| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background3.jpg | 188.114.97.1 | 200 OK | 195 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background3.jpg IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 832x1276, components 3 Size195 kB (195297 bytes) Hash369192f22489f8c36ee6abdde46e460b 8bca51619a7f94c590c97c6ff0032913efbcb38f 9b6e8117d1546091dcea2394ce697c509be3f11e6f6d7f54531bf73293fde953
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/brt-background3.jpg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/jpeg
content-length: 195297
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "2fae1-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4p%2B15P8zcKPcjs8ri2ipiDSF9%2Btz6u4HfnGVVH%2FErxWLHp5v3wGCOZv38xcPiGeL2zKTG4la6R%2Fhjw%2F87DMyJYjyknMeHJZEtgHq3%2F7a2qRol32%2Fc0cXF8ee9I7D%2F%2F1nhohEXF1%2BAm4ToJ%2FkCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff71b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background2.jpg | 188.114.97.1 | 200 OK | 178 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background2.jpg IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 975x549, components 3 Size178 kB (178297 bytes) Hash723a28b213a67ec7b3695ab1b9b869f2 aefbd2db90b265991c300ba549609be72d40d2a6 9f71dde1e427a12a5f007cb81e87e816d4bd4492b6ef5f0049418d2019c8a4fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/brt-background2.jpg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/jpeg
content-length: 178297
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "2b879-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNbpOAhcT0uhaYVHwcwBxdzguKy3nUaKNMSO%2BzECCV2C6VC%2BD%2FQwwmBKdRlsHajju%2Bf9XcybzSLD%2BLlSn%2BjY22qRW%2Bu%2FiLEgjfGAc5eC9T8c4BBq1q%2Bq3vt%2B8EOiad7IEznCAY21aF6LCbkS5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff7bb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt.png | 188.114.97.1 | 200 OK | 346 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 7229 x 3545, 8-bit/color RGBA, non-interlaced Size346 kB (346310 bytes) Hash63eb193510a0caa72a0b3056669b4a3f 0029f4e7af86865aa1e78508c5b89bdda5ce0804 6b8bcb8f77668bec2cdf00ed339c7d544ae3ffe477f81a9db2ea8a35c83a9d3e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/brt.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 346310
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "548c6-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKF6oniDiDsTIL7cy9aMW7Wd5fX71rU0QcpL2tJ8CU601IP0GKPML63YKRg%2FUscYC%2FbuiYofahU1ckcmUznJz3hf8zllq8Vbc4fv4k%2FaZPC3Ud40QnLMNS5qx2XG9Jvg8LumzbNjBOVM4McuPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff81b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/mastercard.jpg | 188.114.97.1 | 200 OK | 105 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/mastercard.jpg IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 2400 x 1911, 8-bit/color RGBA, non-interlaced Size105 kB (105021 bytes) Hashd506ca4f2dbd5b4f5bfaf3d98bdc6d73 394267b310501329bd1b612e10eaefab571dae1f d8b0c64f17fef96d35ef346f05acb617ffb26a38ed5ae986965c33364b473d9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/mastercard.jpg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/jpeg
content-length: 105021
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "19a3d-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tA8oVOq1bQQOum1OFZCCHvqsfo8aV5vfQpNB2aDrO%2B2mU3Jt8z8OP6sonGTACvKduqnogpvm4id8qc%2BPCCV1DVuwR%2BrHK0GSyC%2B6mp8Bv%2FVA%2FqEIPOBeFDfCtxbAn9SCMqvO59bub%2Bk5bb9VXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff98b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/amex.png | 188.114.97.1 | 200 OK | 36 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/amex.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1600 x 1600, 8-bit/color RGBA, non-interlaced Hash07bc54fe610c57523760fccc8c13667f 04bcfa13942e2ea61b75862bd027148ae4d9fe2f 0b5a6e9ebd217ed4b2bf8fc8e9d350b2ae07989fe9834e57714dd6211abd65f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/amex.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 36313
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "8dd9-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79pXMm1fL%2FRiUG9yrQDLr5DShtWdUvpjmTXrHBtnjePwMYu%2F1rbPD9s9t6m1TOxRXY1LYdkTYRTgd024C7k70oM4cNUUg4ZfbSRvUYeE%2BwWD8LivMYgsoASAGyMRQ0IXFrtPrinWBw9JeoRWkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff9fb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/maestro.png | 188.114.97.1 | 200 OK | 41 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/maestro.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 3840 x 2160, 8-bit colormap, non-interlaced Hash9e952831fd8afa91a0bed93050f989aa 0002afc8a1e47f2f11682b1ca9e77cf445a51046 255c01d6580e09159070c65d900876e6024f34ed23e8519e8c764414410147c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/maestro.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 40978
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "a012-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haUKU%2FMVhWdPrQe9FV9TbgnxJiXKypRDjB%2Buc%2BCYGmn1qjLlSI1kQxrJQd59cEbgmXZLVb7WoJDxkaY6fmm3BATsiWIT%2FgPYKpJtWe59Ers9STPAKyBuPnD7wkt1gOHTo8EkMWyPiZAliTDZYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cffacb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/linkdin.png | 188.114.97.1 | 200 OK | 8.4 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/linkdin.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit colormap, non-interlaced Hash561c311316449326389b716eaeec2451 6c25819765f163f704b9125ab4ae3e1c27d03eb4 c8cef8389d9c9a8c2ff16afa6eb276268099aa921bdb36d2eefe2b33af50f50c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/linkdin.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 8403
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "20d3-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajskOCrFJDPEAXie2ShUpt%2BAT21zFCLc1VUz6fDv%2FCuqNVmDrkSoK5WLuOF5gMzCXA36p7F1FioFgqT2YTqE%2BHirLnGAmBzg30LRYCe6e8dmHha%2FzeMI7TpADr4H5wgwOUrpyLP1lWROXAeJVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cffb2b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/insta.png | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/insta.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit colormap, non-interlaced Hashef61fced5f633cdb15e2a425d7349d7c 372f46526e0d64cf70ae2a204bc31530a1b135c5 7e56e7b4b4c6004151eb38ab7edac2e59c8b1dba84167972aea5c36f5ef7b4f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/insta.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 11517
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "2cfd-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjDsb23xaeBHQ%2F9wzWlerjZkt6bhHSEt0B2yMdhEpZ7vziBZ0Y1RVYLanslbO3%2FmrS08qbf8fZx7sHj%2FEL2%2BuP1vXZ%2BK7kZv87k3%2BjcdMS1M4LJYwCvgSgRI8Z5RB7XqFdA%2F1802maB%2Bd32mMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cffb8b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/ytb.png | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/ytb.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit/color RGBA, non-interlaced Hasha9071c276e993eb3317486b0e2769b01 66a7abd4dbcb8e0deeb1fd0712e9325706c2f4fb 0342963ffb9a54079b741bfa9b72652710e7d6ccce3e8e8073261f5f0c200ec9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/ytb.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 13296
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: "33f0-615f10b785100"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7WbyzOF19xWXWdgkGEKINlAfJ0D9Ij4KfuodFLZyLlwcsq9nhRfVib%2FOqiUeKmH1VfDknmrhGd7rRTt6tZ57nXkUcCDOUJcm5cx7ErBRl3IKuoyCOCd7yLARHdoOr%2Bnz0WM3GVtJRkbav%2FacA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cffbcb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/twi.png | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/twi.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit/color RGBA, non-interlaced Hashba2a875bddda0b9951b5231a35937de5 974a2154867390225a17014df5b436375669af52 4bcc1e5b6bfb781478082f1cbc21589c5b5e6935cfb2ca855eddd245cfe9cd28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/twi.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 16616
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "40e8-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGywNvj27Cxt4ubnyl8K5MVEJ6SlVe1Ke148dBHKdNuGgNYRpJIN1CxqQz6WNGXVXhTcs7HpUHDIlmjQFvRnMJYccDO7%2F4zsApe2SR%2F%2FkMgUK3v%2BuIkbewl7WE1yOw7g6ri5FgXR1Du6chafDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338d2fc1b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/footer-logo.png | 188.114.97.1 | 200 OK | 5.1 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/footer-logo.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 251 x 72, 8-bit/color RGBA, non-interlaced Hash9eeb62d06658401be45d9ca5122cd00c 56970c3b579bf76f1ac41a4b5fa3f36abf81013e 07fb85ec6f21fa9861447a6dcd851e42ba67b4c51f771fb8a90c4a23a9b67a0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/footer-logo.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 5108
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "13f4-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wpjfitfrtzxtw4HQ5zfASzl8%2FDUKf3dyoi0tXxqOkix%2FKdIJzOkYnvB0c0Zh%2Byu5fhs4%2BA0KAhcxhkevSTfppFQngayWAEdJc1s0CFW5v%2Fiw8OyuACcg%2FWuWHF1c%2FNlsSmho%2BQ4ULKRqB6gMHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338d2fc6b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/visa.png | 188.114.97.1 | 200 OK | 82 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/visa.png IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 4060 x 1648, 8-bit colormap, non-interlaced Hashfdabc70aa6ab121bfac7b48af833183e 62a8b0b9fc1bb346112fa530cf2213cdc9a24c0e 60fc37f80886700e21b2f04c04bf880087a5a69d87a530e33d11e4eaea5ac67c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/visa.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/png
content-length: 82387
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: "141d3-615f10b785100"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYUskV9iowYbV9%2F%2FCyXckuKUY672MV2z8oAsHIm%2B2PQ6NB9Idu9QzGF5KIWv1s8SA60Ni9o7AdBmsTOy9S%2FWXYbsySD%2BGi6%2BeYxlFGKV6yATqzb2ZRlmyaB9rfL%2FrzHO56OM5LuDuNaQ%2B%2FTJ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff8fb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/script.js | 188.114.97.1 | 200 OK | 601 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/script.js IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with CRLF line terminators Hashf4b6773ecd4b1b81b9b8157f75451f0d 384cdce979f8e50892896f87d31967b02c0969ea 23ff0afe4369621392a6c71066c11515d1aefb5b558d8d30c868b6a9ad5b3e32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/javascript/script.js HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"ce-615f10b879340-gzip"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGpOZq4hG%2B0uh%2FVzoLqW8qpKrwH%2BG00kUXFfQ8ZtDuqTl4%2Bs%2BjgnJVUTp7NvRL6%2FSOE5vFMnDyGINccP1Ca2CkCmosUbDWuUufyOd%2FOc%2FxgQqb32u0aTzZpnQZUKUbw2e2%2BHNbjVVWKv4rrPkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801338d2fd9b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/main.css | 188.114.97.1 | 200 OK | 4.3 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/main.css IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with very long lines (4748), with no line terminators Hash69b31784540162841336c78bc0d87936 5a36732bab33e687bad399e5903242e59e83457f 2f44cde5a80a9f69634223a1571fc64986ec6d4a4ae39472d87e3052f2aee9ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/main.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"10a2-615f10b785100-gzip"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1ij8%2FZc1V8UTjU4xUmLZYXGvEAGn58SIUgypiI%2BkIv0gNlY1LLoBVWV118P95117vtKLIqSj1ogLQKrtfTXiWfz1mpm%2BDEjT7BH%2F%2FO9L8%2BpgsEm%2FbJypoZ0jJt7y4b71IxzPYaKt8HTZYFW8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801338cff4bb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/favicon.ico | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/favicon.ico IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash3de409186a3ce3a9320a9b9702adf3bc efc0f61498618a6ce899d3b395ff504753527f40 50fb9b0362d99bc8671991bcbb18493aeec3de00b6a771bda72a723d206ad119
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/favicon.ico HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:58 GMT
content-type: image/vnd.microsoft.icon
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"47e-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:58 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xnu8ka2d8DrhQQoSSBsLBJhaNVrSFCTX%2BH5By7p1sDE1wy0OS9YsM0J7NSNjuH6YvHy8xdvayZwNmlCPVzQGgIesmHwP%2BBvTCGvT8sbPc15e%2BlJ4EI3pOPuX%2BoYLWZRBhiVPzABuz5kGQfjNmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88013391399fb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/header.css | 188.114.97.1 | 200 OK | 797 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/header.css IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with very long lines (891), with no line terminators Hashb93b2da2101bb8b89fe5ad3d42d2fd14 d783705218f8d2508793d25ef03fcc761c96dd8e 4597831e5c003e685de5a5dc68b2edbdb4014f79d9938ef1d73396c03bd3b787
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/header.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"31d-615f10b785100-gzip"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qd%2B6rOvHpLQiQEYNwTNZNP1e1v4Rf%2BcZ7kgoMt6bwec%2FuyBVKEgiyZxjsM9z5h7dDwnK9gS%2FQ85hMGaNfBbnAlsnbny5h9naSCA%2Fd9u90txBJzN1HhBjRcHdHJ9rHBXZrLLcqnD91bnKpte7ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801338cff27b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans | 15.204.22.185 | 200 OK | 1.1 kB |
URL GET HTTP/2db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans IP15.204.22.185:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerSectigo Limited Subject*.onlinewebfonts.com FingerprintBD:78:CC:73:56:98:20:D8:56:8E:57:0E:0D:17:AA:82:29:0E:E1:60 ValidityWed, 22 Nov 2023 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1204), with no line terminators Hash3adb47f5e51da1dd8d16010113494cb4 3a4cb512eafab62943731933cf46ea695dd16e79 f15030b48f342fdd16686349c7bf9df82cefcbf0e41a56a480c4f23924899cab
GET /c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans HTTP/1.1
Host: db.onlinewebfonts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 12:24:40 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
cache-control: public,max-age=86400,must-revalidate
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
nginx-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/details.svg | 188.114.97.1 | 200 OK | 261 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/details.svg IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeSVG Scalable Vector Graphics image Hasha84a7e069a2a3ee5a7bc6f292e517f1a 7e85360ce83a9744c23df54c3002a1e7155bcdf0 a54708e20aa9d4f10189f4fcd0cdb65105810e111306479cd16a485efece0665
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/details.svg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"105-615f10b879340"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmhuMHgibfCqeKFEsNCe8ugaBTeL%2BFfkjrRgeUPDiEKoz%2FEDkww1Gbyo3KllZ%2BxaryCyZni94ARhONRjbBb%2FLC8UmGTc5eX%2FgZ8L4Roqka2PA7%2BDm5uqROcXQcP0R1sFVVr5VWWL7XJAxCfrZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff88b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php | 188.114.97.1 | 200 OK | 14 kB |
URL User Request GET HTTP/2raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/payment.php HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:26:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.16
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
expires: Tue, 07 May 2024 13:26:56 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVCu3aDMZusOGTdXVJK1LdT9wjHvIY8LsMKzubnByjvIsChQiuUGaV7O7m2gYF2xAdRPIOcDp1F%2F3cTsx%2FCdZ3JXQcAcirvGBErjaNPWLJkb0VTgUX1mcC%2FaFsOgQBVdB0eluIu8cnHJ3vF3ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880133899ee0b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/mobile.css | 188.114.97.1 | 200 OK | 1.7 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/mobile.css IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with very long lines (1911), with no line terminators Hashc3359538f8b6b1ddcff4bb371be1ecef 02d995bb2a81f2758ecd5f4e0da694fbebe672fe 36e492fd9ca1d4ed51d1f1babf60513ae38419d31586496286caecc84b2e680d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/mobile.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"6b9-615f10b785100-gzip"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STwslj6M9jMJRkdwBXJlDZPUuSFMWyLJdnwU7opWKlf449rpihWBywphq2HxCRUB6F9PVGVBd%2BvF75cP6RazJIVgMnrX9%2F0vmlM0SelSKJY2J3UxEP%2BxSjF%2FZuqAkSdMWpqdhUJ2aSR6LWhb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801338cff57b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/pc.css | 188.114.97.1 | 200 OK | 49 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/pc.css IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with no line terminators Hash5acf8767a51ffed25a256f9b511ed1a4 3d243c6fe7d2568882e90cf3262623216c26da0a 9e3a5819544f6124f865b54d95276278cc2a5de373db26261dd966b86c6d8d58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/pc.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"31-615f10b785100"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85JUsEI3vxEEGIP9mAqzqwIjKllFkQEayf0iSExTL0SVwKvBREpM63%2FGbjYvu%2FfkGa17alhR%2Fm4UdCwJEAEdnvNMSjVjm1j731k8CDyZdGgAS71hryL%2BcOLr9o8o%2FYEKb%2BFjH5sBL9kmGcgkEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801338cff67b523-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/juniaframework.js | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/juniaframework.js IP188.114.97.1:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeJavaScript source, ASCII text, with very long lines (20970), with CRLF line terminators Hashb8723de823c2f611edbad54f44db5a8e ea2a2642111f833d7f44f4ed5da134ea9458c45e 0ce34c540c10651e8e5991321111d8d1098121f68ae03c78d0ce9c6fa7a1dcfc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/javascript/juniaframework.js HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:26:57 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"5298-615f10b879340-gzip"
cache-control: max-age=14400
expires: Tue, 07 May 2024 13:26:57 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSQiulpVX2U5%2BMBBn%2FRKwSCoOmydOR2gQ7kB6fqSVOBJggFZKVG3GD9iF3uH2PrK3qz6Imb90JEIOlB4Vc5aqiRmZYMMPioZdiFrUqXB76SPwcVASEUDJnOFOKjZ3OnakchJgDdkW723iCszfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801338d2fcfb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|