Report - goo.su/i8VjKLZ

Report Overview

Submitted URL
goo.su/i8VjKLZ
IP
104.21.38.221
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 04:06:28
Access
public
Website Title
Manage your Apple ID - Apple
Final URL
1.azwee.click/en/main
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
goo.su	377451	2019-06-14	2017-05-12	2024-04-17	5.3 kB	47 kB	104.21.38.221
enduresopens.com	unknown	2023-08-31	2023-08-31	2024-03-26	399 B	1.5 kB	23.109.170.125
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	1.1 kB	36 kB	216.58.207.227
rtb.pushdom.co	244282	2018-12-28	2019-01-08	2024-04-17	509 B	158 B	109.200.209.143
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	873 B	26 kB	142.250.74.106
1.azwee.click	unknown	2024-01-09	2024-04-14	2024-04-16	5.1 kB	379 kB	199.21.149.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-15	medium	1.azwee.click/en/	Apple Inc.
2024-04-15	medium	1.azwee.click/en/main	Apple Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	goo.su	Sinkholed
2024-04-17	medium	goo.su	Sinkholed
2024-04-17	medium	enduresopens.com	Sinkholed
2024-04-17	medium	goo.su	Sinkholed
2024-04-17	medium	goo.su	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	1.azwee.click/en/assets/card.js	59 kB	2024-03-27	2024-04-30
Pretty URL 1.azwee.click/en/assets/card.js IP 199.21.149.68 ASN #7040 NETMINDERS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 17:58:11 Last Seen2024-04-30 07:27:32 Times Seen442 Hash 7aa76d18dd3e3598ac9561adf01f3882 26d9fcdd2b6bee0b3f1b96b015f3703b5fbd49e0 6d5516bbbebba2d51878f1e791b642f3b2944270b8e84770f15a16376b202213 Loading...

	1.azwee.click/en/main.cb307f485390a6a94066.js	839 kB	2024-03-27	2024-04-30
Pretty URL 1.azwee.click/en/main.cb307f485390a6a94066.js IP 199.21.149.68 ASN #7040 NETMINDERS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 17:58:12 Last Seen2024-04-30 07:27:32 Times Seen312 Hash bc44d3824775061c25f8df88d786c3e2 111302049dc6c747ff1c06e4f71b4633c0dec9da 8e89674e3a2a98869f629ec69abaf2dc5f499b53a3ee1016c6e3fbd36ad6a4be Loading...

	1.azwee.click/en/runtime.9b214d14fa4ea25c94c0.js	2.3 kB	2024-03-27	2024-04-30
Pretty URL 1.azwee.click/en/runtime.9b214d14fa4ea25c94c0.js IP 199.21.149.68 ASN #7040 NETMINDERS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 17:58:11 Last Seen2024-04-30 07:27:32 Times Seen312 Hash 4ac3e6290ad24ac46b8a1970a7efb266 6f792827e5974b69c7c9a87e81f33b5ef670bff3 94f516b9d49d3b5ecf42fba742d930a0224275eedb9d19b4c33644dc8c2a3c26 Loading...

	1.azwee.click/en/polyfills.649ac95cc0f663eb2ea5.js	46 kB	2024-03-27	2024-04-30
Pretty URL 1.azwee.click/en/polyfills.649ac95cc0f663eb2ea5.js IP 199.21.149.68 ASN #7040 NETMINDERS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 17:58:12 Last Seen2024-04-30 07:27:32 Times Seen442 Hash 4794c42590c7158a1a334801f7068376 63e0e06b459566123ab988af6258369ba5b181dd 073c634b2120ecfe1b6b98e45f44d807088bd437e757eb3b049867a615e6a49d Loading...

		Size	First Seen	Last Seen
	#1 Write - f0c55dc742e54fc001c0b3e56420471b	236 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 06:06:29 Last Seen2024-04-17 06:06:29 Times Seen1 Hash f0c55dc742e54fc001c0b3e56420471b 9ce75d1efa2460c22bef5ff1a194bb0dc7bf5afb bd7f6f63cf76f3bc0c16780de667ee71cad7ea44b9b7c343322dcad6d3aa41a1 Loading...

HTTP Transactions (25)

URL IP Response Size

goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5

104.21.38.221

32 kB

URL
goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5
IP
104.21.38.221:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
32 kB (32113 bytes)
Hash
f152f828206d2cf93e62818f9504e023
182c57654b3f05537cd722545f8d8dd99a8e2652
237a9a5d407ec860020474b01d73aaf1ca71ba2519c8ca92dba2ec81cf479d0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5 HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/i8VjKLZ
Cookie: XSRF-TOKEN=eyJpdiI6InQvVFgyT0RaY09xOXJPMHZiM0RIL3c9PSIsInZhbHVlIjoiUFpxQkxpWXQ4bFF4R0FZVTNpclBuR05LNDVWRGcrWEUxbGM5MmVtOFRJRGFKbTYzaGZtdDJ3UHkramZiejd2OS80THZVMFBzR3JmdlYvMHdIYkI5dmx3M3JqdjF0NDcybmMvS2VSd1phUHJ5a0pRemNnYXBadG11M0Z3ZTQyaVMiLCJtYWMiOiJlMDU4YWIwOWJlMTNmYzkyNDFmZGE2MTMwMWM3ODM4YmM2M2RjM2JmYmIyZmVjYjExMzU1N2EwYWIyYTExYTNjIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImZIOFptTzE3NFJNZjljL0xoWDFRaHc9PSIsInZhbHVlIjoiWU9PRGhWbjMvTkV1VW83TlN0dUtDWnNRaXZ3SnpGM0tEZVdBRXdtaUpCZGxLd0lFdEJscW40NVlmWVpKYUdVeG9hdGhaOEJhUmZROUtTWHU4ZVF2MDh6Q3hFVDFack9KR3BCc2JqLy84b3pnL2hlUXZqZXB4aGxza2dBaEYzMVEiLCJtYWMiOiIwMmZhYzc1OTliNjU4MGRhOTlhZTZmZDNmYTgwMTdjMWVkZTlmNzQzYjk4YWRhMGFlZTQ4NTAxMzE3ODA3NWQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:06:02 GMT
content-type: application/javascript
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=87787
etag: W/"65896ec2-156eb"
expires: Wed, 17 Apr 2024 06:06:53 GMT
last-modified: Mon, 25 Dec 2023 12:00:02 GMT
cf-cache-status: HIT
age: 597549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODSJMsdkUim4Pb0xfr7I%2FG3%2Bo4pasceix8pFIoBx5%2F21QzEMNwH%2FKu8InFeotXrXmMYvtgMvBEnCuTUkrksWKVFuwGm%2F1%2F%2Fn30p3oPpNvAR1VFIFJmkRQqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87598a499a96568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

goo.su/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.38.221

0 B

URL
goo.su/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.38.221:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InQvVFgyT0RaY09xOXJPMHZiM0RIL3c9PSIsInZhbHVlIjoiUFpxQkxpWXQ4bFF4R0FZVTNpclBuR05LNDVWRGcrWEUxbGM5MmVtOFRJRGFKbTYzaGZtdDJ3UHkramZiejd2OS80THZVMFBzR3JmdlYvMHdIYkI5dmx3M3JqdjF0NDcybmMvS2VSd1phUHJ5a0pRemNnYXBadG11M0Z3ZTQyaVMiLCJtYWMiOiJlMDU4YWIwOWJlMTNmYzkyNDFmZGE2MTMwMWM3ODM4YmM2M2RjM2JmYmIyZmVjYjExMzU1N2EwYWIyYTExYTNjIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImZIOFptTzE3NFJNZjljL0xoWDFRaHc9PSIsInZhbHVlIjoiWU9PRGhWbjMvTkV1VW83TlN0dUtDWnNRaXZ3SnpGM0tEZVdBRXdtaUpCZGxLd0lFdEJscW40NVlmWVpKYUdVeG9hdGhaOEJhUmZROUtTWHU4ZVF2MDh6Q3hFVDFack9KR3BCc2JqLy84b3pnL2hlUXZqZXB4aGxza2dBaEYzMVEiLCJtYWMiOiIwMmZhYzc1OTliNjU4MGRhOTlhZTZmZDNmYTgwMTdjMWVkZTlmNzQzYjk4YWRhMGFlZTQ4NTAxMzE3ODA3NWQ0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 17 Apr 2024 04:06:02 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0aGQTuE5kdkJaBLRtIUuuSP0b9xIn9HzGKwez%2BoZusmKAxLAQnzBNPhpDlvMCMrCxVKF5Hbj%2FONSIubqCNvbYpk87QrilZblx6Rzdje3McABoONbU2YwbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87598a4b1b2e568e-OSL
alt-svc: h3=":443"; ma=86400

enduresopens.com/ttkXIvunodY/69489

23.109.170.125

25 B

URL
enduresopens.com/ttkXIvunodY/69489
IP
23.109.170.125:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ttkXIvunodY/69489 HTTP/1.1
Host: enduresopens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2024 04:06:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://goo.su
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 18-Apr-2024 04:06:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 18-Apr-2024 04:06:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 41904
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

19 kB

URL
fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
Size
19 kB (18668 bytes)
Hash
8655d20bbcc8cdbfab17b6be6cf55df3
90edbfa9a7dabb185487b4774076f82eb6412270
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

HTTP Headers

GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:34:50 GMT
expires: Fri, 11 Apr 2025 02:34:50 GMT
cache-control: public, max-age=31536000
age: 523872
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st

109.200.209.143

0 B

URL
rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
IP
109.200.209.143:0
ASN
#49544 i3D.net B.V

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st HTTP/1.1
Host: rtb.pushdom.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 17 Apr 2024 04:06:03 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

goo.su/img/favicons/apple-touch-icon.png

104.21.38.221

11 kB

URL
goo.su/img/favicons/apple-touch-icon.png
IP
104.21.38.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced
Size
11 kB (10926 bytes)
Hash
dc1648f034a8879145ce2db071bdc305
28dfdc4f3f97f00e54528685427a83974cb04a81
7c51dc3139a5a8a07e00884f6558ed62511359803bcb4123668b8e0ccab896c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/favicons/apple-touch-icon.png HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/i8VjKLZ
Cookie: XSRF-TOKEN=eyJpdiI6InQvVFgyT0RaY09xOXJPMHZiM0RIL3c9PSIsInZhbHVlIjoiUFpxQkxpWXQ4bFF4R0FZVTNpclBuR05LNDVWRGcrWEUxbGM5MmVtOFRJRGFKbTYzaGZtdDJ3UHkramZiejd2OS80THZVMFBzR3JmdlYvMHdIYkI5dmx3M3JqdjF0NDcybmMvS2VSd1phUHJ5a0pRemNnYXBadG11M0Z3ZTQyaVMiLCJtYWMiOiJlMDU4YWIwOWJlMTNmYzkyNDFmZGE2MTMwMWM3ODM4YmM2M2RjM2JmYmIyZmVjYjExMzU1N2EwYWIyYTExYTNjIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImZIOFptTzE3NFJNZjljL0xoWDFRaHc9PSIsInZhbHVlIjoiWU9PRGhWbjMvTkV1VW83TlN0dUtDWnNRaXZ3SnpGM0tEZVdBRXdtaUpCZGxLd0lFdEJscW40NVlmWVpKYUdVeG9hdGhaOEJhUmZROUtTWHU4ZVF2MDh6Q3hFVDFack9KR3BCc2JqLy84b3pnL2hlUXZqZXB4aGxza2dBaEYzMVEiLCJtYWMiOiIwMmZhYzc1OTliNjU4MGRhOTlhZTZmZDNmYTgwMTdjMWVkZTlmNzQzYjk4YWRhMGFlZTQ4NTAxMzE3ODA3NWQ0IiwidGFnIjoiIn0%3D; cf_clearance=_UOoMiPxjSwuHC4TXDcVKMtdA8U.SBv4e2a6ATMqaJQ-1713326762-1.0.1.1-.Z_DpFzkSUwTCwzQhYKSqeUfS9mOuM0pcLkHLWTX3uFrtrXGyteTdhHNtFGOewozGkOuajgyKMk7U1.j5IeOkw; adtech_uid=b8324ec0-3871-4933-918f-b0cadd5d38c3%3Agoo.su; top100_id=t1.6673155.1227989723.1713326763013; t3_sid_6673155=s1.1515620532.1713326763014.1713326763014.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:06:03 GMT
content-type: image/png
content-length: 10926
last-modified: Sun, 24 Dec 2023 16:31:41 GMT
etag: "65885ced-2aae"
expires: Fri, 19 Apr 2024 14:06:25 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 395978
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTg%2FLrUUXQUoz2RFJC%2FRGs8KejJ5eDtePL8Y9W%2FLT%2FMiERDMUNMLrCktod7x%2FsNtKjcn4ElLEYRl5soZwukfCegw3LyXLTjGKzvvyde9c5ERgdRH1DfRQ44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87598a4dfce9568e-OSL
alt-svc: h3=":443"; ma=86400

goo.su/img/favicons/favicon-16x16.png

104.21.38.221

1.6 kB

URL
goo.su/img/favicons/favicon-16x16.png
IP
104.21.38.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.6 kB (1567 bytes)
Hash
2b201347b6d90e0ad2bbad3be209db73
ae5de3e7f779cf33aefd5dc738f2126633bb7824
df0a5932ec719656fd8f147bcc0c14312e53e52c2df13f5f815d72833de9c852

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/favicons/favicon-16x16.png HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/i8VjKLZ
Cookie: XSRF-TOKEN=eyJpdiI6InQvVFgyT0RaY09xOXJPMHZiM0RIL3c9PSIsInZhbHVlIjoiUFpxQkxpWXQ4bFF4R0FZVTNpclBuR05LNDVWRGcrWEUxbGM5MmVtOFRJRGFKbTYzaGZtdDJ3UHkramZiejd2OS80THZVMFBzR3JmdlYvMHdIYkI5dmx3M3JqdjF0NDcybmMvS2VSd1phUHJ5a0pRemNnYXBadG11M0Z3ZTQyaVMiLCJtYWMiOiJlMDU4YWIwOWJlMTNmYzkyNDFmZGE2MTMwMWM3ODM4YmM2M2RjM2JmYmIyZmVjYjExMzU1N2EwYWIyYTExYTNjIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImZIOFptTzE3NFJNZjljL0xoWDFRaHc9PSIsInZhbHVlIjoiWU9PRGhWbjMvTkV1VW83TlN0dUtDWnNRaXZ3SnpGM0tEZVdBRXdtaUpCZGxLd0lFdEJscW40NVlmWVpKYUdVeG9hdGhaOEJhUmZROUtTWHU4ZVF2MDh6Q3hFVDFack9KR3BCc2JqLy84b3pnL2hlUXZqZXB4aGxza2dBaEYzMVEiLCJtYWMiOiIwMmZhYzc1OTliNjU4MGRhOTlhZTZmZDNmYTgwMTdjMWVkZTlmNzQzYjk4YWRhMGFlZTQ4NTAxMzE3ODA3NWQ0IiwidGFnIjoiIn0%3D; cf_clearance=_UOoMiPxjSwuHC4TXDcVKMtdA8U.SBv4e2a6ATMqaJQ-1713326762-1.0.1.1-.Z_DpFzkSUwTCwzQhYKSqeUfS9mOuM0pcLkHLWTX3uFrtrXGyteTdhHNtFGOewozGkOuajgyKMk7U1.j5IeOkw; adtech_uid=b8324ec0-3871-4933-918f-b0cadd5d38c3%3Agoo.su; top100_id=t1.6673155.1227989723.1713326763013; t3_sid_6673155=s1.1515620532.1713326763014.1713326763014.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:06:03 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 24 Dec 2023 16:31:41 GMT
etag: "65885ced-61f"
expires: Tue, 23 Apr 2024 17:48:03 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 37080
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewumyte1uYWw4uVTdbAMg5fcw05SbtVFTedewudW796rfedp0Z1ZU4BBcT3CvI%2BKEMTiFkKSa66g6lN%2Bpjd%2Brqfff4pp2ipy59mlbJ%2BGKoRctjwLCevV8CA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87598a4dfcea568e-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open%20Sans:400&display=swap

142.250.74.106

2.0 kB

URL
fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
2.0 kB (2015 bytes)
Hash
d7166639cf7a7de5e755a5779bb645fc
827054d28d8bc19f63ac86b4d0b3b5465913ef96
a72d13dbaecef09dadfab3cced44c78d93ae38fcf5d753941f56ed6d4d96edf7

HTTP Headers

GET /css?family=Open%20Sans:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 04:06:02 GMT
date: Wed, 17 Apr 2024 04:06:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1.azwee.click/

199.21.149.68

0 B

URL
1.azwee.click/
IP
199.21.149.68:0
ASN
#7040 NETMINDERS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 0
Date: Wed, 17 Apr 2024 04:06:10 GMT
Server: Kestrel
Location: /en/
X-Rate-Limit-Limit: 24h
X-Rate-Limit-Remaining: 1996
X-Rate-Limit-Reset: 2024-04-18T04:05:55.3471969Z

1.azwee.click/en/

199.21.149.68

520 B

URL
1.azwee.click/en/
IP
199.21.149.68:0
ASN
#7040 NETMINDERS

File type
HTML document, ASCII text
Size
520 B (520 bytes)
Hash
fb8b9d9bf56c5251a14ad8cf217df902
87852731aa55f66ce221f4d2379712c341f7bf00
3074a00c33a6892ee549ced168872d8ffb9c78fe10f47cea0921aed8ac60d6ee

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /en/ HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Date: Wed, 17 Apr 2024 04:06:10 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d9fe46cfb43625"
Last-Modified: Sat, 14 Oct 2023 02:33:27 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Rate-Limit-Limit: 24h
X-Rate-Limit-Remaining: 1995
X-Rate-Limit-Reset: 2024-04-18T04:05:55.3471969Z

1.azwee.click/en/main

199.21.149.68

520 B

URL User Request GET
1.azwee.click/en/main
IP
199.21.149.68:0
ASN
#7040 NETMINDERS

File type
HTML document, ASCII text
Size
520 B (520 bytes)
Hash
fb8b9d9bf56c5251a14ad8cf217df902
87852731aa55f66ce221f4d2379712c341f7bf00
3074a00c33a6892ee549ced168872d8ffb9c78fe10f47cea0921aed8ac60d6ee

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /en/main HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Date: Wed, 17 Apr 2024 04:06:10 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d9fe46cfb43625"
Last-Modified: Sat, 14 Oct 2023 02:33:27 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Rate-Limit-Limit: 24h
X-Rate-Limit-Remaining: 1994
X-Rate-Limit-Reset: 2024-04-18T04:05:55.3471969Z

1.azwee.click/en/assets/card.css

199.21.149.68

200 OK

5.0 kB

URL GET HTTP/1.1
1.azwee.click/en/assets/card.css
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
Unicode text, UTF-8 text, with very long lines (27071)
Size
5.0 kB (4977 bytes)
Hash
8c10638062fc10e7800b5f041d66cbe1
94a8f282dc29814af277016d8741fc857b49304d
96712b90b0eb91764af520996a42c0bff93e823e5e825e2544d1ef4723d625d3

HTTP Headers

GET /en/assets/card.css HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d7d7f36c04bfc4"
Last-Modified: Fri, 12 Nov 2021 18:30:52 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding

1.azwee.click/en/assets/card.js

199.21.149.68

200 OK

16 kB

URL GET HTTP/1.1
1.azwee.click/en/assets/card.js
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (51786)
Size
16 kB (16275 bytes)
Hash
7aa76d18dd3e3598ac9561adf01f3882
26d9fcdd2b6bee0b3f1b96b015f3703b5fbd49e0
6d5516bbbebba2d51878f1e791b642f3b2944270b8e84770f15a16376b202213

HTTP Headers

GET /en/assets/card.js HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d7d7f3614aa44b"
Last-Modified: Fri, 12 Nov 2021 18:30:34 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding

1.azwee.click/en/runtime.9b214d14fa4ea25c94c0.js

199.21.149.68

200 OK

1.2 kB

URL GET HTTP/1.1
1.azwee.click/en/runtime.9b214d14fa4ea25c94c0.js
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
JavaScript source, ASCII text, with very long lines (2278), with no line terminators
Size
1.2 kB (1160 bytes)
Hash
4ac3e6290ad24ac46b8a1970a7efb266
6f792827e5974b69c7c9a87e81f33b5ef670bff3
94f516b9d49d3b5ecf42fba742d930a0224275eedb9d19b4c33644dc8c2a3c26

HTTP Headers

GET /en/runtime.9b214d14fa4ea25c94c0.js HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d9fe46cdea7ae6"
Last-Modified: Sat, 14 Oct 2023 02:33:24 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding

1.azwee.click/en/styles.2b2408b28c6b13bb450e.css

199.21.149.68

200 OK

28 kB

URL GET HTTP/1.1
1.azwee.click/en/styles.2b2408b28c6b13bb450e.css
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (27832 bytes)
Hash
c739cee2deb86082090e380beec5b7a0
f54b118cf0b048e09c70ad1ecf661a21b1a47406
0697729b655b3fadc015ce16eecd8cbd3b48a9e34e3c2a3e8b6ad0f8053887d2

HTTP Headers

GET /en/styles.2b2408b28c6b13bb450e.css HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d9fe46cde87d4f"
Last-Modified: Sat, 14 Oct 2023 02:33:24 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding

1.azwee.click/en/polyfills.649ac95cc0f663eb2ea5.js

199.21.149.68

200 OK

17 kB

URL GET HTTP/1.1
1.azwee.click/en/polyfills.649ac95cc0f663eb2ea5.js
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
JavaScript source, ASCII text, with very long lines (45945), with no line terminators
Size
17 kB (16801 bytes)
Hash
4794c42590c7158a1a334801f7068376
63e0e06b459566123ab988af6258369ba5b181dd
073c634b2120ecfe1b6b98e45f44d807088bd437e757eb3b049867a615e6a49d

HTTP Headers

GET /en/polyfills.649ac95cc0f663eb2ea5.js HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d9fe46cdeac179"
Last-Modified: Sat, 14 Oct 2023 02:33:24 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding

1.azwee.click/en/main.cb307f485390a6a94066.js

199.21.149.68

200 OK

243 kB

URL GET HTTP/1.1
1.azwee.click/en/main.cb307f485390a6a94066.js
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
JavaScript source, ASCII text, with very long lines (63865)
Size
243 kB (242917 bytes)
Hash
bc44d3824775061c25f8df88d786c3e2
111302049dc6c747ff1c06e4f71b4633c0dec9da
8e89674e3a2a98869f629ec69abaf2dc5f499b53a3ee1016c6e3fbd36ad6a4be

HTTP Headers

GET /en/main.cb307f485390a6a94066.js HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1d9fe46cf17512f"
Last-Modified: Sat, 14 Oct 2023 02:33:26 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding

1.azwee.click/en/assets/menu.png

199.21.149.68

200 OK

687 B

URL GET HTTP/1.1
1.azwee.click/en/assets/menu.png
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
PNG image data, 49 x 48, 8-bit/color RGBA, non-interlaced
Size
687 B (687 bytes)
Hash
da0b0fdd44746082b7f978a5f70f0e78
69a6755ecad7defee0b3de296d1352dae7cae626
00543da96852706a4d679197d06a00385869a5ce868c2687e7ab23a5f83fe4e4

HTTP Headers

GET /en/assets/menu.png HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 687
Content-Type: image/png
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d9ab7df8593f2f"
Last-Modified: Fri, 30 Jun 2023 18:09:11 GMT

1.azwee.click/en/assets/logo.png

199.21.149.68

200 OK

34 kB

URL GET HTTP/1.1
1.azwee.click/en/assets/logo.png
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
PNG image data, 720 x 721, 8-bit colormap, non-interlaced
Size
34 kB (34355 bytes)
Hash
4852c60ddb8653928e43fa9d24b911b3
e037ce421215511dbce720d6f6503e8fa9b8ea9d
07126b04b6559c56df43d120f4c5487f1ca9e335428b3d82c2d2d24459990561

HTTP Headers

GET /en/assets/logo.png HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 34355
Content-Type: image/png
Date: Wed, 17 Apr 2024 04:06:11 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d9ab83779dc633"
Last-Modified: Fri, 30 Jun 2023 18:48:32 GMT

1.azwee.click/en/assets/jt.png

199.21.149.68

200 OK

4.1 kB

URL GET HTTP/1.1
1.azwee.click/en/assets/jt.png
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
PNG image data, 126 x 126, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4129 bytes)
Hash
a64f3508282fa585f502c7283cfc853a
c266d5102a4fd1d5d9980799a51a345390b5d533
ff3323d9098ef10b0d36ef5c9219481d03afb2d307a5144a6ff3f509b31110f4

HTTP Headers

GET /en/assets/jt.png HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 4129
Content-Type: image/png
Date: Wed, 17 Apr 2024 04:06:12 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d5318f817f9521"
Last-Modified: Wed, 03 Jul 2019 11:07:30 GMT

1.azwee.click/en/apple.f843c50675ae358ea181.svg

199.21.149.68

200 OK

1.5 kB

URL GET HTTP/1.1
1.azwee.click/en/apple.f843c50675ae358ea181.svg
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1484 bytes)
Hash
26cbb4bfb27dd56b0ed09a961f28145b
b8e84ed32f81f41251c815e0132fed0fba3489f1
c21d714e92269a3dcf05c24db9aec96171671d0dcd59b867c2acb953d3cb551a

HTTP Headers

GET /en/apple.f843c50675ae358ea181.svg HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1484
Content-Type: image/svg+xml
Date: Wed, 17 Apr 2024 04:06:12 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d9fe46cdea77cc"
Last-Modified: Sat, 14 Oct 2023 02:33:24 GMT

1.azwee.click/en/image_small.1771014580291c90faaa.svg

199.21.149.68

200 OK

898 B

URL GET HTTP/1.1
1.azwee.click/en/image_small.1771014580291c90faaa.svg
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
SVG Scalable Vector Graphics image
Size
898 B (898 bytes)
Hash
4dc220ff2f9395c2cd7c34de8776a6e7
9dfcb00873e24be99f2965c6447e393b71cd6fc1
c18d99c87523f8ef73e5dc2e86aa5917da37e5564a7f591cb43bc32049f76d88

HTTP Headers

GET /en/image_small.1771014580291c90faaa.svg HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 898
Content-Type: image/svg+xml
Date: Wed, 17 Apr 2024 04:06:12 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d9fe46cdea7182"
Last-Modified: Sat, 14 Oct 2023 02:33:24 GMT

fonts.googleapis.com/css?family=Roboto:400&display=swap

142.250.74.106

23 kB

URL
fonts.googleapis.com/css?family=Roboto:400&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
23 kB (22962 bytes)
Hash
9dc2b831ce5feb443c46aad9ccc4b16b
d5b4e9146a65f7ae320c86459f1e1debdca3b8f8
27ed2da2d2ec4cb746393efa686fc2ca73c741f64774442827511abef6c684ea

HTTP Headers

GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 04:06:02 GMT
date: Wed, 17 Apr 2024 04:06:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1.azwee.click/en/favicon.ico

199.21.149.68

200 OK

22 kB

URL GET HTTP/1.1
1.azwee.click/en/favicon.ico
IP
199.21.149.68:80
ASN
#7040 NETMINDERS

Requested by
http://1.azwee.click/en/main

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
22 kB (22382 bytes)
Hash
891e510219786f543ca998282ed99f45
19fe2ff6a2418bcb44b02308b998cef84199ee08
e4bdf72e2f803f7e19907c12f407ac7f7cd5f1f94bfd730b9be24b0d49191b48

HTTP Headers

GET /en/favicon.ico HTTP/1.1
Host: 1.azwee.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://1.azwee.click/en/main
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 22382
Content-Type: image/x-icon
Date: Wed, 17 Apr 2024 04:06:12 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d71ee1f8b7af6e"
Last-Modified: Mon, 22 Mar 2021 06:09:52 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (25)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections