| mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net |  91.201.203.221 | 200 OK | 6.1 kB |
URL User Request GET HTTP/2mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net IP91.201.203.221:443
CertificateIssuerLet's Encrypt Subjectmail1.researcher-manuscripts.biz Fingerprint66:21:14:BF:18:76:62:ED:99:5A:ED:E1:A6:B5:DF:6D:4A:37:07:97 ValidityTue, 30 Apr 2024 03:36:05 GMT - Mon, 29 Jul 2024 03:36:04 GMT
File typeHTML document, ASCII text, with very long lines (11900) Hash67e1d5a1cfe9c70dc6b73904b8c3da99 bc7533e6755a6d7123f039c46773b01296fba6b0 c39c577b1e3ecdfd36e381b902ec4bbcfa1b29d2e6b7649baa4189909616a67b
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Suspicious Javascript code |
GET /mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net HTTP/1.1
Host: mail1.researcher-manuscripts.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 6056
content-type: text/html; charset=UTF-8
date: Wed, 01 May 2024 21:49:58 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css |  104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:49:59 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 106348
expires: Mon, 21 Apr 2025 21:49:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZPS%2FAwvFPLCSYPLUyVFk%2BZFC%2BFbDrt7XFyejMIOmZg56MipIrm1dohSgmM2S9j1Srh8fzFtkHIyWGZkZTPFA%2B3I%2B4XW%2FTz3il4LlibkeVDNQmZd3D5DwjPieQecKZ7kyWpMntIL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2fc0c5831569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js | 142.250.74.42 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP142.250.74.42:443
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Apr 2024 01:22:47 GMT
expires: Sun, 27 Apr 2025 01:22:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 419232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-R5K20JCF72 | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-R5K20JCF72 IP142.250.74.168:443
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (101434 bytes) Hash27fcf9671fc516ccbb9483854cdef68a 623a8bd9001e474feb3580cd1c878c8ed73f4f05 2139b34510655513783de599fde2d3fa177e250e280d71f8c87eda2cbc2bc464
GET /gtag/js?id=G-R5K20JCF72 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:49:59 GMT
expires: Wed, 01 May 2024 21:49:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mail1.researcher-manuscripts.biz/images/favicon-md.ico | 91.201.203.221 | 404 Not Found | 196 B |
URL GET HTTP/2mail1.researcher-manuscripts.biz/images/favicon-md.ico IP91.201.203.221:443
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuerLet's Encrypt Subjectmail1.researcher-manuscripts.biz Fingerprint66:21:14:BF:18:76:62:ED:99:5A:ED:E1:A6:B5:DF:6D:4A:37:07:97 ValidityTue, 30 Apr 2024 03:36:05 GMT - Mon, 29 Jul 2024 03:36:04 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /images/favicon-md.ico HTTP/1.1
Host: mail1.researcher-manuscripts.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-length: 196
content-type: text/html; charset=iso-8859-1
date: Wed, 01 May 2024 21:49:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| way2buy.in/banners/ads.js |  208.109.10.111 | 200 OK | 274 B |
URL GET HTTP/1.1way2buy.in/banners/ads.js IP208.109.10.111:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuercPanel, Inc. Subjectway2buy.in Fingerprint03:3C:BE:16:B4:71:C8:38:64:87:AA:7D:ED:F8:8F:DC:6E:F7:09:B0 ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with no line terminators Hash5527c5d509cefe25a611a8fb4d657cd7 03415126b802331af56641154929f47ace00f46f fbb9e6e61bc346d495e3bf7e1e4350f87e5bc672470b824dd4fe426d544a2720
GET /banners/ads.js HTTP/1.1
Host: way2buy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 May 2024 21:49:59 GMT
Server: Apache
Last-Modified: Tue, 28 Nov 2023 07:51:13 GMT
Accept-Ranges: bytes
Content-Length: 274
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 28 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css IP104.18.10.207:443
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65371) Hashec3bb52a00e176a7181d454dffaea219 6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68 f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:49:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 19:15:06
cdn-edgestorageid: 940
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c83fee2ffb8cb55535eaeb2520d7c34a
cdn-cache: HIT
cf-cache-status: HIT
age: 106340
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2fc0c9df2568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| way2buy.in/banners/scrivener.jpg | 208.109.10.111 | 200 OK | 146 kB |
URL GET HTTP/1.1way2buy.in/banners/scrivener.jpg IP208.109.10.111:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuercPanel, Inc. Subjectway2buy.in Fingerprint03:3C:BE:16:B4:71:C8:38:64:87:AA:7D:ED:F8:8F:DC:6E:F7:09:B0 ValidityFri, 26 Apr 2024 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, software=Adobe Photoshop CS5 Windows, datetime=2023:11:04 13:32:40], baseline, precision 8, 460x726, components 3 Size146 kB (146388 bytes) Hashe9311498ec649135d75ecdc909fcece6 59099e3d9ec398ec1e40cc221c2674eb81b8a415 bdd98ffaddc8f0bb24bcee0dc97d4ab76730ff95e5956ba2f8a46d78075f83d5
GET /banners/scrivener.jpg HTTP/1.1
Host: way2buy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 May 2024 21:50:00 GMT
Server: Apache
Last-Modified: Wed, 08 Nov 2023 09:35:16 GMT
Accept-Ranges: bytes
Content-Length: 146388
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 37 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://mail1.researcher-manuscripts.biz/mm_t3/unsubscribe/?ut=15942700431714552986793297275&email=tyan@slurpmail.net CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (32033) Hash5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.researcher-manuscripts.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:49:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 10/31/2023 19:27:53
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 1a04ea32b2f4b219188fda8349c8680c
cdn-cache: HIT
cf-cache-status: HIT
age: 92282
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2fc0c9def568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|