Report - ae.m-arabchat.com/29/main/index.html

Report Overview

Submitted URL
ae.m-arabchat.com/29/main/index.html
IP
54.230.111.49
ASN
#16509 AMAZON-02
Submitted
2022-10-15 23:00:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.3 kB	3.5 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	510 B	18 kB	216.58.207.195
ae.freeeprize.com	unknown	2022-06-13T17:06:06Z	2022-12-26T01:19:20Z	761 B	3.1 kB	99.198.106.194
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	797 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	34.218.168.248
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	55 kB	34.120.237.76
ae.m-arabchat.com	unknown	2022-11-10T05:16:02Z	2022-11-10T05:16:02Z	4.6 kB	71 kB	54.230.111.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	676 B	2.0 kB	143.204.42.165
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	662 B	1.4 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	394 B	90 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-15	medium	ae.m-arabchat.com/29/main/index.html	Phishing
2022-10-15	medium	ae.m-arabchat.com/29/main/img/profile.webp	Phishing
2022-10-15	medium	ae.m-arabchat.com/29/main/img/video-call.webp	Phishing
2022-10-15	medium	ae.m-arabchat.com/29/main/img/call.webp	Phishing
2022-10-15	medium	ae.m-arabchat.com/29/main/img/video-main.webp	Phishing
2022-10-15	medium	ae.m-arabchat.com/29/main/js/sweetalert2.js	Phishing
2022-10-15	medium	ae.freeeprize.com/js/pub.min.js	Malware
2022-10-15	medium	ae.freeeprize.com/sw.js	Malware
2022-10-15	medium	ae.m-arabchat.com/29/main/index.html	Phishing
2022-10-15	medium	ae.m-arabchat.com/29/main/js/jquery-3.5.1.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	ae.m-arabchat.com/29/main/index.html	30 B	2023-03-07	2023-03-17
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:43 Last Seen2023-03-17 12:42:05 Times Seen1 Hash 5a499edcbe20c704fdeb1358c4925fae 4684a47ee4cfb57701856792fe00c6f21482a486 f1c2f2681ba7ce0b0e7905b37773d5ddef19e514c095a07f3842d3e3570b694e Loading...

	ae.m-arabchat.com/29/main/index.html	35 B	2023-03-07	2024-03-16
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:43 Last Seen2024-03-16 20:19:35 Times Seen149 Hash cc5c8ffc2680ded8d7bdc9a4b45b4893 bad29cd3be890576b90d4511df9c0032ea3dc357 4164eae1ec20052899fec5c5b455f8768f59c87171379d5096bc574e607fa352 Loading...

	ae.m-arabchat.com/29/main/index.html	410 B	2023-03-07	2023-03-17
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:43 Last Seen2023-03-17 12:42:05 Times Seen1 Hash 3650bc127d67ab325358a74902498a59 1ae2d44080abf929182746f6415ed11b554c1b79 a669a53b2a2cd8614625136f3880728d62590257e97fdaf4cd268d907a77ca16 Loading...

	ae.m-arabchat.com/29/main/index.html	118 B	2023-03-07	2023-03-17
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:43 Last Seen2023-03-17 11:35:40 Times Seen1 Hash a16a25b9768d63d04fd9ed3aa11ecefa f569a7527293f90dde8fe167b6faff3703a8b6b8 f05c0eb0f36d0217fa5215ea3bae49331d20fe857671f9707b8bb8badbae0d81 Loading...

	ae.m-arabchat.com/29/main/index.html	811 B	2023-03-10	2023-03-11
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:38 Last Seen2023-03-11 09:24:58 Times Seen1 Hash 6a9c78962627306c64a324c13b7cbed7 ec5170e124d7a4e288fd2fc8f6ac2b64718a0e36 98035f28e37fcab226a423af398d3399b4001d499673494a14509de6dc2167a3 Loading...

	ae.m-arabchat.com/29/main/index.html	809 B	2023-03-10	2023-03-11
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:38 Last Seen2023-03-11 09:24:58 Times Seen1 Hash 49058a4403bc11729b485b86d22042ab ad277e874de4ecdcf834699fd8dfeddb36ceb285 433c002cc8667110ed92fc751bdccf7fcd32403c2d6a704fafcaaa43c7a36426 Loading...

	ae.m-arabchat.com/29/main/index.html	285 B	2023-03-07	2024-03-16
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:43 Last Seen2024-03-16 20:19:35 Times Seen155 Hash e2757aaa653070072bd0b1acaf676110 f5b478f7ba58fba4297f6f69d7f55e7f1d3bd979 92476d36067b74c7152b96c0178e2a9fb6e2243a1c32a69508579dfc6724e91d Loading...

	ae.m-arabchat.com/29/main/index.html	664 B	2023-03-07	2023-03-17
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:43 Last Seen2023-03-17 12:42:04 Times Seen1 Hash d4bfb3246ae77aede4712eb97321c2be d077c4dbb02c8182d25c5b9a91bae85eab8005c9 edbe558c3c793bd08a247432d489e87a46f146b0aed7fd2f3150aa3415cb2476 Loading...

	ae.m-arabchat.com/29/main/index.html	746 B	2023-03-10	2023-03-11
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:38 Last Seen2023-03-11 09:24:58 Times Seen1 Hash 386a69d7839e6d959a263d48edc97f12 77e9fadc2942835b0dde8f55543657f9370a89a2 231a3d602c29ebd455534d41d31dd22cb876c43775c8510f4d18b091e2fd27a6 Loading...

	ae.m-arabchat.com/29/main/index.html	811 B	2023-03-10	2023-03-11
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:38 Last Seen2023-03-11 09:24:58 Times Seen1 Hash 3c2e8eb2afafc69b76e9fc29f3d6bd84 2ae216410f337f2bafcd4943b6b7a298c04b629b aee43e34d94e9bfde4ce6858b89efd1ef4f92ddb12f80b966bd452ea690e41c2 Loading...

	ae.m-arabchat.com/29/main/index.html	818 B	2023-03-10	2023-03-11
Pretty URL ae.m-arabchat.com/29/main/index.html IP 54.230.111.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:38 Last Seen2023-03-11 09:24:58 Times Seen1 Hash af3847f799815ec1e3072af7c3536e7b 2337f5fc9000d53795d5f0070cae34fd7ac7f5dc 80571384f9ec8269b129087db0d92fe01b5ac5107c87e5dfd691223e520a24ac Loading...

	ae.freeeprize.com/js/pub.min.js	2.8 kB	2023-03-07	2024-04-13
Pretty URL ae.freeeprize.com/js/pub.min.js IP 99.198.106.194 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:14:23 Last Seen2024-04-13 12:32:01 Times Seen5975 Hash 842d4889c73f6664245d70112389026a 3f5d934289e1acfebce633760640881a81ac8299 99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03 Loading...

	ae.m-arabchat.com/29/main/js/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL ae.m-arabchat.com/29/main/js/jquery-3.5.1.min.js IP 54.230.111.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 15:51:04 Times Seen138156 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	ae.m-arabchat.com/29/main/js/sweetalert2.js	73 kB	2023-03-07	2023-03-17
Pretty URL ae.m-arabchat.com/29/main/js/sweetalert2.js IP 54.230.111.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:43 Last Seen2023-03-17 12:42:05 Times Seen1 Hash db1e0454f823ae7afbc0c13e440018a6 99b5d60bcf0c2bcf75f48a365bbdcedc97f25022 56a3ba2c135b263fb13a34aa4f9ed7bf1de48eebf5505f66eb0c7bfeb110c9e0 Loading...

		Size	First Seen	Last Seen
	#1 Write - 828f007e457ffa8b6e4fa52fac05b1f4	5 B	2023-03-10	2023-11-19
Pretty Observations First Seen2023-03-10 10:07:38 Last Seen2023-11-19 09:58:43 Times Seen2 Hash 828f007e457ffa8b6e4fa52fac05b1f4 df4803c16675ff44ba5803109d2709b0d5f3bdd6 a6dd98317845464a21fd0ef1a7017d48ce802a8eb7b0253f15993081ba253480 Loading...

HTTP Transactions (35)

URL IP Response Size

ae.m-arabchat.com/29/main/index.html

54.230.111.27

301 Moved Permanently

167 B

URL HTTP/1.1
ae.m-arabchat.com/29/main/index.html
IP
54.230.111.27:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/index.html HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 15 Oct 2022 23:00:04 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://ae.m-arabchat.com/29/main/index.html
X-Cache: Redirect from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: ScCdTO9wrB5q6KxlOUBv9eIOg18pWkaO7dRiTfUkx_MAu3rz9bWQYQ==

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 15 Oct 2022 22:50:19 GMT
Expires: Sat, 15 Oct 2022 23:47:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nPhNOGvjPL1yK17oEDtCpIoyQiWNSt9W06iHJ850276V4EVE8yrXVg==
Age: 586

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b424d8c01b211c56d5b44b92e4e4153
b1fdab18f23271eee58ae1482f8af25badc2ffda
1c82a5fd2bc3f16a66becb5e1924e8c9edd39386622dc2e5ed296442f4307b2b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4552
Expires: Sun, 16 Oct 2022 00:15:57 GMT
Date: Sat, 15 Oct 2022 23:00:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6462
Expires: Sun, 16 Oct 2022 00:47:47 GMT
Date: Sat, 15 Oct 2022 23:00:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DXDOuvdBYZvTlTLDO0kSPFQPvasEdCFUNfg2WOyllD+fpQl5oVK+KXrLKd5yIqGTD/NPYWIyrrxtzxolUXdNjA==
x-amz-request-id: JXP6E4ZH0Z6Q04DN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 15 Oct 2022 22:34:48 GMT
age: 1517
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
36f7a9ca7556367d43c43d65f20884cd
b653d7b8329c2ef69805a408f92648dec0477037
87548a8f82e7a559a852e5895eacc1f3217e953795155ac2269f001e694e1594

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136114
Date: Sat, 15 Oct 2022 23:00:05 GMT
Etag: "634aac27-1d7"
Expires: Mon, 17 Oct 2022 12:48:39 GMT
Last-Modified: Sat, 15 Oct 2022 12:48:39 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4z1O3SZnk-h44uRz5BFFd2kn5hxnDhc_xiowMcAg-ub2rWhw-15lkw==

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 23:00:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ae.m-arabchat.com/29/main/img/profile.webp

54.230.111.68

200 OK

9.3 kB

URL HTTP/2
ae.m-arabchat.com/29/main/img/profile.webp
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.3 kB (9320 bytes)
Hash
796425822172acb1d3aba9044f09b105
4ae60b0570b4417c3b36af20e805fb654b5a642b
b6027ff54d4177ffdb7dcb5d4074a7de1513116fe6139480ce1e888e0907a82c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/img/profile.webp HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 9320
date: Sat, 15 Oct 2022 13:31:51 GMT
last-modified: Fri, 14 Oct 2022 10:40:12 GMT
etag: "796425822172acb1d3aba9044f09b105"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: W2rBvV4SjtRcKRQR3Gj8vlWViO72MPWR8iWR5A9eH6xH2VBLey-L1A==
age: 34095
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
36f7a9ca7556367d43c43d65f20884cd
b653d7b8329c2ef69805a408f92648dec0477037
87548a8f82e7a559a852e5895eacc1f3217e953795155ac2269f001e694e1594

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136114
Date: Sat, 15 Oct 2022 23:00:05 GMT
Etag: "634aac27-1d7"
Expires: Mon, 17 Oct 2022 12:48:39 GMT
Last-Modified: Sat, 15 Oct 2022 12:48:39 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E6n5aNY_LJG-EzVGJ09UYnVIGBQKysIPL9C9Uw07ucX3b0sx6fxBcQ==

ae.m-arabchat.com/29/main/img/play-button.png

54.230.111.68

200 OK

1.3 kB

URL HTTP/2
ae.m-arabchat.com/29/main/img/play-button.png
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1305 bytes)
Hash
155ad268c139c2dc07b7d17976b9a2db
02994083e019823210f28ac9cafa0585a8f98bf3
5212a8f81ae02b46bc42e59af52675340587a16db0ddebd886ebb773f2b6115f

HTTP Headers

GET /29/main/img/play-button.png HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1305
date: Sat, 15 Oct 2022 13:31:51 GMT
last-modified: Fri, 14 Oct 2022 10:40:11 GMT
etag: "155ad268c139c2dc07b7d17976b9a2db"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: C_5XNBDzI4oCo2jRniPFhy1Mg6bAqFl0K_biGboPo_HjkjYoYATzpw==
age: 34095
X-Firefox-Spdy: h2

ae.m-arabchat.com/29/main/img/video-camera.png

54.230.111.68

200 OK

168 B

URL HTTP/2
ae.m-arabchat.com/29/main/img/video-camera.png
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
PNG image data, 32 x 32, 1-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
51dd47aacf8ac8637ce6ef2f5e558e17
8faf179ddf37aec36926e894efd307b99f7ea73b
13b36f243cbe0d968a3c7f37a1592f58eb2c43034a586b7ae9b75f38e2a48c06

HTTP Headers

GET /29/main/img/video-camera.png HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 168
date: Sat, 15 Oct 2022 13:31:52 GMT
last-modified: Fri, 14 Oct 2022 10:40:13 GMT
etag: "51dd47aacf8ac8637ce6ef2f5e558e17"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tED4uOFJ_qEVZZYSaCsYnbUY88kUDdqR9xOmbU4557lTPg5IcvckUA==
age: 34094
X-Firefox-Spdy: h2

ae.m-arabchat.com/29/main/img/video-call.webp

54.230.111.68

200 OK

850 B

URL HTTP/2
ae.m-arabchat.com/29/main/img/video-call.webp
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
850 B (850 bytes)
Hash
4fa05ff20b738e86e5c77fbfc71bc6f5
0b8559ed417ed4c0eda4acec75a9dca494e7e004
c1d98f237cbeb27d2a8ec1b720a4bf84629cd42d1eff476412beb42f7d372e35

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/img/video-call.webp HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 850
date: Sat, 15 Oct 2022 13:31:50 GMT
last-modified: Fri, 14 Oct 2022 10:40:12 GMT
etag: "4fa05ff20b738e86e5c77fbfc71bc6f5"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nwSFDBmN8DGwJZHmzg-8lCQruAGJnN1-I83WehSA2Jnw3ZFAOotxKQ==
age: 34095
X-Firefox-Spdy: h2

ae.m-arabchat.com/29/main/img/call.webp

54.230.111.68

200 OK

1.5 kB

URL HTTP/2
ae.m-arabchat.com/29/main/img/call.webp
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.5 kB (1484 bytes)
Hash
1331ba66dcf7095ae77f16de566e0388
d74ba876f5a959f23381971c9070d6ac1fa29886
29c70f7544406e1988c7d17f73f258f9b7a11b989a426ce3025ec585a3657677

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/img/call.webp HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 1484
date: Sat, 15 Oct 2022 13:31:50 GMT
last-modified: Fri, 14 Oct 2022 10:40:10 GMT
etag: "1331ba66dcf7095ae77f16de566e0388"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tFowgl5gLdqdjR8YyN2-m78SzYDfA9ZKNQuHgvdXQoK6kIL5Ck_5_A==
age: 34095
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 23:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ae.m-arabchat.com/29/main/img/video-main.webp

54.230.111.68

200 OK

31 kB

URL HTTP/2
ae.m-arabchat.com/29/main/img/video-main.webp
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
31 kB (30558 bytes)
Hash
85b34982f3602fa3a5baaedc3e544615
72a8eb0c5eee5f8bdacf1b7026be56d9a69af96e
74dd6402db7e12e4c2d3fbbf6e4bf1c01438084353f9f97079424d4be76300f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/img/video-main.webp HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 30558
date: Sat, 15 Oct 2022 13:31:50 GMT
last-modified: Fri, 14 Oct 2022 10:40:13 GMT
etag: "85b34982f3602fa3a5baaedc3e544615"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BbQlZrDwUy7_9vzEReMPB1MOcPVoyJAKL6jRHquxvccD3SQosjwBtA==
age: 34095
X-Firefox-Spdy: h2

ae.m-arabchat.com/29/main/js/sweetalert2.js

54.230.111.68

200 OK

19 kB

URL HTTP/2
ae.m-arabchat.com/29/main/js/sweetalert2.js
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (48321), with CRLF line terminators
Size
19 kB (19027 bytes)
Hash
a6e543f5ca78cdc4922efe34732cdb09
65e4daa654d3832ba2f6eaee86186400e234d148
f2cbe75468c9a78630b9ffd2ba794b2376d22c2c689560f8cd8a99a92e736e35

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/js/sweetalert2.js HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:40:15 GMT
server: AmazonS3
content-encoding: br
date: Sat, 15 Oct 2022 12:35:37 GMT
etag: W/"db1e0454f823ae7afbc0c13e440018a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jHacvtODuZe-XcwpILjG7Ny_PPIXK0M2n5_So26znzaeVKX2gJ_baw==
age: 37469
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans&display=swap

142.250.74.10

200 OK

89 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
89 kB (89149 bytes)
Hash
e95e64f3d58d326eed76e1cda207524f
92116c234413016d36aa1060f5401a732e2327c3
5b46c7f8846a0b195c6ab66d22ecffb7eb5cd6ad4ab33d9edc813487ed2804ff

HTTP Headers

GET /css2?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 15 Oct 2022 23:00:05 GMT
date: Sat, 15 Oct 2022 23:00:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 23:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ae.m-arabchat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 18:53:39 GMT
expires: Tue, 10 Oct 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 446786
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 15 Oct 2022 22:07:43 GMT
Cache-Control: max-age=3600
Expires: Sat, 15 Oct 2022 23:03:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BEUkWH-IF2Tm_QhYffvy3vOI0x_B0J3Zmff4gjOd4FX2fsI5CwK5dw==
Age: 3142

ae.m-arabchat.com/29/main/css/style.css

54.230.111.68

200 OK

3.2 kB

URL HTTP/2
ae.m-arabchat.com/29/main/css/style.css
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type
assembler source, ASCII text, with CRLF line terminators
Size
3.2 kB (3211 bytes)
Hash
a8737b9e734f02e2966f228b9b4ad691
1634b925c3b0b4aa280afa5e7daef812db8ce2c5
64a3ec200313e73c0929b3bd48a33ee9e64bdf89e21d30f025da45288518f860

HTTP Headers

GET /29/main/css/style.css HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 14 Oct 2022 10:40:09 GMT
server: AmazonS3
content-encoding: br
date: Sat, 15 Oct 2022 12:35:37 GMT
etag: W/"d5826b1f342ac06d6fac79b73607d666"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OoTIg20E6CqJjJbzYr0sEHrpFScdOjX7xI2u5v3Hd0_pwE2qYtK0oA==
age: 37469
X-Firefox-Spdy: h2

ae.freeeprize.com/js/pub.min.js

99.198.106.194

200 OK

1.5 kB

URL HTTP/2
ae.freeeprize.com/js/pub.min.js
IP
99.198.106.194:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (2752)
Size
1.5 kB (1482 bytes)
Hash
31c303586c1b78e33984bd252b8e2644
8083e2aad4cbf8242a4e6fb53657d49552b85f82
d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/pub.min.js HTTP/1.1
Host: ae.freeeprize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 23:00:05 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Sun, 16 Oct 2022 23:00:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
301aafc13bc66315321d9476df002258
e6bfd29899543fcd4d1b332623757bbad355306f
c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5705
Cache-Control: max-age=124914
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 23:00:06 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 09:42:00 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ae.freeeprize.com/sw.js

99.198.106.194

200 OK

776 B

URL HTTP/2
ae.freeeprize.com/sw.js
IP
99.198.106.194:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text
Size
776 B (776 bytes)
Hash
f72a11763f13b05c1f2379d13387dd05
002fbf7672d3f4655b89b6413d160e4185ce9900
70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sw.js HTTP/1.1
Host: ae.freeeprize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 23:00:06 GMT
content-type: application/javascript
content-length: 776
last-modified: Mon, 03 Oct 2022 07:40:54 GMT
vary: Accept-Encoding
etag: "633a9206-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.218.168.248

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.168.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: afBNw/OhdvwTxoTgeUoYew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fD/2pBaY/IFJQvvAaIUjZwayL1M=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11396
Expires: Sun, 16 Oct 2022 02:10:03 GMT
Date: Sat, 15 Oct 2022 23:00:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11396
Expires: Sun, 16 Oct 2022 02:10:03 GMT
Date: Sat, 15 Oct 2022 23:00:07 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8799 bytes)
Hash
f852a58da0bf5c1c5b3d4c9531078b08
96b58ac0e71afe7d4ba43fa592130f3611eb6df7
d404e20f16943bf168b422da6477716f9b37f38927ce078bf19504a581558f75

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 668570b9-a33b-4645-88f7-1dc31ae938da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEN2PGJGIAMF1oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29c1-176688ab716ea6102238fb0d;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:33 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BTZvMjz3PJ5xfENpFregpHJ36BDnD-lRpL2bsySa4L4_ez3Evtc7rg==
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:54:02 GMT
age: 3965
etag: "96b58ac0e71afe7d4ba43fa592130f3611eb6df7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9623 bytes)
Hash
440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:22 GMT
age: 4965
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c5bf7f3-2af5-4e40-a5dc-a596e1c0f04a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7267 bytes)
Hash
30232da4d2dc9438982ea90cc10dc912
cace2a97bcc0d2678a3291b82bac8abb61eda167
36a0176591f89a7c754964fb130b49da13cd78c006b4121fb77f7514f521eed5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c5bf7f3-2af5-4e40-a5dc-a596e1c0f04a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7267
x-amzn-requestid: 4b433a90-541f-4733-9435-0ef316859640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEMu0F7roAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b27f8-2a43cdc93330ecc44acc6d69;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Nv4WokO9w-zyFMD88h-a4k0dFKroK5RDtYEmxcQQxNTArUQF4qLdnQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 4978
etag: "cace2a97bcc0d2678a3291b82bac8abb61eda167"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9260 bytes)
Hash
e20daa74ab04b1b9859672acfc070f7e
d291947f161c928e6c6682a05835478b5f0cffc5
ebbe051930f46dd25de2a4c5795f3bdddf1513c0657cdc986c48f3dfdc90f575

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9260
x-amzn-requestid: dfd8deb0-fc73-4321-b024-330b2a3d1759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aENyFH9RoAMF24w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29a6-0aaf75c43b51d5775bc48a95;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:06 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 61ygCro-e2iz9SdywbShi7CWHcWLovGr7Ob2wWno2E2bpRWujT_OOA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:53:51 GMT
age: 3976
etag: "d291947f161c928e6c6682a05835478b5f0cffc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4adb9ea6-07d3-4cd7-8e5a-4b9f43b4662d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7110 bytes)
Hash
7def5eab120c634c4324bd93629552f3
b938095d7c5feff5d5c428dfb1d2a23a1a2db3e5
cdb541ee2733431d2fe0cec6c87c8948db48b5247ddb00bb3017f79d6615f2cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4adb9ea6-07d3-4cd7-8e5a-4b9f43b4662d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7110
x-amzn-requestid: df096a12-3744-4b5c-a525-f0a782d4438a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEMu0GCjIAMFjFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b27f8-407b2510647ccbc374e4dac4;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:36:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9nXB9PTlDZ8tlZC22Mz4IBqUdoWivuH4qLResfPhdWDLyCzfrAXqlA==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 4978
etag: "b938095d7c5feff5d5c428dfb1d2a23a1a2db3e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6367 bytes)
Hash
df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FDpKbEtkkBwyl0pq3hI50XU9_5Qk43D5_CCq2mdq6phymrT0Op_wzg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:00:32 GMT
age: 3575
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ae.m-arabchat.com/29/main/index.html

54.230.111.68

200 OK

0 B

URL HTTP/2
ae.m-arabchat.com/29/main/index.html
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/index.html HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Fri, 14 Oct 2022 10:40:15 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 15 Oct 2022 12:35:35 GMT
etag: W/"c1495d5d169a06b97c1ae5c00f5fb78a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GnIp5Kwd83M1pW2XVZUj2w4qZiSg4SHiOR8gzdOwUnAbcrw0s9MaOQ==
age: 37470
X-Firefox-Spdy: h2

ae.m-arabchat.com/29/main/js/jquery-3.5.1.min.js

54.230.111.68

200 OK

0 B

URL HTTP/2
ae.m-arabchat.com/29/main/js/jquery-3.5.1.min.js
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29/main/js/jquery-3.5.1.min.js HTTP/1.1
Host: ae.m-arabchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ae.m-arabchat.com/29/main/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 10:40:15 GMT
server: AmazonS3
content-encoding: br
date: Sat, 15 Oct 2022 12:35:37 GMT
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -szRiu1bHKb2OrOWVxmBWPSa0XY33nOVgm41VOf4VCXHAQPIXlxFYw==
age: 37469
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations