Overview

URLbbv.fulltimewebdefender.site/c/f8f1719b6a312112?clickid={conversion}&bid={bid}&s1={s1}&s3={s3}&s4={pubfeed}&s5={subid}&s6={banner}&s7={campaign}&s8={conversion}&sid1={sid1}&aff_sub2={aff_sub2}&ac={ac}&sa={pubfeed}-{subid}&source_id2={source_id2}&sub1={sub1}
IP 52.51.27.131 (Ireland)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 02:00:44 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts
13
Scam - Fake AntiVirus
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
cdn.stfilecamp.com (3) 400667 No data No data 205.185.216.10
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-12-05 07:49:46 UTC 104.17.25.14
ocsp.pki.goog (6) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
translate.googleapis.com (1) 1005 2014-07-21 13:19:59 UTC 2022-12-05 14:46:54 UTC 216.58.211.10
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.208.31.97
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
translate.google.com (1) 1156 2012-05-30 01:30:32 UTC 2020-04-26 20:04:42 UTC 216.58.211.14
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
cdn-adef.akamaized.net (32) 125719 2018-06-20 13:54:23 UTC 2020-03-28 07:38:41 UTC 95.101.10.67
stormtrk.com (1) 289095 2019-05-17 18:09:53 UTC 2022-12-05 18:25:40 UTC 104.26.4.120
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-12-05 08:05:46 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
bbv.fulltimewebdefender.site (1) 0 No data No data 52.51.27.131 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 cdn.stfilecamp.com/stormtrk.js Phishing
2022-12-06 2 cdn.stfilecamp.com/fp.min.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 52.51.27.131
Date UQ / IDS / BL URL IP
2023-02-01 22:39:37 +0000 13 - 1 - 3 ccye.securityinfodata.live/c/215139442c7f7959 (...) 52.51.27.131
2023-02-01 21:00:48 +0000 0 - 0 - 1 ttg.yourrequireddataanalysis.site/c/47f782b27 (...) 52.51.27.131
2023-02-01 18:01:15 +0000 0 - 0 - 1 www.mydailysecuritysupport.com/c/0a06560e0178 (...) 52.51.27.131
2023-02-01 06:24:31 +0000 0 - 2 - 0 bbvexm.abadit5rckd.com/c/a07ca3323183c055 52.51.27.131
2023-01-31 18:00:50 +0000 12 - 0 - 2 ttg.myincreasedpcsecurity.site/c/d4f03adc6972 (...) 52.51.27.131


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-02-02 02:02:16 +0000 0 - 17 - 0 trk.klclick1.com/ls/click?upn=haDpiWLOcdBtoEn (...) 54.230.111.69
2023-02-02 02:02:09 +0000 0 - 2 - 0 d1jra2eqc0c15l.cloudfront.net/mscpp2013/vcred (...) 54.230.111.91
2023-02-02 02:00:44 +0000 0 - 0 - 4 www.mediacdnc.com/go/a660d4b4-b20b-452d-a1bd- (...) 3.70.16.242
2023-02-02 02:00:03 +0000 0 - 0 - 1 atesli.sohbethattii.info/ 99.83.154.118
2023-02-02 01:59:19 +0000 0 - 2 - 0 recognizeapp.com/tempworks.com/431167/edit 13.57.64.25


Last 4 reports on domain: fulltimewebdefender.site
Date UQ / IDS / BL URL IP
2022-12-07 11:00:47 +0000 13 - 0 - 0 bbv.fulltimewebdefender.site/c/f8f1719b6a3121 (...) 52.51.27.131
2022-12-06 19:00:45 +0000 13 - 0 - 2 bbv.fulltimewebdefender.site/c/f8f1719b6a3121 (...) 52.51.27.131
2022-12-06 04:01:01 +0000 13 - 0 - 2 bbv.fulltimewebdefender.site/c/f8f1719b6a3121 (...) 52.51.27.131
2022-12-06 02:00:44 +0000 13 - 0 - 2 bbv.fulltimewebdefender.site/c/f8f1719b6a3121 (...) 52.51.27.131


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-29 14:01:08 +0000 0 - 0 - 1 www.mydailysecuritysupport.com/c/0a06560e0178 (...) 52.51.27.131
2023-01-28 05:00:42 +0000 0 - 0 - 2 wzte.increasedpcdefence.site/c/fb1915ce998b23 (...) 52.51.27.131
2023-01-20 11:01:13 +0000 0 - 0 - 2 www.mydailysecuritysupport.com/c/0a06560e0178 (...) 52.51.27.131
2023-01-09 02:01:14 +0000 0 - 0 - 1 www.mydailysecuritysupport.com/c/0a06560e0178 (...) 52.51.27.131
2023-01-05 22:00:55 +0000 0 - 0 - 2 tro.highlyefficientdefender.site/c/78000ffb6b (...) 52.51.27.131

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (70)


Request Response
                                        
                                            GET /c/f8f1719b6a312112?clickid={conversion}&bid={bid}&s1={s1}&s3={s3}&s4={pubfeed}&s5={subid}&s6={banner}&s7={campaign}&s8={conversion}&sid1={sid1}&aff_sub2={aff_sub2}&ac={ac}&sa={pubfeed}-{subid}&source_id2={source_id2}&sub1={sub1} HTTP/1.1 
Host: bbv.fulltimewebdefender.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         52.51.27.131
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Tue, 06 Dec 2022 02:00:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=638ea241000e31cb; Path=/; Expires=Sat, 04 Feb 2023 02:00:33 GMT unique_id2=638ea241000e383b; Path=/; Expires=Mon, 06 Mar 2023 02:00:33 GMT impression=; Path=/; Expires=Tue, 06 Dec 2022 02:00:33 GMT 638ea241000e383b_sl=[268852]; Path=/; Expires=Tue, 20 Dec 2022 02:00:33 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12100)
Size:   2787
Md5:    b7ca437739b8c0f8e0ab2b8c8b384449
Sha1:   af4b742126fe2a690516f0531903f3a4c24a75e7
Sha256: c61e99d8560070c880d834bfa2ccfaf3f146a28e9cf0c6ed48195cf219da6740
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3623
Expires: Tue, 06 Dec 2022 03:00:56 GMT
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1716
Cache-Control: max-age=118762
Date: Tue, 06 Dec 2022 02:00:33 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:59:55 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6184
Expires: Tue, 06 Dec 2022 03:43:37 GMT
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 01:18:33 GMT
cache-control: public,max-age=3600
age: 2520
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: dcby8y/gLtIbkujkypnSsndn80KQGQhtx1SRQJAOGP3g0S07NcuGvDQAs95fk/73rz0tyNNHIug=
x-amz-request-id: 1FVGXTB2TGGK5DA6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 01:46:55 GMT
age: 818
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 02:00:33 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2308
Cache-Control: max-age=154978
Date: Tue, 06 Dec 2022 02:00:33 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:03:31 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /landings/268852/1665677718/css/style.css?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: FpaN53//rbr0/9q9VFEw2t+Qt0F+Buh4Zo7lIIx711GymC17gxLhEFzkthKzAv6ll9RhXhgrTKU=
x-amz-request-id: 8619EHGRTGKH91YC
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "602331533ab2f855a26a77ab03d6db15"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 02:00:33 GMT
Content-Length: 2010
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   2010
Md5:    3b1537d38270b368dd4afd3a04a8fc6c
Sha1:   f4cc570c723401da7ebb11c60c01c65863b270a5
Sha256: 5f118825faa35f752dd6fd78f44af0426d6ca137bdf908bcd9afd7f0e84d5f65
                                        
                                            GET /landings/268852/1665677718/js/js.cockie.min.js?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: t/iv6+jzeOicam7m27yoaKT7X2eJ9AiAVKoiAYVE9N63Pw/FpVDnYYkKVXk9i4JM+KPJHH9xEN4=
x-amz-request-id: 8619QFW9GSBAE1YF
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "aeb03440821eecd362780d1d1f8f4751"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 02:00:33 GMT
Content-Length: 826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (1619), with no line terminators
Size:   826
Md5:    80f159394b22e099038b584495222009
Sha1:   49a38d579533fb963f8f0f94687b40f65713b8dd
Sha256: 2d1575e9baafcb2f70a5d4ff82e829c3722535c3b9921c0d1baf5b54a384b109
                                        
                                            GET /landings/268852/1665677718/css/translate.css?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: 5PegPGCuaG0hulZ4NYVOl/a5OhLNfZC7O7MsfLH6jcCQqW96yIcSYWmfTi6N1fekuaqpq1UNy0E=
x-amz-request-id: 861AK1RSEFEPDTEV
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 655
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   655
Md5:    64836db20736f1e7995b43489b4bf0ac
Sha1:   a0db33db05acb39dd01d9f19f5eed634682b0ead
Sha256: d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87
                                        
                                            GET /landings/268852/1665677718/js/main.js?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: Mbq7Msha2PiGF3xWQjMg4VWmh1oaTa1PX5dltR0eIZlwK5RRQcRd55EtBY9/K4GZzceyxM0CBEM=
x-amz-request-id: 86123NC9MPDNB5TY
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "b56630c7276ebda1b23e2083b8367691"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 02:00:33 GMT
Content-Length: 883
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (2060), with no line terminators
Size:   883
Md5:    75c7f7a337535ee79147e8068ef8982f
Sha1:   88798d1b96c7048770ad87d00c1c0daeb0170745
Sha256: 05f89d1e5e99f402500a4e7d3178ed1b6c3b0db1f48c2e7ce1ca7702f8a7d87b
                                        
                                            GET /landings/268852/1665677718/js/site-protect.2.0.js?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: onD8gCd8O5Gl5usc1MfbtRvY+0uJyU20Q+SFmL5O1bqlelXvwypqe/CmB0VH0pZQPmiZLloKZTA=
x-amz-request-id: 8614X84KTZFR7YSA
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "311a4a9bfb7699c36f9310aa8484b360"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 02:00:33 GMT
Content-Length: 1073
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   1073
Md5:    85e3bd021961fdac95655a71435375f5
Sha1:   9d03222c7a2acb3c790270e3f07bebc485759db2
Sha256: bd6d5b382238afd5ee6299972b66f4e22521fe96487dfc620be38e1743d71887
                                        
                                            GET /landings/268852/1665677718/js/interactive.js?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: MQDT+t9QabiW0BSeAXleg+cSFbqkmPKIJALEkIo/kpPLvHaO409H2ZgFIsQeKl/NdCr7hWhj6Xg=
x-amz-request-id: 8613A5H4FQBXP6HH
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "4556c2fbe499483bd54ee664e83bd0af"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 02:00:33 GMT
Content-Length: 4961
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (24491), with no line terminators
Size:   4961
Md5:    e332e3d27c8b834beeb86c7309f642cf
Sha1:   c09dcf00146664a766d79b84cee7e5c1299f89fb
Sha256: d3b8f64254adfb0eebe5a286b58b04702da9b8b09f704f3ef5512ee14c733160
                                        
                                            GET /landings/268852/1665677718/js/translate.js?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: IYOv2nYAy6c6Pt16XIo+QTZIcXSVt/Jlnp6RTQUqgdWFwGVRP90/rwWzXjGxuaSs4Joz5h/xeVA=
x-amz-request-id: G11T1D7ET9RPEGEQ
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "fcd546809170dd574eb37b989529f69a"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 02:00:33 GMT
Content-Length: 544
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   544
Md5:    015967e055e606d62302b33ca898240c
Sha1:   97a3a854502409b10635b092500bfc5b244642e4
Sha256: 5bc3f308bb3236dbb04b2ac5d01905f9081d24827d4cd26c33ec5f716acd8427
                                        
                                            GET /landings/268852/1665677718/js/second_back_multi.js?1665677719 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 9jgAQVwWv7D84QxmnLdKg3c9qt+oBO2GGu/xVSiVSOqFL1nfeIYml1NPJSbR5+jCBidi9xwsNdc=
x-amz-request-id: G11RD9Y45HRGJ73N
Last-Modified: Thu, 13 Oct 2022 16:15:22 GMT
ETag: "12af65fd8656be95d31d144fa257727d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 02:00:33 GMT
Content-Length: 732
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   732
Md5:    64bb7cb9f3a6cb788156ff60cf17c587
Sha1:   18e341baa9e99c034dc3b2cff1b7b9d90626082d
Sha256: 3be73c0c23bffc4bd19a14a3351ca8b7719bd10bda3ca5807c6661f4211064da
                                        
                                            GET /multi_push.js?1665677719 HTTP/1.1 
Host: cdn.stfilecamp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         205.185.216.10
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 06 Dec 2022 02:00:33 GMT
cache-control: max-age=5
content-length: 1072
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx000000000000075d9fdad-00638e9436-213dd56e-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670292033.dop227.sk1.t,1670292033.cds213.sk1.hn,1670292033.cds020.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1072
Md5:    a50322f9d3f3fafe3fb02be02285e433
Sha1:   c0a894b3bfa545832c3ad1c2f145005d02e50ac4
Sha256: cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99
                                        
                                            GET /ajax/libs/jquery/3.6.1/jquery.min.js?1665677719 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 02:00:33 GMT
content-length: 27990
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "63091225-6d56"
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1125753
expires: Sun, 26 Nov 2023 02:00:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKWiMySR32sog9hbsoWGDjIylWo%2Fv4%2B8qRG4hYjK6vStMioKG8mUTiIOf1IQxuKtdrHBfFLr0yOZB8n7PTn1PeKwrjwrkle5Qwpsh0PyicjdxZtvh7gk0AMF4EtAH9BAC72vD3VQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77516dba1f81b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27990
Md5:    265d03943a645462854e9444dabeb800
Sha1:   a44ef995093ddc5f334a63999d71c65a1d2b6643
Sha256: 0d4102a2c52171ae32d1b2157118ceef7e18220bc02fbac9ce327a6a99a171df
                                        
                                            GET /landings/268852/1665677718/images/win_cls.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: Cf0VAzcm4AT+qbHqq3htuBDaDF1bdhb+P7ANbFu6QO7TMptpNBCvwIrQAIrFNHxErtrdKDUvFbU=
x-amz-request-id: G11NV0ZZM3D1W5S2
Last-Modified: Thu, 13 Oct 2022 16:15:20 GMT
ETag: "9eb68d2ce05c151bda542a7a6356e22c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 293
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size:   293
Md5:    9eb68d2ce05c151bda542a7a6356e22c
Sha1:   baeeefe4a7ac657c10a5f081841015de1bcf90dd
Sha256: 2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/icon-white.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: oFzDAusA1yUFTq1/NsJSyJNZGLfOAxLcNeIvKEjNofF/V5egpt8kSQ6dp7urFeMwquIGA0bAG8A=
x-amz-request-id: FWMDEDMFQ45CCP95
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "c391e0f03315c1de2f0c3091c1170b38"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2178
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 73 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size:   2178
Md5:    c391e0f03315c1de2f0c3091c1170b38
Sha1:   4c6d1e87a69be58cd9fb9acdaee354580a2da1b6
Sha256: 8b7a5ce48e7e6a77ba8c97eae67a4556c325b7a80ad8bc1e831d08069e8ed37c
                                        
                                            GET /landings/268852/1665677718/images/protect.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: Kz7c6umXQWVdzpdKvq17ZIDmfsOzmo1ooTQkWgz5DCBM5/NKJTZ/Xw6L8i2bRy2E6E4fwqEQt2I=
x-amz-request-id: G11XBMWPS484ERFQ
Last-Modified: Thu, 13 Oct 2022 16:15:20 GMT
ETag: "9979fef59356099c8f41e2248fb3765d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 70593
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 543 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   70593
Md5:    9979fef59356099c8f41e2248fb3765d
Sha1:   b675d4030621b8de6bb823085ff9d9b8613c5f48
Sha256: d00309ba24e28a196d0ce99ced950476954b7435a539e5157556cdb4c23fd310
                                        
                                            GET /landings/268852/1665677718/images/icon-red.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: jqIU0BwVciOx0M0SY5P9t2bcd7eJKkXMDHlw5uKqP+zPIzEdZMEutkEjQUOXMArdVoHTsiNGRx4=
x-amz-request-id: G11RXD5CDVEHJVCC
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "f460adcdcb62bffc8961d6681d5042be"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1709
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 40 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size:   1709
Md5:    f460adcdcb62bffc8961d6681d5042be
Sha1:   a3c4fcb71daf78ab130938480ace7588ffa16194
Sha256: c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6
                                        
                                            GET /landings/268852/1665677718/images/ico_gray1.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: rry7W8u8u2J7gZgPvGGAaJ4FHIH3DA93LbqqesFnZgxGrD4rEkr3jSCZAi/0WwmukKkC+7kB568=
x-amz-request-id: G11YF4Z48N0B3Q9B
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "e144c3378090087c8ce129a30cb6cb4e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 364
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size:   364
Md5:    e144c3378090087c8ce129a30cb6cb4e
Sha1:   59da5466551de941d0215e45c54aa2ceaf436be1
Sha256: b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/ico_bl1.gif HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
x-amz-id-2: LBL2kr3cTWm5OKuFnRbCmvOOWn85SgA924Rzj3AEci09m2nO/Si8w05EMxqlw+GAY82/uYIMaRw=
x-amz-request-id: G11Y7C5V9P18GPYX
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "af3aca2036675c5979fb535c5d190f15"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 511
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  GIF image data, version 89a, 80 x 65\012- data
Size:   511
Md5:    af3aca2036675c5979fb535c5d190f15
Sha1:   70c4f17ef1a2afe0477c84c5d209fbe31760b657
Sha256: aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa
                                        
                                            GET /landings/268852/1665677718/images/ico_bl2.gif HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
x-amz-id-2: fzOfjn5taO7aaTLWiqr4Ce/2NbpgU0pLi6HPFAQj86nUIz9mRsRjGsVBBm52jGblQFrH8pr+7DM=
x-amz-request-id: FWM4ZSE9S5RK86RQ
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "af52e51f42fd0c55bc3cf2c8ece71492"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1547
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  GIF image data, version 89a, 65 x 80\012- data
Size:   1547
Md5:    af52e51f42fd0c55bc3cf2c8ece71492
Sha1:   016f83da68ff461a5c6aebcc2a45668317b2f24c
Sha256: e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/ico_tray3.gif HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
x-amz-id-2: 362vlk4/gNTdRLEWI+G2Wu3vIuX+IEi/Vu6hHXOgRDp3o18oinq8eoNxKXu44B8X+H6FmrSMr84=
x-amz-request-id: FWMECNDKMKD6TCZT
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 234
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   234
Md5:    9ce99ec458daf212f9812a90f3fadd13
Sha1:   9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
Sha256: b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/win_min.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: R2l0Hw5DTXnCCkNJIq3w1y776QoLhZVPmxKa6hiywTRnsLPkpPaAf9ONU+Sfv/EtTDZRYSQfqH4=
x-amz-request-id: G11K8K61AAFGQ38Q
Last-Modified: Thu, 13 Oct 2022 16:15:20 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 128
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size:   128
Md5:    0bb86caf792dd7d24731c18cd37bb68e
Sha1:   dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
Sha256: 2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/logo-red-full.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: lPI6GLumB7VjTdfb8EsCq9LBZob6PKhk3lynVxJ3XyK7qrxoRep0SN/EPBsZQSiQJ7qmKe9yUhE=
x-amz-request-id: G11K43CH467XT9P5
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "63fb2900e5622e4a6cadfd616f84476e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 7254
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 230 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   7254
Md5:    63fb2900e5622e4a6cadfd616f84476e
Sha1:   60d9f07aa5e9fd0595f00e7ce41eb80a51927f8c
Sha256: 6dbe00201def9dbf69293b028055f8ea0513ef52cb1f2e60212a5061c37d283d
                                        
                                            GET /landings/268852/1665677718/images/ico_tray1.gif HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
x-amz-id-2: V+OBzlR+6JRr0gVBhYIXSndncuZ1k7drxfHh1R5Q4KDsl9TTt1ZPWqk0sJOZ8qTZXMKxz88L1QI=
x-amz-request-id: G11W6F8XTV2MW4ZQ
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "3ae573d079dcd1d2da4086f2c0c72c45"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 69
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   69
Md5:    3ae573d079dcd1d2da4086f2c0c72c45
Sha1:   e7c9dabec81379373476ed23168dcecb9b8c56aa
Sha256: 9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/ico_tray2.gif HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
x-amz-id-2: r7Oo9K5eT7CXsaF4CP91moBRVPSTd7aSiPCqZNfjFoIglCAXGciM2eZ7RnTfTGFv78XiKkSQJwY=
x-amz-request-id: FWM2VK5HR5MJK6XZ
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "c10bdec858cb0cf9e6cc5865d5925746"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 377
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   377
Md5:    c10bdec858cb0cf9e6cc5865d5925746
Sha1:   697c095ed5509e5a5af0c5ebf2380662aeffc531
Sha256: b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/ico_gray2.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: G/2vRL5Yp3n1ZaKhsK5Ngn0ZcuUl11Rz9/r7f/q/DSEtjNwoeuq7kbo9yt7YKpgB3FCu4p/8Kv4=
x-amz-request-id: G11T641S197N8EB4
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "7454c652e0733d92de6c920c2d646ae0"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 349
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Size:   349
Md5:    7454c652e0733d92de6c920c2d646ae0
Sha1:   34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
Sha256: 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/ico_bl3.gif HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
x-amz-id-2: yuPWqY/PTRqj0wwn+ZSDDaUJ8eYr2aLHqFbdMu6Iw4xmch9syr0Qamgmck+khBERsyhtcPpmkj8=
x-amz-request-id: FWM8MJA39H0HZ0JD
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "da9d153375da51a616a7663f1504e3a5"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 949
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  GIF image data, version 89a, 78 x 68\012- data
Size:   949
Md5:    da9d153375da51a616a7663f1504e3a5
Sha1:   bd81fe60fe017bfe79be8c1afed88b659ff166d9
Sha256: 9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /landings/268852/1665677718/images/logo-white.svg HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: WzsU5fo1YdSHiU0jhbyukGZYoLhjAWK2CHhGFjKiCFMq8kf1NK2g82KWzfsiuKL9Y6GPLL6ESSE=
x-amz-request-id: G11RM0NB9J2CRTQF
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "6afb794723ba525f2c526c9899569924"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1296
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1296), with no line terminators
Size:   1296
Md5:    6afb794723ba525f2c526c9899569924
Sha1:   8921668647cb2e4e8f689abd3f2bb8c9579432a8
Sha256: e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26
                                        
                                            GET /landings/268852/1665677718/images/logo-red.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: h4ROlWwQXQMHRhvOKJqrJ9o2AtYk3AjSkVmH2k8wnWfKoszozqVA2fKSfcbCFj7aMKeyYaMJxUs=
x-amz-request-id: G11KNA6XG3KR4B99
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "945db2cdbd67e8ad20315672f80c1f18"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4714
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 230 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size:   4714
Md5:    945db2cdbd67e8ad20315672f80c1f18
Sha1:   1d49f3128052594b6b46edc17712e83f62bdb035
Sha256: cf56bcceaf23dba6d290e2c6739ac2bab77b36e03c20a48cdbe49bcfe2fb31d0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2308
Cache-Control: max-age=154978
Date: Tue, 06 Dec 2022 02:00:33 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:03:31 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /stormtrk.js HTTP/1.1 
Host: cdn.stfilecamp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         205.185.216.10
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 06 Dec 2022 02:00:33 GMT
cache-control: max-age=6
content-length: 6502
last-modified: Tue, 07 Sep 2021 08:59:42 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "469e121bb4c4fe159bbca2b4f5a88267"
x-amz-request-id: tx000000000000075d91128-00638e9437-213ecff2-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670292033.dop227.sk1.t,1670292033.cds213.sk1.hn,1670292033.cds014.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6502
Md5:    469e121bb4c4fe159bbca2b4f5a88267
Sha1:   f0c66f226de28b324e4f1ecb766597938f984c60
Sha256: 4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:00:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:00:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=122405
Date: Tue, 06 Dec 2022 02:00:33 GMT
Etag: "638ddd66-117"
Expires: Wed, 07 Dec 2022 12:00:38 GMT
Last-Modified: Mon, 05 Dec 2022 12:00:38 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:00:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /translate_static/css/translateelement.css HTTP/1.1 
Host: translate.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 01:07:43 GMT
expires: Tue, 06 Dec 2022 02:07:43 GMT
cache-control: public, max-age=3600
age: 3171
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18670)
Size:   3619
Md5:    897ba9a21d9625286674da769dacc2e2
Sha1:   84b4923ab7dee562395160824d53496314499b77
Sha256: 696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:00:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /beep.mp3 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 302 Moved Temporarily
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Tue, 06 Dec 2022 02:00:34 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 01:08:58 GMT
cache-control: public,max-age=3600
age: 3096
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /404 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: http://bbv.fulltimewebdefender.site/
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 134
Date: Tue, 06 Dec 2022 02:00:34 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   134
Md5:    9c7c01b7650d428a3540bd1d22390a2f
Sha1:   1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
Sha256: 08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
x-amz-id-2: IjvSRVcJlrA8KRtuHCIvySb7T9M4setamspkp4J4t5oLIH6qyzaHxu8PdVPZHXMCPnB1SRcSZOs=
x-amz-request-id: 9B7689322D7626CA
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Tue, 06 Dec 2022 02:00:34 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   4103
Md5:    4cdf3256cd7b8ec3917adb79d6bf457e
Sha1:   bc615337e9223183a126c8fb649774866fb53e69
Sha256: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1696
Cache-Control: max-age=113674
Date: Tue, 06 Dec 2022 02:00:34 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:35:08 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:00:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/1.0/ping/pong?location=http%3A%2F%2Fbbv.fulltimewebdefender.site%2Fc%2Ff8f1719b6a312112%3Fclickid%3D%7Bconversion%7D%26bid%3D%7Bbid%7D%26s1%3D%7Bs1%7D%26s3%3D%7Bs3%7D%26s4%3D%7Bpubfeed%7D%26s5%3D%7Bsubid%7D%26s6%3D%7Bbanner%7D%26s7%3D%7Bcampaign%7D%26s8%3D%7Bconversion%7D%26sid1%3D%7Bsid1%7D%26aff_sub2%3D%7Baff_sub2%7D%26ac%3D%7Bac%7D%26sa%3D%7Bpubfeed%7D-%7Bsubid%7D%26source_id2%3D%7Bsource_id2%7D%26sub1%3D%7Bsub1%7D HTTP/1.1 
Host: stormtrk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bbv.fulltimewebdefender.site
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.26.4.120
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 06 Dec 2022 02:00:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxCaSXqT5WQK%2BHFRIw3Rg%2Fyhr0T7490zRqLZ%2BmYmQ2qAQZMe9aFuy6ScY%2FuBSbq%2F%2FFX8%2FFnUAtVTWKCo5q2hPjhtD0Eg7s5Ow5BEiFlqNsYtTYWxNLxHGaDtjxBUEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77516dbc9a00b505-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (477)
Size:   1194
Md5:    d96ad1400571439e717f31e51d8a97ad
Sha1:   ca7af443553d40cb6431d219612c08a5569bb00e
Sha256: 08594321d21eafcde60b11991533ba22494e7dda1ac0083b411960d93157c806
                                        
                                            GET /images/branding/product/2x/translate_24dp.png HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 22:09:54 GMT
expires: Tue, 05 Dec 2023 22:09:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
age: 13840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   1842
Md5:    c69c796362406f9e11c7f4bf5bb628da
Sha1:   e489ce95ab56208090868882113d7416abf46775
Sha256: 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
                                        
                                            GET /fp.min.js HTTP/1.1 
Host: cdn.stfilecamp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         205.185.216.10
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 06 Dec 2022 02:00:34 GMT
cache-control: max-age=6
content-length: 31705
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000000000000075d912e1-00638e9438-213ecff2-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670292034.dop227.sk1.t,1670292034.cds213.sk1.hn,1670292034.cds237.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (31370)
Size:   31705
Md5:    198f2f5b0a649f41fe890c59d37319aa
Sha1:   f24629687612889bb59f610df3879afcd766fb80
Sha256: d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:00:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I/VVEcXfRAUUSLR6q3hKTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.208.31.97
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eQee/6Dj3xIbYrRrjScks1g2Yk4=

                                        
                                            GET / HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 302 Moved Temporarily
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Tue, 06 Dec 2022 02:00:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /404 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bbv.fulltimewebdefender.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 134
Date: Tue, 06 Dec 2022 02:00:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   134
Md5:    9c7c01b7650d428a3540bd1d22390a2f
Sha1:   1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
Sha256: 08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7864
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 02:00:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7864
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 02:00:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7864
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 02:00:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7864
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 02:00:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7864
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 02:00:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 15209
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8997
Md5:    9fda84db003d0cfc70d73dcb6a3763dd
Sha1:   5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
Sha256: f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5273
x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSz2EqfIAMFqng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YFtwPRjtJcX51t_xVdpS2-J222bVL8KEildkseLJ_pVbCFkljZ-Q0A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:49 GMT
age: 15166
etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5273
Md5:    49c08cd33e41826af9dd4a8a912e0ddf
Sha1:   bde85bd98858e4b13484a9cc3263b4db7fb5d348
Sha256: 43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 15124
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6920
Md5:    f4193f05dfd1de8bf795f433d4387243
Sha1:   b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
Sha256: b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 14774
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11175
Md5:    38b97436af942d5eb1111ca7043259a0
Sha1:   0234fe32c84c4711f0619714f3ac6d3db1b717d3
Sha256: a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 14908
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8469
Md5:    2f60a6490f38a772dcd50a1132e98e1b
Sha1:   ff254a1df087d2c157d88a6ef04e395dc49efe5e
Sha256: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 13867
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15732
Md5:    b5e953213b7b13b8ee202406147fac52
Sha1:   67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
Sha256: cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
                                        
                                            GET / HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 302 Moved Temporarily
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Tue, 06 Dec 2022 02:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Scam - Fake AntiVirus
                                        
                                            GET /404 HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bbv.fulltimewebdefender.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 134
Date: Tue, 06 Dec 2022 02:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   134
Md5:    9c7c01b7650d428a3540bd1d22390a2f
Sha1:   1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
Sha256: 08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
                                        
                                            GET /landings/268852/1665677718/images/globe-alpha.png HTTP/1.1 
Host: cdn-adef.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: jmOIawtUQxKQkVFsnR5sm4cr5S5EEyHjNqsJYx4xzkdtIVEQeXfq3nYOQU9PyW3YW35Qa3THuKM=
x-amz-request-id: G11H2CMP2A4JG8RX
Last-Modified: Thu, 13 Oct 2022 16:15:21 GMT
ETag: "bc336a3a0c484d7c65299b9c4af45596"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 302963
Date: Tue, 06 Dec 2022 02:00:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
                                        
                                            GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1 
Host: translate.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bbv.fulltimewebdefender.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.14
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Dec 2022 02:00:33 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+985; expires=Thu, 05-Dec-2024 02:00:33 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---