Report - bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview

Report Overview

Visited public
2023-11-06 05:48:40
Tags
URL
bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6
Finishing URL
bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6
IP / ASN
195.149.114.22
#31044 Tov Dergachi.net
Title
Parkpage NIC.UA

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-05 14:57:39	1.0 kB	48 kB	216.58.207.227
parkpage.nic.ua	unknown	2007-10-04	2012-08-02 11:21:51	2023-11-05 14:54:55	445 B	2.2 kB	195.149.114.22
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-05 15:43:22	460 B	2.2 kB	142.250.74.106
bestvirtcashoffer.com	unknown	unknown	2023-03-24 16:30:17	2023-04-05 07:08:59	985 B	2.8 kB	195.149.114.22
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-05 14:39:56	429 B	87 kB	142.250.74.168
img.nic.ua	996390	2007-10-04	2015-02-09 20:11:21	2023-11-04 21:29:05	4.4 kB	22 kB	159.223.1.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-06 05:48:22	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:22	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-11-06 05:48:23	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-Q2DHSXH1TQ	ScriptElement	250 kB	2023-11-06	2023-11-06
Pretty URL www.googletagmanager.com/gtag/js?id=G-Q2DHSXH1TQ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 06:48 Last Seen2023-11-06 06:48 Times Seen1 Hash 0c2cecfe2346c5f5f4f91400dcb91e3a 19af82820e53be6b6ce3fd910ceccf755b268d1c 4ebc622f7a61d3c3c93a67e5e77dc9dea5ba56a6dce506493ba53724b070a991 Loading...

	bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6	ScriptElement	0 B	0001-01-01	2025-05-13
Pretty URL bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 IP 195.149.114.22 ASN #31044 Tov Dergachi.net Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-13 04:13 Times Seen4668828 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6	ScriptElement	0 B	0001-01-01	2025-05-13
Pretty URL bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 IP 195.149.114.22 ASN #31044 Tov Dergachi.net Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-13 04:13 Times Seen4668828 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12 12:17	2024-08-29 17:45
Pretty Observations First Seen2023-03-12 12:17 Last Seen2024-08-29 17:45 Times Seen7112 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (17)

	URL	IP	Response	Size
	bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6	195.149.114.22	200 OK	1.8 kB
URL User Request GET HTTP/1.1 bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 IP 195.149.114.22:80 ASN #31044 Tov Dergachi.net File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text Size 1.8 kB (1776 bytes) Hash 4215808df15afcc374c656c5c8eca03a abab534fae878645c5546eb26986155c41591028 971dd56f7090cec0592f9eefc59031829f4772cdab3e22b8c14dc323d05e52e9 HTTP Headers `GET /crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 HTTP/1.1 Host: bestvirtcashoffer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Nov 2023 05:48:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.0.7 Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEADER Access-Control-Allow-Headers: Content-Type, Accept-Language, Authorization Access-Control-Allow-Credentials: true Vary: Accept-Encoding, Origin X-Frame-Options: DENY Content-Encoding: gzip`

	www.googletagmanager.com/gtag/js?id=G-Q2DHSXH1TQ	142.250.74.168	200 OK	86 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-Q2DHSXH1TQ IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT File type ASCII text, with very long lines (3034) Size 86 kB (86069 bytes) Hash 0c2cecfe2346c5f5f4f91400dcb91e3a 19af82820e53be6b6ce3fd910ceccf755b268d1c 4ebc622f7a61d3c3c93a67e5e77dc9dea5ba56a6dce506493ba53724b070a991 HTTP Headers `GET /gtag/js?id=G-Q2DHSXH1TQ HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 06 Nov 2023 05:48:22 GMT expires: Mon, 06 Nov 2023 05:48:22 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 86069 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img.nic.ua/f/images/ic_home.svg	159.223.1.62	200 OK	303 B
URL GET HTTP/2 img.nic.ua/f/images/ic_home.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (303), with no line terminators Size 303 B (303 bytes) Hash 71720c8bbc59c9ab483ddb298b2fd381 5e53fafaf66dc39f4f0ffca365ba30a9a5b0eddf a122d5ba8adfc8ab10a1d603bdf5c37c95eedb81066412eefdfd05ae76fdb6de HTTP Headers `GET /f/images/ic_home.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 303 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-12f" accept-ranges: bytes X-Firefox-Spdy: h2`

	img.nic.ua/f/images/ic_fb.svg	159.223.1.62	200 OK	378 B
URL GET HTTP/2 img.nic.ua/f/images/ic_fb.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (378), with no line terminators Size 378 B (378 bytes) Hash 532b6456a22679987344ec79c3b286d7 e34e79642d1f6eb93a3ed00fcbcf808ea8d41afc 0238dd7932cf4dc3849b9dc2fbd9be4e1809590dee9e2ac7ef5ad5eee17e3585 HTTP Headers `GET /f/images/ic_fb.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 378 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-17a" accept-ranges: bytes X-Firefox-Spdy: h2`

	img.nic.ua/f/images/ic_tm.svg	159.223.1.62	200 OK	199 B
URL GET HTTP/2 img.nic.ua/f/images/ic_tm.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 199 B (199 bytes) Hash 594f2544a8ba80687d7f13609b3b5581 a28b1791dec82a98f17ad8a9162aec111cb8e1a4 2ec72ad876dcb4e954b3705501558823d0fe433791629c51874adb78eca1f8e0 HTTP Headers `GET /f/images/ic_tm.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 199 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-c7" accept-ranges: bytes X-Firefox-Spdy: h2`

	img.nic.ua/f/images/logo.svg	159.223.1.62	200 OK	2.7 kB
URL GET HTTP/2 img.nic.ua/f/images/logo.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2687), with no line terminators Size 2.7 kB (2687 bytes) Hash 82749c5aa21de1c9aca684d20f4382aa 83776a6c100e2402e5646ad393e686f67f727fe0 8561a31766341e9a503256274c814ea26388bd3744c93694fe6c81ca49d1099b HTTP Headers `GET /f/images/logo.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 2687 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-a7f" accept-ranges: bytes X-Firefox-Spdy: h2`

	img.nic.ua/f/images/ic_i.svg	159.223.1.62	200 OK	583 B
URL GET HTTP/2 img.nic.ua/f/images/ic_i.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (583), with no line terminators Size 583 B (583 bytes) Hash 5edaac5f9bf8b89c434f2f043d7f28e2 2a104685f97535104b01efbae1c803dd2722c66d f4b72ef15c21a4827162f20def4c244e7ebb14fdc34ea59678d6b90fb05dc5a0 HTTP Headers `GET /f/images/ic_i.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 583 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-247" accept-ranges: bytes X-Firefox-Spdy: h2`

	img.nic.ua/f/images/ic_tw.svg	159.223.1.62	200 OK	523 B
URL GET HTTP/2 img.nic.ua/f/images/ic_tw.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (523), with no line terminators Size 523 B (523 bytes) Hash 1685aa21959824410c464e9965463af0 b6db5def1a83c0597eb30da1b1b52428726a9445 f2fc3ecfb218fd9497ca915c99d16a3336f74ef29a1768964c0da35ea108aded HTTP Headers `GET /f/images/ic_tw.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 523 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-20b" accept-ranges: bytes X-Firefox-Spdy: h2`

	img.nic.ua/f/images/ic_cloud.svg	159.223.1.62	200 OK	345 B
URL GET HTTP/2 img.nic.ua/f/images/ic_cloud.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345), with no line terminators Size 345 B (345 bytes) Hash 83e9694d02d65439cc12ab42ad2b8ea6 7c4e161c990ea1f608e5345736c80bd998e3b441 6213bbb1faaa3bb1bce80aaa621a00e7e2b697caa4c4fee8063b72624cf42b6a HTTP Headers `GET /f/images/ic_cloud.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 345 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-159" accept-ranges: bytes X-Firefox-Spdy: h2`

	img.nic.ua/f/images/ic_message.svg	159.223.1.62	200 OK	307 B
URL GET HTTP/2 img.nic.ua/f/images/ic_message.svg IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (307), with no line terminators Size 307 B (307 bytes) Hash a75aab07420def5df52d4406346fc0a3 1bca9aba16b17f3377e32ee84aef45c0fce099f0 cac8d45a684827ba3c90070f9958248e97fc2fc56b1a301e94fbddfa8f933064 HTTP Headers `GET /f/images/ic_message.svg HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://img.nic.ua/f/styles/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/svg+xml content-length: 307 last-modified: Mon, 23 May 2022 14:36:00 GMT etag: "628b9bd0-133" accept-ranges: bytes X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2	216.58.207.227	200 OK	23 kB
URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28 ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Size 23 kB (23040 bytes) Hash de69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 HTTP Headers GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://bestvirtcashoffer.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23040 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 05 Nov 2023 05:37:01 GMT expires: Mon, 04 Nov 2024 05:37:01 GMT cache-control: public, max-age=31536000 last-modified: Tue, 02 May 2023 15:07:25 GMT content-type: font/woff2 age: 87082 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2	216.58.207.227	200 OK	24 kB
URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28 ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Size 24 kB (23580 bytes) Hash e1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 HTTP Headers GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://bestvirtcashoffer.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 02 Nov 2023 15:16:10 GMT expires: Fri, 01 Nov 2024 15:16:10 GMT cache-control: public, max-age=31536000 age: 311533 last-modified: Tue, 02 May 2023 15:17:22 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img.nic.ua/favicon.ico	159.223.1.62	200 OK	1.2 kB
URL GET HTTP/2 img.nic.ua/favicon.ico IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1.2 kB (1150 bytes) Hash 96b7a72fd7e4dd5e82631dc01105aff0 116963d632c83adc2c7a31ebcbac1c4cec18e6af 66a22f390e8462ab62f359b0dca33d5d2498c9cab058f44c83f1b2fe18ab6a62 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: image/x-icon content-length: 1150 last-modified: Tue, 18 Aug 2015 08:24:00 GMT etag: "55d2eba0-47e" accept-ranges: bytes X-Firefox-Spdy: h2`

	bestvirtcashoffer.com/crypto-comeback-pro/apple-touch-icon.png	195.149.114.22		138 B
URL GET bestvirtcashoffer.com/crypto-comeback-pro/apple-touch-icon.png IP 195.149.114.22:0 ASN #31044 Tov Dergachi.net Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 138 B (138 bytes) Hash aff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0 HTTP Headers GET /crypto-comeback-pro/apple-touch-icon.png HTTP/1.1 Host: bestvirtcashoffer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Cookie: _ga_Q2DHSXH1TQ=GS1.1.1699249703.1.0.1699249703.0.0.0; _ga=GA1.1.1537169306.1699249703 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Moved Temporarily Server: nginx Date: Mon, 06 Nov 2023 05:48:23 GMT Content-Type: text/html Content-Length: 138 Connection: keep-alive Location: https://parkpage.nic.ua/?fqdn=bestvirtcashoffer.com Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEADER Access-Control-Allow-Headers: Content-Type, Accept-Language, Authorization Access-Control-Allow-Credentials: true Vary: Origin X-Frame-Options: DENY`

	parkpage.nic.ua/?fqdn=bestvirtcashoffer.com	195.149.114.22		1.8 kB
URL GET parkpage.nic.ua/?fqdn=bestvirtcashoffer.com IP 195.149.114.22:0 ASN #31044 Tov Dergachi.net Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text Size 1.8 kB (1786 bytes) Hash 537e6d071a2622f92f3e4ff98568bd3a 4a1c5f43d9d518c385bf674bb64bef4e8d8eb0ce 639c916c1dea7f6a91116baaed628f08e9c3a1b4e44250abfcbc4a0756377214 HTTP Headers `GET /?fqdn=bestvirtcashoffer.com HTTP/1.1 Host: parkpage.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://bestvirtcashoffer.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Nov 2023 05:48:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.0.7 Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEADER Access-Control-Allow-Headers: Content-Type, Accept-Language, Authorization Access-Control-Allow-Credentials: true Vary: Accept-Encoding, Origin X-Frame-Options: DENY Content-Encoding: gzip`

	fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap	142.250.74.106	200 OK	1.5 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9 ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT File type ASCII text, with very long lines (1566), with no line terminators Size 1.5 kB (1530 bytes) Hash bef54a4f8ad5d25fc816b34ad3298c30 6e7414798c5ddeccd9b28f79316617dbe59c30ae 6f1630b5aa4ebf650967d76a891d2690f3ad4478da4875b9ad564335c40366c3 HTTP Headers `GET /css2?family=Lato:wght@400;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 06 Nov 2023 05:48:22 GMT date: Mon, 06 Nov 2023 05:48:22 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img.nic.ua/f/styles/main.css	159.223.1.62	200 OK	13 kB
URL GET HTTP/2 img.nic.ua/f/styles/main.css IP 159.223.1.62:443 ASN #14061 DIGITALOCEAN-ASN Requested by http://bestvirtcashoffer.com/crypto-comeback-pro/index.html?preview_code=QuhYdcje8Tq6 Certificate IssuerSectigo Limited Subject.nic.ua FingerprintBF:64:22:01:16:4B:EC:E2:23:30:16:7D:9B:45:81:23:8A:3C:0E:08 ValidityTue, 13 Dec 2022 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT File type ASCII text Size 13 kB (12992 bytes) Hash 14a4f96cc53575775f9b58fe8bc40fc4 1cfa5c76c7450d3fa080c2f785c6c5a5c6227b06 fecb4395258119028558fd21d0160e43e51a52b2d93638ed090808d81dd4b41e HTTP Headers `GET /f/styles/main.css HTTP/1.1 Host: img.nic.ua User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://bestvirtcashoffer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Mon, 06 Nov 2023 05:48:23 GMT content-type: text/css last-modified: Mon, 23 May 2022 14:36:00 GMT vary: Accept-Encoding etag: W/"628b9bd0-32c0" content-encoding: gzip X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (17)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers