Report - sk5.gazandur.org/click?key=01c2c5988d64a43d1b92&tid=egpbp67768ee1000c5f88&pubid=205336

Report Overview

Visited public
2025-01-02 13:06:22
Tags
Submit Tags
URL
sk5.gazandur.org/click?key=01c2c5988d64a43d1b92&tid=egpbp67768ee1000c5f88&pubid=205336
Finishing URL
oenlk.calltogetprize.net/?s1=45431&s2=2042599&s3=&s5=backuser&click_id=&iexpp=1&j1=1&utm_source=da57dc555e50572d&=undefined&ban=tg
IP / ASN
104.21.25.149
#13335 CLOUDFLARENET
Title
oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sk5.gazandur.org	unknown	2024-09-03	2024-09-11	2024-10-07	540 B	1.2 kB	172.67.134.83
cdn-dimi.akamaized.net	unknown	2014-03-18	2022-07-07	2024-12-29	4.5 kB	1.9 MB	95.101.11.40
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-01-01	1.1 kB	17 kB	142.250.74.67
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-01-01	566 B	9.2 kB	142.250.74.42
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-01	448 B	6.8 kB	104.17.25.14
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-01-01	437 B	12 kB	142.250.74.99
oenlk.calltogetprize.net	unknown	2021-04-26	2024-12-12	2025-01-02	1.9 kB	55 kB	52.19.101.114

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-02	medium	calltogetprize.net	Sinkholed
2025-01-02	medium	calltogetprize.net	Sinkholed
2025-01-02	medium	calltogetprize.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	oenlk.calltogetprize.net/?s1=45431&s2=2042599&s3=&s5=backuser&click_id=&iexpp=1&j1=1&utm_source=da57dc555e50572d&=undefined&ban=tg	ScriptElement	2.2 kB	2025-01-02	2025-01-02
Pretty URL oenlk.calltogetprize.net/?s1=45431&s2=2042599&s3=&s5=backuser&click_id=&iexpp=1&j1=1&utm_source=da57dc555e50572d&=undefined&ban=tg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-02 13:06 Last Seen2025-01-02 13:06 Times Seen1 Hash a6fe01de874006aee29e684871608313 c280fd3844c06cb540469b4207ca18cb35a28d1f cda2c050eb36b1f6beb3660e6bdaed7ed965a9a11efc51c1cee64a11f3521019 Loading...

	oenlk.calltogetprize.net/js/pushjs/1.0.0/subscriber.js	ScriptElement	14 kB	2024-08-13	2025-06-26
Pretty URL oenlk.calltogetprize.net/js/pushjs/1.0.0/subscriber.js IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 13:55 Last Seen2025-06-26 17:55 Times Seen804 Hash ac569ffc0beb63e3e3aa9bc96f034b00 cd26d911112f00087a6dd8c4a92fb858ec2d3bbd 197fbcbda196254842164e91f2f0873c08a569189262d335f82d05235f33cd23 Loading...

	www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js	ScriptElement	41 kB	2023-03-07	2025-06-26
Pretty URL www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-06-26 17:55 Times Seen1035 Hash b183329c90af8d64337b925c208e7a14 9f5a49eab81c119d28416ba96f0390fdbc5a4565 8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf Loading...

	oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599	ScriptElement	2.1 kB	2025-01-02	2025-01-02
Pretty URL oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-02 13:06 Last Seen2025-01-02 13:06 Times Seen1 Hash 5be0462ffec3e091e57430957bc1f68d 1cbf700add3b92a4ded59f894872a87826f995b5 f6e6811f24c3631d595590d831dabe95a79df726800c8519563059939009a394 Loading...

	oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599	ScriptElement	4.0 kB	2024-12-12	2025-04-05
Pretty URL oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-12 20:54 Last Seen2025-04-05 07:08 Times Seen12 Hash 5b312565f6de284847d42a53e2c27339 bff98fcbfefd8130479f511ad27d7837d8d29e62 7d075e53dbca65a76a75d18bc39450b3a0d50e593eb307d8cbc86457b387d891 Loading...

	oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599	ScriptElement	3.7 kB	2025-01-02	2025-01-02
Pretty URL oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-02 13:06 Last Seen2025-01-02 13:06 Times Seen1 Hash 00bfc6c656abdb4358faf6fde153af4d d66f0642f7ede8e0345f1f69a52a1ad1383d0043 67abbf9f0e62ee79855efa449d4975c9e42b4b57ede6bbbf2645f85804d586ba Loading...

	oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599	ScriptElement	13 kB	2025-01-02	2025-01-02
Pretty URL oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-02 13:06 Last Seen2025-01-02 13:06 Times Seen1 Hash 760edce5dcd59919a742bea8978e871c 6afae764173cfb89399d6bfd25033e4127c704e4 a40e9cee4933d1eb0493477386115197ebc738a95046a0cc4602e666ff49f2ba Loading...

	cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js	ScriptElement	20 kB	2024-08-13	2025-06-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 13:55 Last Seen2025-06-26 17:55 Times Seen950 Hash 5e2898beab1505a629bf1254fbdf9ed8 f17ac22f600d694ae4341c4da46576e3fec0e6f4 00d770fea1249b4be3f55a037a9edd20c1fe55bda8ab1e4b6251e56cd74cd05b Loading...

	oenlk.calltogetprize.net/sandbox%20eval%20code		123 B	2023-05-05	2025-06-27
Pretty URL oenlk.calltogetprize.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-06-27 03:41 Times Seen8674 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599	ScriptElement	2.5 kB	2023-06-30	2025-06-26
Pretty URL oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 16:46 Last Seen2025-06-26 17:55 Times Seen2114 Hash 78a93fba834e51562cc0c1643de4a304 2bf106e16eb1752230a8499285b73ae6d8dcbcc2 d684c6105ece5706298f7778d19bc9881449a39196f92c000254f4ce6fdd368e Loading...

	oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599	ScriptElement	858 B	2024-07-29	2025-06-26
Pretty URL oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-29 15:17 Last Seen2025-06-26 17:55 Times Seen920 Hash 9320f4c96e69f35f385a133e36bbd45b 1a8a6158a2943e5365e77252699c086679e59096 49b4b8d0ea6f5e9f18d0b2a583888720be163311f5c18203dec0d7dd23f2fddd Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js		2.3 kB	2023-05-05	2025-06-27
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-06-27 03:41 Times Seen11101 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	cdn-dimi.akamaized.net/landings/289792/1721030789/js/translates.js?1721030789	ScriptElement	19 kB	2024-07-24	2025-06-24
Pretty URL cdn-dimi.akamaized.net/landings/289792/1721030789/js/translates.js?1721030789 IP 95.101.11.40 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-24 04:42 Last Seen2025-06-24 01:09 Times Seen151 Hash 12e126cad96ab5c8a4bd91a1c3ae0d5f c6262e8ddbe30eab3f2f3b9973348391df02a541 229e25afc4be62a9395df26660dc23179120d3a40f563a209226fd2e3f004828 Loading...

	oenlk.calltogetprize.net/js/pushjs/1.0.0/utils.js	ScriptElement	7.1 kB	2023-03-07	2025-06-26
Pretty URL oenlk.calltogetprize.net/js/pushjs/1.0.0/utils.js IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-26 17:55 Times Seen2324 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599	ScriptElement	301 B	2025-01-02	2025-01-02
Pretty URL oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-02 13:06 Last Seen2025-01-02 13:06 Times Seen1 Hash 3a9ea331a1a1608dc833cda0ac9fb222 e9d304dfd4601c727ab9d2e8f6a9afdb9a3b5413 a5c0fb085b6cb35f02201839a304a07f4dfe108133cf1a9a71e3defee3a13385 Loading...

	cdn-dimi.akamaized.net/landings/289792/1721030789/js/jquery.min.js?1721030789	ScriptElement	87 kB	2023-03-07	2025-06-27
Pretty URL cdn-dimi.akamaized.net/landings/289792/1721030789/js/jquery.min.js?1721030789 IP 95.101.11.40 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-27 03:39 Times Seen62037 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

HTTP Transactions (18)

URL IP Response Size

GET sk5.gazandur.org/click?key=01c2c5988d64a43d1b92&tid=egpbp67768ee1000c5f88&pubid=205336

172.67.134.83

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
sk5.gazandur.org/click?key=01c2c5988d64a43d1b92&tid=egpbp67768ee1000c5f88&pubid=205336
IP
172.67.134.83:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgazandur.org
FingerprintC4:0A:97:CD:0F:0F:BE:F4:84:D3:01:F2:82:47:08:C8:94:19:9F:07
ValidityMon, 30 Dec 2024 11:28:58 GMT - Sun, 30 Mar 2025 12:27:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?key=01c2c5988d64a43d1b92&tid=egpbp67768ee1000c5f88&pubid=205336 HTTP/1.1
Host: sk5.gazandur.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Thu, 02 Jan 2025 13:05:56 GMT
content-length: 0
location: https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
set-cookie: uclick=nLmKx1oNMN41g+qgbmCYt+EgxaaIBVbXmXJ6221SwI25idTWE5n9TcW5HOd6xSjjnPKh4Jg=; Max-Age=31536000; SameSite=Lax
bcid=ctr8ud2ke1bc739vp4k0; Max-Age=31536000; SameSite=Lax
cid=ctr8ud2ke1bc739vp4k0; Max-Age=31536000; SameSite=Lax
x-request-id: 1ca3277a-f36c-46c0-ba2f-ff7189bfc3c5
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8msA2gX%2BXQLxs9woFqojRUzoz6LWIpb2da2d9oggVbjHUbns5OTrHTYivpNBoOZW%2B9LQG%2BhC52DePym%2BkLZto1KjB97%2FAJ6ZNqt84Hs7FOXmpl35lsaAgI46VXIEPXbJR7Hz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fbaf6a52b3d56a4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5726&min_rtt=478&rtt_var=10460&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1168&delivery_rate=5815261&cwnd=254&unsent_bytes=0&cid=be7dd5e6a9c6f9fd&ts=113&x=0"
X-Firefox-Spdy: h2

GET cdn-dimi.akamaized.net/landings/289792/1721030789/css/reset.min.css?1721030789

95.101.11.40

200 OK

500 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/css/reset.min.css?1721030789
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ASCII text, with very long lines (889), with no line terminators
Size
500 B (500 bytes)
Hash
a6e2c73e414e9bd299246c7167875997
49062f35c6baa5736f1573a7e835ce69856d34e9
6eadf6f70e95202e93d361064fe6a76e6f96bf7904cbbb527128b1e63c09bb55

HTTP Headers

GET /landings/289792/1721030789/css/reset.min.css?1721030789 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: xUlIujJtz0ZuxUeZwDk/V01eavep9GXANZJW/XH1Mf7Jcu0CBVTIH+pVMxFQahhVEY5RUMRpKzo=
x-amz-request-id: 92TFP29ZVP3QZN98
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "a6e2c73e414e9bd299246c7167875997"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 02 Jan 2025 13:05:56 GMT
Content-Length: 500
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-dimi.akamaized.net/landings/289792/1721030789/css/general.css?1721030789

95.101.11.40

200 OK

1.5 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/css/general.css?1721030789
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ASCII text
Size
1.5 kB (1486 bytes)
Hash
125ef0a496fe13cf8d16f3787ed5f669
04aa408d6c33288ba6df024398d2471f2f10d11f
e4a438ed0e118957cb1509cdd2de84be145bcd37c0dd980f35e9a47e096af652

HTTP Headers

GET /landings/289792/1721030789/css/general.css?1721030789 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: lEeB7tBEMxtkPlc4rJlqHWRzOkJpc/KOaA791r2ocvHQT51ZG+Ny1z58BXLr3SGQEm+ThFPW40Y=
x-amz-request-id: 92T72PR2T8K68N00
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "125ef0a496fe13cf8d16f3787ed5f669"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 02 Jan 2025 13:05:56 GMT
Content-Length: 1486
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-dimi.akamaized.net/landings/289792/1721030789/js/jquery.min.js?1721030789

95.101.11.40

200 OK

30 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/js/jquery.min.js?1721030789
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30351 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /landings/289792/1721030789/js/jquery.min.js?1721030789 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: lstyc1PDeWkSdgSu1p441l5dOqfCUsa31IqUOM2/5uAlNtljEs4IjU2Y4NclrFJpcm8xN5oI24CFeEXmjedmpw==
x-amz-request-id: 92T9DB5TNPAKNABJ
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "a09e13ee94d51c524b7e2a728c7d4039"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 02 Jan 2025 13:05:56 GMT
Content-Length: 30351
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-dimi.akamaized.net/landings/289792/1721030789/js/translates.js?1721030789

95.101.11.40

200 OK

7.1 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/js/translates.js?1721030789
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.1 kB (7096 bytes)
Hash
12e126cad96ab5c8a4bd91a1c3ae0d5f
c6262e8ddbe30eab3f2f3b9973348391df02a541
229e25afc4be62a9395df26660dc23179120d3a40f563a209226fd2e3f004828

HTTP Headers

GET /landings/289792/1721030789/js/translates.js?1721030789 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: gfNFmNKJ4dvK7IACRGAoP/BbtMzaHCzwl20g9bB3FgAOLzhR1Vx6QX02UiOdvTqhKoLXtct8dPI=
x-amz-request-id: 92T79TRR4Q5NKNXE
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "12e126cad96ab5c8a4bd91a1c3ae0d5f"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 02 Jan 2025 13:05:56 GMT
Content-Length: 7096
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4

95.101.11.40

206 Partial Content

8.7 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
data
Size
8.7 kB (8666 bytes)
Hash
679725c381210b983275a3301e5c7e42
78d041524c224d9700a1b3188775b7cbf951f1c8
5404f71c46775172727c84e577314014381c2f1daeff82ee641c6cd2da031dec

HTTP Headers

GET /landings/289792/1721030789/images/video.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=3997696-
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: iRRkV2GjXPVURnFvZNREdsThuy0E7OaXQpAA6tCqKSFocCfeu044cRYzDeQnCQ7XcKuAdf5AnyI=
x-amz-request-id: S70VSJ19279R77DW
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "bf54ba29dff65b5f5d2eb2d5e87fa1c2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Thu, 02 Jan 2025 13:05:57 GMT
Content-Range: bytes 3997696-4006361/4006362
Content-Length: 8666
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.67

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oenlk.calltogetprize.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Dec 2024 04:15:23 GMT
expires: Sun, 28 Dec 2025 04:15:23 GMT
cache-control: public, max-age=31536000
age: 463834
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.42

200 OK

8.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
gzip compressed data, max compression
Size
8.5 kB (8540 bytes)
Hash
8cfc55c8a8784413c55f788837aa447b
9949fb8be46951951f90e1c3fafe61f8e738c919
9bd67cdb6e02ce795db59a5fe045defd25eb58564f4ef052f40f2c096f170f14

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Jan 2025 13:05:57 GMT
date: Thu, 02 Jan 2025 13:05:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4

95.101.11.40

206 Partial Content

8.7 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
data
Size
8.7 kB (8666 bytes)
Hash
679725c381210b983275a3301e5c7e42
78d041524c224d9700a1b3188775b7cbf951f1c8
5404f71c46775172727c84e577314014381c2f1daeff82ee641c6cd2da031dec

HTTP Headers

GET /landings/289792/1721030789/images/video.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=3997696-
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: iRRkV2GjXPVURnFvZNREdsThuy0E7OaXQpAA6tCqKSFocCfeu044cRYzDeQnCQ7XcKuAdf5AnyI=
x-amz-request-id: S70VSJ19279R77DW
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "bf54ba29dff65b5f5d2eb2d5e87fa1c2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Thu, 02 Jan 2025 13:05:57 GMT
Content-Range: bytes 3997696-4006361/4006362
Content-Length: 8666
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4

95.101.11.40

206 Partial Content

8.7 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
data
Size
8.7 kB (8666 bytes)
Hash
679725c381210b983275a3301e5c7e42
78d041524c224d9700a1b3188775b7cbf951f1c8
5404f71c46775172727c84e577314014381c2f1daeff82ee641c6cd2da031dec

HTTP Headers

GET /landings/289792/1721030789/images/video.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=3997696-
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: iRRkV2GjXPVURnFvZNREdsThuy0E7OaXQpAA6tCqKSFocCfeu044cRYzDeQnCQ7XcKuAdf5AnyI=
x-amz-request-id: S70VSJ19279R77DW
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "bf54ba29dff65b5f5d2eb2d5e87fa1c2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Thu, 02 Jan 2025 13:05:57 GMT
Content-Range: bytes 3997696-4006361/4006362
Content-Length: 8666
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js

104.17.25.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, ASCII text, with very long lines (19780), with no line terminators
Size
5.8 kB (5762 bytes)
Hash
5e2898beab1505a629bf1254fbdf9ed8
f17ac22f600d694ae4341c4da46576e3fec0e6f4
00d770fea1249b4be3f55a037a9edd20c1fe55bda8ab1e4b6251e56cd74cd05b

HTTP Headers

GET /ajax/libs/firebase/8.2.2/firebase-app.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 Jan 2025 13:05:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 5762
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ff7ae08-4d44"
last-modified: Fri, 08 Jan 2021 00:57:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1163887
expires: Tue, 23 Dec 2025 13:05:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7PQ2sNjQI82XlQ9AllGtjJjZ9Kh557CRB2Bpi2XydeQJePppWGG1ZahqE5rJ62Nj7hrYqHj7WZ7KLAxKAxARZq9E6dqEVwUpoxY3a%2FEv3yIy949W6M7VEll%2BleL%2FGsFUyOSmyhD4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8fbaf6ae7e6cb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn-dimi.akamaized.net/images/favicon.ico

95.101.11.11

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/images/favicon.ico
IP
95.101.11.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 2GM1RH+Oo7JIRLs/OPfJSrmls1pwWkrIufazLdJT5aWuDbgNABEKJmW/8rLlCMaF9QlDE8aTJ9E=
x-amz-request-id: Y5JJFAEXP3X803ZN
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 4103
Date: Thu, 02 Jan 2025 13:05:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js

142.250.74.99

200 OK

11 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
JavaScript source, ASCII text, with very long lines (40719)
Size
11 kB (10840 bytes)
Hash
b183329c90af8d64337b925c208e7a14
9f5a49eab81c119d28416ba96f0390fdbc5a4565
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf

HTTP Headers

GET /firebasejs/8.2.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 16:25:22 GMT
expires: Sat, 27 Dec 2025 16:25:22 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 07 Jan 2021 21:51:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 506435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4

95.101.11.40

206 Partial Content

1.8 MB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/289792/1721030789/images/video.mp4
IP
95.101.11.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
1.8 MB (1843102 bytes)
Hash
a160e394cdcc0c2e0d4ce94c9aaa26f8
a5c1340c4f59a6edb250bf481f18699f16edcda6
833e3bd167063974bd458ce6eca3bc29cacfd5a0b524a403a039ce837da53690

HTTP Headers

GET /landings/289792/1721030789/images/video.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: iRRkV2GjXPVURnFvZNREdsThuy0E7OaXQpAA6tCqKSFocCfeu044cRYzDeQnCQ7XcKuAdf5AnyI=
x-amz-request-id: S70VSJ19279R77DW
Last-Modified: Mon, 15 Jul 2024 09:10:13 GMT
ETag: "bf54ba29dff65b5f5d2eb2d5e87fa1c2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Thu, 02 Jan 2025 13:05:57 GMT
Content-Range: bytes 0-4006361/4006362
Content-Length: 4006362
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET oenlk.calltogetprize.net/js/pushjs/1.0.0/subscriber.js

52.19.101.114

200 OK

14 kB

URL GET HTTP/2
oenlk.calltogetprize.net/js/pushjs/1.0.0/subscriber.js
IP
52.19.101.114:443
ASN
#16509 AMAZON-02

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerLet's Encrypt
Subject*.calltogetprize.net
Fingerprint37:53:F4:10:4C:CB:63:E9:05:F9:CC:1E:9B:B2:2D:97:AC:6D:32:42
ValiditySat, 09 Nov 2024 23:32:20 GMT - Fri, 07 Feb 2025 23:32:19 GMT

File type
JavaScript source, ASCII text, with very long lines (599)
Size
14 kB (14326 bytes)
Hash
ac569ffc0beb63e3e3aa9bc96f034b00
cd26d911112f00087a6dd8c4a92fb858ec2d3bbd
197fbcbda196254842164e91f2f0873c08a569189262d335f82d05235f33cd23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: oenlk.calltogetprize.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/?s1=45431&s2=2042599&s3=&s5=backuser&click_id=&iexpp=1&j1=1&utm_source=da57dc555e50572d&=undefined&ban=tg
Cookie: unique_id=6776628d000eb6a8; unique_id2=67768f34000432a9; 67768f34000432a9_c=1; ref_token=37032_114941_45431; 67768f34000432a9_sl=[289792]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 02 Jan 2025 13:05:57 GMT
content-type: application/javascript
expires: Thu, 09 Jan 2025 13:05:57 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

GET oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599

52.19.101.114

200 OK

32 kB

URL User Request GET HTTP/2
oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
IP
52.19.101.114:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.calltogetprize.net
Fingerprint37:53:F4:10:4C:CB:63:E9:05:F9:CC:1E:9B:B2:2D:97:AC:6D:32:42
ValiditySat, 09 Nov 2024 23:32:20 GMT - Fri, 07 Feb 2025 23:32:19 GMT

File type

Size
32 kB (32148 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599 HTTP/1.1
Host: oenlk.calltogetprize.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 02 Jan 2025 13:05:56 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=6776628d000eb6a8; Path=/; Expires=Mon, 03 Mar 2025 13:05:56 GMT; Secure; SameSite=None
unique_id2=67768f34000432a9; Path=/; Expires=Wed, 02 Apr 2025 13:05:56 GMT; Secure; SameSite=None
67768f34000432a9_c=1; Path=/; Expires=Wed, 02 Apr 2025 13:05:56 GMT; Secure; SameSite=None
ref_token=37032_114941_45431; Path=/; Expires=Sat, 01 Feb 2025 13:05:56 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Thu, 02 Jan 2025 13:05:56 GMT; Secure; SameSite=None
67768f34000432a9_sl=[289792]; Path=/; Expires=Thu, 16 Jan 2025 13:05:56 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

GET oenlk.calltogetprize.net/js/pushjs/1.0.0/utils.js

52.19.101.114

200 OK

7.1 kB

URL GET HTTP/2
oenlk.calltogetprize.net/js/pushjs/1.0.0/utils.js
IP
52.19.101.114:443
ASN
#16509 AMAZON-02

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerLet's Encrypt
Subject*.calltogetprize.net
Fingerprint37:53:F4:10:4C:CB:63:E9:05:F9:CC:1E:9B:B2:2D:97:AC:6D:32:42
ValiditySat, 09 Nov 2024 23:32:20 GMT - Fri, 07 Feb 2025 23:32:19 GMT

File type
JavaScript source, ASCII text, with very long lines (7334), with no line terminators
Size
7.1 kB (7071 bytes)
Hash
7df62062a027cd25d5a179c520f38668
0ddaa8cd9090908d987e0299cef74fbf7f118738
cdf93aff990bae251f609ef00d7d2bdbb56a35f003c7184ba067b5948629faa3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: oenlk.calltogetprize.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oenlk.calltogetprize.net/?s1=45431&s2=2042599&s3=&s5=backuser&click_id=&iexpp=1&j1=1&utm_source=da57dc555e50572d&=undefined&ban=tg
Cookie: unique_id=6776628d000eb6a8; unique_id2=67768f34000432a9; 67768f34000432a9_c=1; ref_token=37032_114941_45431; 67768f34000432a9_sl=[289792]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 02 Jan 2025 13:05:57 GMT
content-type: application/javascript
expires: Thu, 09 Jan 2025 13:05:57 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.67

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://oenlk.calltogetprize.net/?utm_source=da57dc555e50572d&&ban=tg&j1=1&s1=45431&s2=2042599
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oenlk.calltogetprize.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 22:57:31 GMT
expires: Sat, 27 Dec 2025 22:57:31 GMT
cache-control: public, max-age=31536000
age: 482906
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML