147723eb1944e500f536f65896 08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678 Loading...

	www.arkinvestgives.net/img/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL www.arkinvestgives.net/img/twk-vendor.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	www.arkinvestgives.net/img/twk-app.js	151 B	2023-03-07	2024-04-23
Pretty URL www.arkinvestgives.net/img/twk-app.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-23 12:08:26 Times Seen46599 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	www.arkinvestgives.net/img/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL www.arkinvestgives.net/img/twk-chunk-2d0b9454.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	www.arkinvestgives.net/img/1g632k6os	2.1 kB	2023-03-07	2023-03-07
Pretty URL www.arkinvestgives.net/img/1g632k6os IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-07 15:27:47 Times Seen1 Hash 78b72289bf463d067b341d728762d0c3 a147579df6f8cd8c367f59e4de3b24901d2db7b0 e0eb324d431162713bb8d1549318b873e047f2ceddd1e9bcde65be412bf9056c Loading...

	www.arkinvestgives.net/img/twk-chunk-f1596d96.js	10 kB	2023-03-07	2023-03-29
Pretty URL www.arkinvestgives.net/img/twk-chunk-f1596d96.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-29 23:24:56 Times Seen2 Hash 325d67a45c137803b4f8bd4d47afffed ea57d9f62c99d4f25010eab124f26c477259ebf3 1a902d8d0bf4615e985f80c1e6fa38147d341124ae44a7927e15a632c0eb3d87 Loading...

	www.arkinvestgives.net/img/twk-chunk-32507910.js	72 kB	2023-03-07	2023-03-29
Pretty URL www.arkinvestgives.net/img/twk-chunk-32507910.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-29 23:24:56 Times Seen2 Hash 006d5eeef6485daa02180491bbfb5485 baf97d9243d2231c8ce444482b49d9fc7f935fbe b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14 Loading...

	www.arkinvestgives.net/img/jquery.min.js	90 kB	2023-03-07	2024-04-23
Pretty URL www.arkinvestgives.net/img/jquery.min.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-23 12:48:22 Times Seen260534 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.arkinvestgives.net/img/script.js	4.1 kB	2023-03-07	2023-03-08
Pretty URL www.arkinvestgives.net/img/script.js IP 3.67.255.218 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2023-03-08 16:30:21 Times Seen1 Hash fd3aa9b61dfa15a8dbccca471429a74f bca8506334225c0f5f75c64a4a022be39ab45c00 ec5d9af09df49bd7246e304cb49af4c818f6f5b7176661f3ae9107a8e8512477 Loading...

	embed.tawk.to/_s/v4/app/62835fee0eb/languages/en.js	17 kB	2023-03-07	2024-02-08
Pretty URL embed.tawk.to/_s/v4/app/62835fee0eb/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2024-02-08 03:47:50 Times Seen8 Hash 5a13c5b16c3caf8b986d6b915fd4b13e 4e2f05f7e88ddc428a26776e8c6533e5a28979ea d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7 Loading...

HTTP Transactions (65)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 21:24:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1IAc0dWxn1FD7Qh2zKkgs-jO_XtYrxFlUZEZCTBGgIiYeKGLtbGtSA==
Age: 3193

arkinvestgives.net/

34.141.103.251

301 Moved Permanently

42 B

URL HTTP/1.1
arkinvestgives.net/
IP
34.141.103.251:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
42 B (42 bytes)
Hash
6d3ba2ef76b10c98259914162ddd530b
543646772c5f93918f8a4b3910b861e911ec1a2c
5e8a78bdad564eda0a01e959f410c8a777717f17955b0a901bba1f6d21a371ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Age: 0
Cache-Control: public, max-age=0, must-revalidate
Content-Length: 42
Content-Type: text/plain
Date: Mon, 12 Sep 2022 22:17:24 GMT
Location: https://arkinvestgives.net/
Server: Netlify
X-Nf-Request-Id: 01GCSWEM9E9930TQM15Z73X471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9022
Expires: Tue, 13 Sep 2022 00:47:46 GMT
Date: Mon, 12 Sep 2022 22:17:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ebsZmDPAjSJPPww8ws8_ODh0RN0Z2JYkAG4vYwjpBHRp94Llx9m27Q==
age: 54012
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:17:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4d01e0efb5197a01369dce57dc221791
214e4972b35edd012a149c93ceb2b2a1c6de3122
5eb14f3dff12ebd5afb590ff942b6bb74a00684d76830c8dbcd540e7e6f860d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EB14F3DFF12EBD5AFB590FF942B6BB74A00684D76830C8DBCD540E7E6F860D9"
Last-Modified: Sun, 11 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Tue, 13 Sep 2022 04:17:11 GMT
Date: Mon, 12 Sep 2022 22:17:24 GMT
Connection: keep-alive

arkinvestgives.net/

3.67.255.218

301 Moved Permanently

46 B

URL HTTP/2
arkinvestgives.net/
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
bd3a73d820bd78f5275d185ee76c7d99
63295cad63a046eccf32ec9ade03169c916b3425
64f35bfe6f533a777b6335679b28a728b16cb49ab9df2cbf78bacb230b1fd493

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
age: 43931
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Mon, 12 Sep 2022 10:05:13 GMT
location: https://www.arkinvestgives.net/
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEMXMPKPNP4P7FV886JJJ
content-length: 46
X-Firefox-Spdy: h2

www.arkinvestgives.net/

3.67.255.218

200 OK

6.8 kB

URL HTTP/2
www.arkinvestgives.net/
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5948)
Size
6.8 kB (6821 bytes)
Hash
ee1b588b0ba061da9ed18d5b6b808bdb
de57d73bfc4c54960cdde8bf85887ffb063962dd
c69503da7498c16c5f689cd4945632a8fc06f742ea28735110b36b141a001c31

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
age: 47311
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:08:53 GMT
etag: "f236b37b02bd3c381b8e7831834a24da-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEMZSHD5R26Q8Q5PS64Z6
content-length: 6821
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 21:56:07 GMT
Expires: Mon, 12 Sep 2022 22:37:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JNTZyQ94e0oZHYoWXrOAVvUlSk9KeF76IuwUfIAE3qlQBZmWMw-8iA==
Age: 1277

www.arkinvestgives.net/img/check.svg

3.67.255.218

200 OK

541 B

URL HTTP/2
www.arkinvestgives.net/img/check.svg
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (330)
Size
541 B (541 bytes)
Hash
1931aca610b848c41a39065e37b178fb
24725267aed5e6658f20e7d66ad4cf0b3de882da
394c244600b8af491cca017bfc1b4be394472ac4b6bd7824206a34f7d02f533b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/check.svg HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 13780
cache-control: public, max-age=0, must-revalidate
content-type: image/svg+xml
date: Mon, 12 Sep 2022 18:27:44 GMT
etag: "0a8fcd11b75ec2cd867bce980d73bf45-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MAMSQSS7Y5ERZX40M
content-length: 541
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:17:25 GMT
Last-Modified: Mon, 12 Sep 2022 21:16:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.arkinvestgives.net/img/twk-app.js

3.67.255.218

200 OK

151 B

URL HTTP/2
www.arkinvestgives.net/img/twk-app.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
151 B (151 bytes)
Hash
e736e189edb5d0d9d5b8e7f23dd9114a
bcabee193f13756fa9154fc492fe420c47140343
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-app.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "54d60cc4ef2ad67a030b24090d2534d5-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN5WDD28FNAWFSVKB4EG
content-length: 151
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-main.js

3.67.255.218

200 OK

121 B

URL HTTP/2
www.arkinvestgives.net/img/twk-main.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
121 B (121 bytes)
Hash
da5bb1dc647470204df0e49f5afac2de
f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-main.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "f34711e8ce916e7b70262f614a2564f4-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN5SWWCHNGAYW0SAZM6H
content-length: 121
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/transfer.png

3.67.255.218

200 OK

1.7 kB

URL HTTP/2
www.arkinvestgives.net/img/transfer.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1739 bytes)
Hash
1c80cad930d6b35c9137dcefb7624b37
275952c42d1fe6bb2ef3f62532ec223d2cae9678
621db538c205e2e7e2615d259e1e6a1eb57d9dc7d23a8a895f330c4ae253ee94

HTTP Headers

GET /img/transfer.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "828ff616305bec2914d572b42f0b1871-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MCMQ6Y7S8JC5N348Y
content-length: 1739
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.208.34.131

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.34.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vmucNYjZLG6Ux9Di21q7Fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fsw6Yqt8KYsWwlYaaelOJcWRLuw=

www.arkinvestgives.net/img/twk-chunk-2d0b9454.js

3.67.255.218

200 OK

546 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-2d0b9454.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (546), with no line terminators
Size
546 B (546 bytes)
Hash
09c3819d373bd4178a620d721429fada
fc407211bc5ed4384dc85e981c5947f727254bd9
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-2d0b9454.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "8dc0a81e6c7a5b186b4c6f1930bf46ae-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6K22G64NXCA3ZKKZQJ
content-length: 546
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/popper.png

3.67.255.218

200 OK

26 kB

URL HTTP/2
www.arkinvestgives.net/img/popper.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25477 bytes)
Hash
00716492288b514843cd51595790c4f8
95acdbe28a5aa2999227c0706e342585e300b8a4
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4

HTTP Headers

GET /img/popper.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "7d3ff6a347daadcb2df5baef74ebfdad-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6M67QFVMG1W9A9Z0M7
content-length: 25477
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-runtime.js

3.67.255.218

200 OK

1.1 kB

URL HTTP/2
www.arkinvestgives.net/img/twk-runtime.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2306), with no line terminators
Size
1.1 kB (1079 bytes)
Hash
1693f312f70d56398ecded60619dcb26
9aa1c423ffe9ed8181882de44123789314c4480d
7dfb92f346a3f9f92668a92339fe46bd832162f42251927a5df57d182e3ddecf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-runtime.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "7ea1345cb3c926c4e54b84705ef13cd8-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN5V11823JHHZN5YCEA9
content-length: 1079
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/1g632k6os

3.67.255.218

200 OK

598 B

URL HTTP/2
www.arkinvestgives.net/img/1g632k6os
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
598 B (598 bytes)
Hash
f80ec2b52b221de852f97816952bacc2
b0dd619aa3138b0e2b73020a6ca9ff48c82d73e0
cae0dd81ac2c285b62f20c49671dcae4bf1b1ec5230d351fc206b583d309e423

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/1g632k6os HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/plain; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "e9fa785a64f1cc160fa101a67c101302-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN5ZBCYFDK6BGC82B5G1
content-length: 598
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/chart

3.67.255.218

200 OK

878 B

URL HTTP/2
www.arkinvestgives.net/img/chart
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced\012- data
Size
878 B (878 bytes)
Hash
a48413591c8787afbda3d7a61b1ad2a3
24653f36315486e26b562e707562783ed2ad7fff
cc96b73edf7ed699531b6cafc215c7cac98481604ceaec72749fa8d80fe8deb3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/chart HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: text/plain; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "b37b3253223fa2d990084652b3810a7a-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MBC3376TCQQHDAX2W
content-length: 878
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-4fe9d5dd.js

3.67.255.218

200 OK

942 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-4fe9d5dd.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (942), with no line terminators
Size
942 B (942 bytes)
Hash
5f434bdd806571a4e1b385bee9316ff6
ca69e13015a6b7769e4174179dc8befd4c543c43
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "adcab8efa86ad318c65a3ea375adcbb5-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6KV9PYEFDCE22KSPFE
content-length: 942
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/checkmark.png

3.67.255.218

200 OK

1.8 kB

URL HTTP/2
www.arkinvestgives.net/img/checkmark.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1766 bytes)
Hash
09711581137a9da289d7798e274aa484
dfc795ed18e2b12ed21cb13f10c75d18433a203a
f160835b75c0fc84a4e9f790e118cfb5e4c629f40651ee397f87fee4a289f126

HTTP Headers

GET /img/checkmark.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "05fd2b4d2910f5d0612fe21eb7d92765-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6M2QA7H5K5M8AG2F5C
content-length: 1766
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/bonus.png

3.67.255.218

200 OK

1.5 kB

URL HTTP/2
www.arkinvestgives.net/img/bonus.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 54 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1523 bytes)
Hash
cb921242f53c898fd255a1ae1386b451
9f9b4d54061605a1cf0465ec23fc606cd332d987
bf2c4e345eac7fc8af3c32279efaabcac3d48cbeaf9494821f3a853f06dac961

HTTP Headers

GET /img/bonus.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "1fde24d1163f61f7d5ea672ccf7064a2-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MTZKZ4NSPNQW5MRVC
content-length: 1523
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/chart(1)

3.67.255.218

200 OK

863 B

URL HTTP/2
www.arkinvestgives.net/img/chart(1)
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced\012- data
Size
863 B (863 bytes)
Hash
dfb4c3661a0c4dba920b462e07e59474
f6954fc913d99edd493c3c97a022f2933a9b3aae
d238f2b7ec6de43f86f56d0a41dfd9efd96f768d6798fdcc8be47491d038f006

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/chart(1) HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: text/plain; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "b1b4583f5bce5554e5eac457dedb2294-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MHQ5634MZQ4RNJ9ET
content-length: 863
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/logo_white.png

3.67.255.218

200 OK

17 kB

URL HTTP/2
www.arkinvestgives.net/img/logo_white.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 219 x 38, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17245 bytes)
Hash
f09ca0e121295e6c0f0a54a5b92f5f04
b6651f745339a93effe78f4bf05d73a1009accf9
22efa82fcb41ff5267224258f85bdcc560022dd755073107485ea9d30cf48df0

HTTP Headers

GET /img/logo_white.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "864481282f7442d1b1b79077506d34ad-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MW2K8TFFVVMC2NVAX
content-length: 17245
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/wallet.png

3.67.255.218

200 OK

1.8 kB

URL HTTP/2
www.arkinvestgives.net/img/wallet.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1784 bytes)
Hash
de2d770b8268444251f10ffc7ad095f3
c9eec467f50c1eeb9a06cd1bfa13a2712de0e91b
f315b42192be12ccf0fe2791c12cef434e1988817ea0aa82cc3b761baa741c79

HTTP Headers

GET /img/wallet.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "f5f7a60b65de81ab4230ee88e7e029a5-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6KDVAJHERVB3MP4Z49
content-length: 1784
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/qr.png

3.67.255.218

200 OK

1.5 kB

URL HTTP/2
www.arkinvestgives.net/img/qr.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1469 bytes)
Hash
55bd2103c06faaabf647549d33a64c07
d081f9659e23e7e55e015c88a41b6de1ee36140f
7d8dd447d2f8808e6c81f7156e8b191430e7bae24039aef4d07c0e89e3840825

HTTP Headers

GET /img/qr.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "e26bf8383cbf014d05552b852fb1538a-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6K8THY0J6BMD3AS7PQ
content-length: 1469
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/logo_black.png

3.67.255.218

200 OK

17 kB

URL HTTP/2
www.arkinvestgives.net/img/logo_black.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 219 x 38, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17245 bytes)
Hash
f09ca0e121295e6c0f0a54a5b92f5f04
b6651f745339a93effe78f4bf05d73a1009accf9
22efa82fcb41ff5267224258f85bdcc560022dd755073107485ea9d30cf48df0

HTTP Headers

GET /img/logo_black.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "864481282f7442d1b1b79077506d34ad-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MD31YXXBHTP8QZHPJ
content-length: 17245
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/bage.png

3.67.255.218

200 OK

1.3 kB

URL HTTP/2
www.arkinvestgives.net/img/bage.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1339 bytes)
Hash
3b1ba0a498683d01132fd68a5bd1e0bf
1f396be14f75fee88f663e3eee2cd92bd4d64946
5c9574bb56ab48600c5e869ca80f429b662bf7288698aee195cb47a30b5c14b6

HTTP Headers

GET /img/bage.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "7eac345dc36c8e1eeeb952cd03d9ebd7-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6KCNSY4E67HEHJYEER
content-length: 1339
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/console-ban.min.js

3.67.255.218

200 OK

953 B

URL HTTP/2
www.arkinvestgives.net/img/console-ban.min.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2166)
Size
953 B (953 bytes)
Hash
ab4775f747959b10353ceb6eb7d2f7fd
107998b5300fc8c63cd74ae61dfe390227fc0839
f3e6a12f8a425f7121450234323c2f34d03bf35bb5f386b9a09929cbde492cf0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/console-ban.min.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "70265d4a0611ff0be3e6bee0cdd76598-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6MSMW72X45BRWH9F0E
content-length: 953
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/emojione.min.js

3.67.255.218

304 Not Modified

0 B

URL HTTP/2
www.arkinvestgives.net/img/emojione.min.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/emojione.min.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-None-Match: "eb0199b707eddf9e1fbee66c149ba3a5-ssl-df"
TE: trailers

HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "eb0199b707eddf9e1fbee66c149ba3a5-ssl-df"
server: Netlify
vary: Accept-Encoding
x-nf-request-id: 01GCSWENV2QA0E8F47MVG2JHFW
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/creator.png

3.67.255.218

200 OK

680 kB

URL HTTP/2
www.arkinvestgives.net/img/creator.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
PNG image data, 744 x 913, 8-bit/color RGBA, non-interlaced\012- data
Size
680 kB (679872 bytes)
Hash
d27484910ebc6ca0b63afc93dbff24c8
ab718a91a8053dcf0fddd0fb7cc53ed1d1d0c883
56fe31ffcdbdb429a8f3e6a9f8ba54abf46d373ca73843c7beb3761d495d5e72

HTTP Headers

GET /img/creator.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "0186005a3739b516775e3c46b1c8251b-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GCSWEN6MS9WZR8K55PP2J424
content-length: 679872
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10870
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:17:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10870
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:17:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10870
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:17:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10870
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:17:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10870
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:17:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9815 bytes)
Hash
239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gUhO_jZ9W_10cAK-2lOVSmQ9r1DIZvNDaqpJs5oc6lt85qAkWbBcXg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:48:14 GMT
age: 1752
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6999 bytes)
Hash
b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:13:41 GMT
age: 54225
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-32507910.js

3.67.255.218

200 OK

23 kB

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-32507910.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23337 bytes)
Hash
80bb8bf2c001821b81801f7952fadb16
989cd777702c8707011f36af04e9174552152423
e5a6de5c91a57a2ea8fb4fe85e829f6d6b41c4422275010880486400ad7cee38

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-32507910.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "ca444273132eba7a17504e1ff7ba4b31-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6KCMZ2S4EM501KCJFZ
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8485 bytes)
Hash
e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:16:59 GMT
age: 27
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4162 bytes)
Hash
b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UxATqmWDCTwVqA3ORIXXObWZZj158TSRUoaAr48b08sxdAxBicw5zA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:27:45 GMT
age: 53381
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:04:42 GMT
age: 65564
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

23 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
23 kB (23438 bytes)
Hash
97ef738c063a9331c12d96b5498223d9
70033ef2025594215389369cb4a4d2ce3dddc536
e81ee0e6f64c170ae197aba0a49f90e2237a759ff6eca8e96a2fe852a270fa43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.arkinvestgives.net/img/twk-chunk-vendors.js

3.67.255.218

200 OK

104 kB

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-vendors.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65464)
Size
104 kB (103973 bytes)
Hash
5044b61d0347ada498d30ca7c4e07f32
e39da52b7471d9144513612e12ea899bfda341a1
85a337c3caa5470e49a20804652e083d04dff0173b0c9c2cee3445baa779c51c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-vendors.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "1996d8f4ffa20b0b427a5903367b72c0-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN5V7BAD5EWKVRECT2QT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.arkinvestgives.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 536825
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

vsa18.tawk.to/s/?k=631faff686b61dd69bfc916a&cver=0&pop=false&asver=295&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmIxYjRjM2IwZDEwYjZmM2U3ODkwYTgiLCJ2aWQiOiJkZjcxNTFiNThkYzI2MDZmNmY1NTQ2NzJhN2Y0MjZjOWNlZDRkZjcyNTljOWIyYjEwZmM3NWUwZGExNWRhZmFhIiwic2lkIjoiNjMxZmFmZjY4NmI2MWRkNjliZmM5MTZhIiwiaWF0IjoxNjYzMDIxMDQ2LCJleHAiOjE2NjMwMjI4NDYsImp0aSI6Im5DcHBfMWowbTUyT3MzTGpfVWVJdyJ9.P0ZyU64XBvo5Q7Iazs-MFxQGMY3uNUZ0PPpJUMFOBz6QrBZRbAyj3VvBM1TCjRHmu_tfxq7J_e6qkyPoTg1_wg&EIO=3&transport=websocket&__t=OCpnojI

172.67.38.66

101 Switching Protocols

0 B

URL HTTP/1.1
vsa18.tawk.to/s/?k=631faff686b61dd69bfc916a&cver=0&pop=false&asver=295&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmIxYjRjM2IwZDEwYjZmM2U3ODkwYTgiLCJ2aWQiOiJkZjcxNTFiNThkYzI2MDZmNmY1NTQ2NzJhN2Y0MjZjOWNlZDRkZjcyNTljOWIyYjEwZmM3NWUwZGExNWRhZmFhIiwic2lkIjoiNjMxZmFmZjY4NmI2MWRkNjliZmM5MTZhIiwiaWF0IjoxNjYzMDIxMDQ2LCJleHAiOjE2NjMwMjI4NDYsImp0aSI6Im5DcHBfMWowbTUyT3MzTGpfVWVJdyJ9.P0ZyU64XBvo5Q7Iazs-MFxQGMY3uNUZ0PPpJUMFOBz6QrBZRbAyj3VvBM1TCjRHmu_tfxq7J_e6qkyPoTg1_wg&EIO=3&transport=websocket&__t=OCpnojI
IP
172.67.38.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/?k=631faff686b61dd69bfc916a&cver=0&pop=false&asver=295&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmIxYjRjM2IwZDEwYjZmM2U3ODkwYTgiLCJ2aWQiOiJkZjcxNTFiNThkYzI2MDZmNmY1NTQ2NzJhN2Y0MjZjOWNlZDRkZjcyNTljOWIyYjEwZmM3NWUwZGExNWRhZmFhIiwic2lkIjoiNjMxZmFmZjY4NmI2MWRkNjliZmM5MTZhIiwiaWF0IjoxNjYzMDIxMDQ2LCJleHAiOjE2NjMwMjI4NDYsImp0aSI6Im5DcHBfMWowbTUyT3MzTGpfVWVJdyJ9.P0ZyU64XBvo5Q7Iazs-MFxQGMY3uNUZ0PPpJUMFOBz6QrBZRbAyj3VvBM1TCjRHmu_tfxq7J_e6qkyPoTg1_wg&EIO=3&transport=websocket&__t=OCpnojI HTTP/1.1
Host: vsa18.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.arkinvestgives.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WmmKyQVuVGq22di0ykYkFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 12 Sep 2022 22:17:27 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 9XDk8N1NiUM7JOfQsjSMBtoXgRQ=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 749c0365bf61b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-app.js

172.67.38.66

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-app.js
IP
172.67.38.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/62835fee0eb/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.arkinvestgives.net
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:17:26 GMT
content-type: application/javascript
last-modified: Tue, 17 May 2022 08:44:36 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
age: 29
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 749c03628d71b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-2d0d2b7c.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-2d0d2b7c.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-2d0d2b7c.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "e0e698657bb7d38c94a5645cf913f578-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN60W35AH3WVXM87Q7FM
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/jquery.min.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/jquery.min.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/jquery.min.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "d02571e3593c7ac903004599031cdc0e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6MYY994QXRH232690J
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/css2

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/css2
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/css2 HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/plain; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "025fce66a79934733ab828524ab387ec-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN5RS6W4215NR4TJRCKB
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-48f46bef.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-48f46bef.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-48f46bef.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "f7ad38eee5b741905d50a0d4fe533d3e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6KJEREKJY9PXDASHCJ
X-Firefox-Spdy: h2

www.arkinvestgives.net/images/background.png

3.67.255.218

404 Not Found

0 B

URL HTTP/2
www.arkinvestgives.net/images/background.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/background.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/img/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: 1657692297-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWENVM0B6KYZ445CJJ27RA
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/emojione.min.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/emojione.min.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/emojione.min.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "eb0199b707eddf9e1fbee66c149ba3a5-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6KH1YK947YXRPG1KP8
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-vendor.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/twk-vendor.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-vendor.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "6e9ca741336d2e45ca217e7d9152c214-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN5TXVNW9NFV42T65PHS
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-f1596d96.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-f1596d96.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-f1596d96.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "9be865b6ea6bbae6b90566333854b4ab-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6K2W2BH03KY3X0GVVK
X-Firefox-Spdy: h2

www.arkinvestgives.net/images/background2.png

3.67.255.218

404 Not Found

0 B

URL HTTP/2
www.arkinvestgives.net/images/background2.png
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/background2.png HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/img/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: 1657692297-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWENVNC39W8JFRGFGKK9Z7
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/style.css

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/style.css
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/style.css HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "b4d0188bc1eef8336b3496d6c2e542c3-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN5SEC5CVKKZPFHCQ7G9
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-696bc286.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-696bc286.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-696bc286.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "953ace061a1beb068d4c6a01a0e289e1-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6KHDHK9EW940X9YRT0
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-f163fcd0.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-f163fcd0.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-f163fcd0.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "7213c770cfed39830af68681c16d3605-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6MM46Z8JJ2AQZCJHX7
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/script.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/script.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/script.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "9a53119fc48a4043e387bf750abe894f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN6M9A2K289PMN6D3EQW
X-Firefox-Spdy: h2

www.arkinvestgives.net/img/twk-chunk-common.js

3.67.255.218

200 OK

0 B

URL HTTP/2
www.arkinvestgives.net/img/twk-chunk-common.js
IP
3.67.255.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/twk-chunk-common.js HTTP/1.1
Host: www.arkinvestgives.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 12 Sep 2022 22:17:25 GMT
etag: "12e50988c605ba159003d6f7aa67722b-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GCSWEN5VX61FS7D32AZ0AQZZ
X-Firefox-Spdy: h2

embed.tawk.to/62b1b4c3b0d10b6f3e7890a8/1g632k6os

172.67.38.66

200 OK

0 B

URL HTTP/2
embed.tawk.to/62b1b4c3b0d10b6f3e7890a8/1g632k6os
IP
172.67.38.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /62b1b4c3b0d10b6f3e7890a8/1g632k6os HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.arkinvestgives.net
Connection: keep-alive
Referer: https://www.arkinvestgives.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:17:25 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-630c16bea60"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 28
x-content-type-options: nosniff
server: cloudflare
cf-ray: 749c035f1a23b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations