| oni-trk.cj9l.in/ga/click/2-84199188-6949-17195-33659-34312-41309fe144-fa99ce2d08 | 188.114.97.1 | 301 Moved Permanently | 0 B |
URL HTTP/1.1oni-trk.cj9l.in/ga/click/2-84199188-6949-17195-33659-34312-41309fe144-fa99ce2d08 IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /ga/click/2-84199188-6949-17195-33659-34312-41309fe144-fa99ce2d08 HTTP/1.1
Host: oni-trk.cj9l.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 15 Jan 2023 23:31:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Jan 2023 00:31:24 GMT
Location: https://oni-trk.cj9l.in/ga/click/2-84199188-6949-17195-33659-34312-41309fe144-fa99ce2d08
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lpjjkczxiYvn1dcpVyiKE03D0Z3GXITu9PryOVrZgoTEbmdwcxBgnacShfdtRmR1C8G%2Bb%2Bn4c5NUNUD1aqmWMPVwa5gKBqgm4VvdWpxFy%2Ft4rtPMIeiOIHNFrubjWDrBEw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a2679d49a1b50c-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2258cd6b877a3aca8f4c84074e65ac4b 4e46c70941f8e497e8afc8d078644e7f81761a1c faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8410
Expires: Mon, 16 Jan 2023 01:51:34 GMT
Date: Sun, 15 Jan 2023 23:31:24 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0643dc6b6fed33b3537160b6bb77bcbf aa43bd1fbb30d2219f3285c1ee4991ffb33562c5 f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Mon, 16 Jan 2023 00:45:28 GMT
Date: Sun, 15 Jan 2023 23:31:24 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 22:49:06 GMT
content-type: application/json
age: 2538
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd6e2abd68203014e8e24d4a9e20e980a 5edbbb1a36083d5077b90b82e7aa10049e90c5d6 88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7327
Expires: Mon, 16 Jan 2023 01:33:31 GMT
Date: Sun, 15 Jan 2023 23:31:24 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p1ugEGzyBMRNfbEFJTkqz6ZojvHEmSCI69iMOP9Pv3k6SPGaXaYkLOh6SOPhUPgFRE6r6GEjwss=
x-amz-request-id: GYAXZF5JJV3MF663
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 22:55:33 GMT
age: 2151
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7bd04f7f7e20eef58a8ceae4688bfdfc ea6e65790a26a7621edd6d1fcacd6fde83b9d493 4893c84bf87564f885bf18ee335d0ba4b847c0811fc05c83fc3bb6ea2ee4a0f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4893C84BF87564F885BF18EE335D0BA4B847C0811FC05C83FC3BB6EA2EE4A0F8"
Last-Modified: Sun, 15 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15672
Expires: Mon, 16 Jan 2023 03:52:36 GMT
Date: Sun, 15 Jan 2023 23:31:24 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 23:31:24 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 22:33:45 GMT
age: 3460
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7bd04f7f7e20eef58a8ceae4688bfdfc ea6e65790a26a7621edd6d1fcacd6fde83b9d493 4893c84bf87564f885bf18ee335d0ba4b847c0811fc05c83fc3bb6ea2ee4a0f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4893C84BF87564F885BF18EE335D0BA4B847C0811FC05C83FC3BB6EA2EE4A0F8"
Last-Modified: Sun, 15 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15671
Expires: Mon, 16 Jan 2023 03:52:36 GMT
Date: Sun, 15 Jan 2023 23:31:25 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash68e844aa9920bc187a8253068e02b202 f11da8154594474b4d2d19d1d8162bd67f30c90b 0136c175dee8f8cb0ff17e0d4e371d996c2fed8b764d6bd2e024b1644c40983e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0136C175DEE8F8CB0FF17E0D4E371D996C2FED8B764D6BD2E024B1644C40983E"
Last-Modified: Sun, 15 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 16 Jan 2023 05:31:25 GMT
Date: Sun, 15 Jan 2023 23:31:25 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe5f9cfd32ba0e755eba2eba2bca5bc3c 012c01ac7a06da9f57e0e1c24658a4bd40e82518 ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4012
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 23:31:25 GMT
Last-Modified: Sun, 15 Jan 2023 22:24:33 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.148.84.125 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.84.125:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9t9jUDmp+OMvywEqblVs4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5TJoQb7BtIwJf+nO+V5GTZwgXlo=
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash68e844aa9920bc187a8253068e02b202 f11da8154594474b4d2d19d1d8162bd67f30c90b 0136c175dee8f8cb0ff17e0d4e371d996c2fed8b764d6bd2e024b1644c40983e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0136C175DEE8F8CB0FF17E0D4E371D996C2FED8B764D6BD2E024B1644C40983E"
Last-Modified: Sun, 15 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Mon, 16 Jan 2023 05:31:25 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashf3ee298482e8025b16b90899b84c98d1 ce5050ce27200b3408a8e5113adcc7a8d14b4796 4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 23:31:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashf61058bbfdfd5f046fcaea8d86deb2b2 a89bc714fc105851642f7abb1711bed79813877b dc784e49a0bee812bfd10c0fbf30988214d85f873f91385efa38544dfd3c8445
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 254
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 23:31:26 GMT
Last-Modified: Sun, 15 Jan 2023 23:27:12 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 280
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.138:0
File typeASCII text, with very long lines (65451) Hash903bc7a7e510f87aa5d0201eb59a0832 ac9aa4dd94cde1bcba9037e94087138b127e41fc 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 06:59:13 GMT
expires: Fri, 12 Jan 2024 06:59:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 318733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js | 104.18.18.183 | 200 OK | 696 B |
URL HTTP/2cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js IP104.18.18.183:0
File typeASCII text, with very long lines (1337), with no line terminators Hash63705797b6d53ce29d4da58a6329400d ccd3eee5b9a2d07477dcdd043646b88238fe2d3a 6228a25b9cab89103cf5460b19301f18b4d40c6e22974c0afebada440cf5acb6
GET /sdk/1.1/wonderpush-loader.min.js HTTP/1.1
Host: cdn.by.wonderpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 15 Jan 2023 23:31:26 GMT
content-type: application/javascript
content-length: 696
last-modified: Wed, 11 Jan 2023 09:03:04 GMT
cache-control: public,max-age=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 86400
etag: "63705797b6d53ce29d4da58a6329400ded6e"
x-cache: Miss from cloudfront
via: 1.1 efe5edfc97620ce0a17f2dafd5991870.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 4jEDHkCitvaLj4dF6bpWK3fciDrYJ004Tw1JW2gVNWkmuAetDzcxKA==
cf-cache-status: HIT
age: 52074
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a267aa882cb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashf61058bbfdfd5f046fcaea8d86deb2b2 a89bc714fc105851642f7abb1711bed79813877b dc784e49a0bee812bfd10c0fbf30988214d85f873f91385efa38544dfd3c8445
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 254
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 23:31:26 GMT
Last-Modified: Sun, 15 Jan 2023 23:27:12 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashf3ee298482e8025b16b90899b84c98d1 ce5050ce27200b3408a8e5113adcc7a8d14b4796 4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 23:31:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashea468cdec103670428751d8516022609 a52d413c71e431517ce9b94244d535659c5f6355 ccff0b31fece693ac8601efd5408ef06ff588cf1c424f9fe3cf29d12b504e0c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCFF0B31FECE693AC8601EFD5408EF06FF588CF1C424F9FE3CF29D12B504E0C2"
Last-Modified: Sat, 14 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16104
Expires: Mon, 16 Jan 2023 03:59:50 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashea468cdec103670428751d8516022609 a52d413c71e431517ce9b94244d535659c5f6355 ccff0b31fece693ac8601efd5408ef06ff588cf1c424f9fe3cf29d12b504e0c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCFF0B31FECE693AC8601EFD5408EF06FF588CF1C424F9FE3CF29D12B504E0C2"
Last-Modified: Sat, 14 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16053
Expires: Mon, 16 Jan 2023 03:58:59 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashea468cdec103670428751d8516022609 a52d413c71e431517ce9b94244d535659c5f6355 ccff0b31fece693ac8601efd5408ef06ff588cf1c424f9fe3cf29d12b504e0c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCFF0B31FECE693AC8601EFD5408EF06FF588CF1C424F9FE3CF29D12B504E0C2"
Last-Modified: Sat, 14 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16079
Expires: Mon, 16 Jan 2023 03:59:25 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashea468cdec103670428751d8516022609 a52d413c71e431517ce9b94244d535659c5f6355 ccff0b31fece693ac8601efd5408ef06ff588cf1c424f9fe3cf29d12b504e0c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCFF0B31FECE693AC8601EFD5408EF06FF588CF1C424F9FE3CF29D12B504E0C2"
Last-Modified: Sat, 14 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16114
Expires: Mon, 16 Jan 2023 04:00:00 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashea468cdec103670428751d8516022609 a52d413c71e431517ce9b94244d535659c5f6355 ccff0b31fece693ac8601efd5408ef06ff588cf1c424f9fe3cf29d12b504e0c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCFF0B31FECE693AC8601EFD5408EF06FF588CF1C424F9FE3CF29D12B504E0C2"
Last-Modified: Sat, 14 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16141
Expires: Mon, 16 Jan 2023 04:00:27 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translate.css | 97.107.133.178 | 200 OK | 655 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translate.css IP97.107.133.178:0
Hash64836db20736f1e7995b43489b4bf0ac a0db33db05acb39dd01d9f19f5eed634682b0ead d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translate.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:26 GMT
ETag: "28f-5deb63a3c5580"
Accept-Ranges: bytes
Content-Length: 655
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Sun, 15 Jan 2023 23:31:26 GMT
Connection: keep-alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css | 97.107.133.178 | 200 OK | 21 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css IP97.107.133.178:0
Hash5bfd2245d7f170adde20137ba98ce022 7b81e6803067d57102a45007f0de027b4a49307a f6eb66822c1b670b9a92100c2c818fb9748718b148adea7e2b90a0149e7555f2
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 13:28:30 GMT
ETag: "52f4-5edfb07fabb80"
Accept-Ranges: bytes
Content-Length: 21236
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha7917592de9f2ddbe7d3a7fa7f3d4d62 866b04ce93a30369d7cb0a6d2155a8b10292507f da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 5897
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77bcb8a1-6565-4283-8a46-f2624485b82c.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77bcb8a1-6565-4283-8a46-f2624485b82c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash48e4d33d0e2d8dfc127917632a45ec79 7a124673f4e413bc58a429ae6fb72618f08938d2 1e195f91ce82097f1e0677f5b26db495dd93a714364b2086f618e8b477f05497
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77bcb8a1-6565-4283-8a46-f2624485b82c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12703
x-amzn-requestid: df3a2816-a340-4aa7-bade-50d66b499da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq167Gc7oAMF-0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c10378-6d3edaab0ddee58476197d69;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YRBVVanJq2UY_NaQv4BUy2gqwIzdys6SpR0FymDH67XK_rJ2LnGloQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 18:45:53 GMT
age: 17133
etag: "7a124673f4e413bc58a429ae6fb72618f08938d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc7e64e-76a6-41cb-8381-e350ed22e433.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc7e64e-76a6-41cb-8381-e350ed22e433.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash563890066799adebdd8d96d033f3c5a5 96e7e4c79c412e996b1f0fe55c71ff462a6e1c15 6445af1aa6d441e2beb8ee45571de1147b964f9754d5180cf0b0fe231bdf6389
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc7e64e-76a6-41cb-8381-e350ed22e433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9461
x-amzn-requestid: 84830ff1-858d-4f03-b65d-d07177fda604
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAc0GtcoAMFWJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ab8-272ba9d25aaf14411ee8b84a;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:12:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IdYkGFJdSPIedyuw7JB_SFg4at7s2RQw1UaX0QAlRzmig6L-bScZaA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 10:26:31 GMT
age: 47095
etag: "96e7e4c79c412e996b1f0fe55c71ff462a6e1c15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha14364fe2ad784ef5db2ea66dcf18dba 3274bc2a0b6e41d6f44e31ab0e233f79677079d3 40ffbf3dd157214eb918c6babf69b94f657f354337001f0b7e06930bf6a47aae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7291
x-amzn-requestid: 153fdafd-e094-4261-8202-065208ed543e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOMGuxoAMFkJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725a-68ba19037f23dae033513080;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dCzcLSv-R9QxYnx_d6iQJBWnYuZIIsHlwdKj4N_8yNlNHiSQ7RDDVQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:45:02 GMT
age: 6384
etag: "3274bc2a0b6e41d6f44e31ab0e233f79677079d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13011531-ff8c-4458-95fc-8f01cb8cf388.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13011531-ff8c-4458-95fc-8f01cb8cf388.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2fc1fbbeea18c567e02704d7092b1abb 53d72fe5bf26905151cfc14a9a516f84e4a0ea88 ffb2e45d691f0645e4009c59f55191bee5192ce61fce73be81d563935aa7a6c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13011531-ff8c-4458-95fc-8f01cb8cf388.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7465
x-amzn-requestid: 0c45da8d-6b12-419f-a6fe-21f5780e4de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlLeGD-IAMFwRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be2-5a826d98612cffc745ca180b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b5sGEI7vfOZ9f_GY-pR5ZtdmFEGJIg-K0IIhe1Sge_d2k0LdDXLlFA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 06:35:45 GMT
age: 60941
etag: "53d72fe5bf26905151cfc14a9a516f84e4a0ea88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash967f1203a41980b914f19374ecd15973 65806af5bd4421fbacb00cd32f6102ab3f4cf1f1 7fec48c42cda6aaa3f17ad1db30968b04ffea392ad949e646bba763e53508329
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8040
x-amzn-requestid: e95c2179-6659-4be8-b66b-3d68b314b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbCEH6bIAMFSlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a540-4fde44af3f8fdb3622623542;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:03:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7XVBWws74x6_i8ZvXHP413DfPGGfJ7L-Hck3K0KykZgZHxIF3ponUw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:59:05 GMT
age: 55941
etag: "65806af5bd4421fbacb00cd32f6102ab3f4cf1f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translateelement.css | 97.107.133.178 | 200 OK | 19 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translateelement.css IP97.107.133.178:0
File typeASCII text, with very long lines (18670) Hash15ab5dfc566a9a19f6e89a72b7819e43 064aac1e8bc5a26c5986e40659bc328157ec3b53 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translateelement.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:28 GMT
ETag: "4924-5deb63a5ada00"
Accept-Ranges: bytes
Content-Length: 18724
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/js/interactive.js | 97.107.133.178 | 200 OK | 45 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/js/interactive.js IP97.107.133.178:0
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashacf4559f3f91eda60139e1c3d5eefdd9 ae0434de9a8f8fb0f5ccd7e4a1ee46e26587ab62 c67f4eb232627e2138f6f362ef0d27952f867490800b96b785c99d6d1419a5db
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/js/interactive.js HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 13:10:55 GMT
ETag: "ae3d-5edfac918b5c0"
Accept-Ranges: bytes
Content-Length: 44605
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/mc-i.png | 97.107.133.178 | 200 OK | 3.1 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/mc-i.png IP97.107.133.178:0
File typePNG image data, 78 x 68, 8-bit/color RGBA, non-interlaced\012- data Hash633714b1295770c99485455816c43be2 e26c3b7d793f48444e2f82bc3ea4a29128d96d8e a7cfd2ee032844ad28cc18372b050d644921d60b888ba70fc364e2ad4bdf0425
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/mc-i.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:37:22 GMT
ETag: "c35-5edf97a892080"
Accept-Ranges: bytes
Content-Length: 3125
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl1.png | 97.107.133.178 | 200 OK | 6.0 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl1.png IP97.107.133.178:0
File typePNG image data, 80 x 65, 8-bit/color RGBA, non-interlaced\012- data Hash1ba78c9484ac8c36583f8c5963b74f05 20335a5474578f3a9cab8d1052526f3ac88a7ded 6d8e43b02e0ddce97f5439e6a6401a9b709d88172229d0880fad5ddd788c95fc
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl1.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:34:32 GMT
ETag: "1753-5edf970672200"
Accept-Ranges: bytes
Content-Length: 5971
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cross.png | 97.107.133.178 | 200 OK | 2.3 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cross.png IP97.107.133.178:0
File typePNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data Hashcd2742194d7f7f607463ff4be3f65679 a7f618ca9d0e2e6068ca9947bc3fa345bd6fda69 290e51ccfcc19b30c2462630151348b63159d3249e5d1914a889d95b252f92e5
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cross.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:04:42 GMT
ETag: "8ce-5edf905b5e680"
Accept-Ranges: bytes
Content-Length: 2254
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray1.gif | 97.107.133.178 | 200 OK | 69 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray1.gif IP97.107.133.178:0
File typeGIF image data, version 89a, 16 x 16\012- data Hash3ae573d079dcd1d2da4086f2c0c72c45 e7c9dabec81379373476ed23168dcecb9b8c56aa 9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray1.gif HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:49 GMT
ETag: "45-5deb63b9b4940"
Accept-Ranges: bytes
Content-Length: 69
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ring.png | 97.107.133.178 | 200 OK | 2.2 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ring.png IP97.107.133.178:0
File typePNG image data, 30 x 29, 8-bit/color RGBA, non-interlaced\012- data Hash362a46dd22ed5f992e906fa1b2a6ba9c 27bde287218c4ff11ce60ced37182da024f3383c 7ab1abfffc69499079b7cec130ba9a807f59db9a60d9ef16928227f060bec60d
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ring.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:02:36 GMT
ETag: "8a2-5edf8fe334b00"
Accept-Ranges: bytes
Content-Length: 2210
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl3.png | 97.107.133.178 | 200 OK | 9.3 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl3.png IP97.107.133.178:0
File typePNG image data, 78 x 68, 8-bit/color RGBA, non-interlaced\012- data Hashf2d9f17e875b7acf29b8f31aa4575096 d20b7c059c2a5f128c8b84ce9d3e24a7e18ef2e7 1e43d9d36503388bb05a293d8a33ea966fc851f2fdad8dff8ede0d035ede3e87
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl3.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:21:26 GMT
ETag: "243b-5edf9418db980"
Accept-Ranges: bytes
Content-Length: 9275
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_cls.png | 97.107.133.178 | 200 OK | 293 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_cls.png IP97.107.133.178:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data Hash9eb68d2ce05c151bda542a7a6356e22c baeeefe4a7ac657c10a5f081841015de1bcf90dd 2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_cls.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:06:12 GMT
ETag: "125-5deb63cfa3d00"
Accept-Ranges: bytes
Content-Length: 293
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_min.png | 97.107.133.178 | 200 OK | 128 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_min.png IP97.107.133.178:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data Hash0bb86caf792dd7d24731c18cd37bb68e dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25 2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_min.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:06:13 GMT
ETag: "80-5deb63d097f40"
Accept-Ranges: bytes
Content-Length: 128
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/beep.mp3 | 97.107.133.178 | 206 Partial Content | 16 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/beep.mp3 IP97.107.133.178:0
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data Hashd6040c63cafad92b0c2933569de365c0 6e0782bf850c89a1211cc1ec2ab10373520c834c e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/beep.mp3 HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:34 GMT
ETag: "3e3c-5deb63ab66780"
Accept-Ranges: bytes
Content-Length: 15932
Content-Range: bytes 0-15931/15932
Content-Type: audio/mpeg
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/logo.png | 97.107.133.178 | 200 OK | 47 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/logo.png IP97.107.133.178:0
File typePNG image data, 200 x 53, 8-bit/color RGBA, non-interlaced\012- data Hash030039fab2b746ba4604138a69688750 4e6ee383dba86880f61bf90f475003185879337d 03af4bee2c3393ad45418df0152046bcc95acd68064a98296677e032afba4952
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/logo.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 07:33:26 GMT
ETag: "b5f3-5edf612297d80"
Accept-Ranges: bytes
Content-Length: 46579
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray1.png | 97.107.133.178 | 200 OK | 364 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray1.png IP97.107.133.178:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data Hashe144c3378090087c8ce129a30cb6cb4e 59da5466551de941d0215e45c54aa2ceaf436be1 b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray1.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:46 GMT
ETag: "16c-5deb63b6d8280"
Accept-Ranges: bytes
Content-Length: 364
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray2.png | 97.107.133.178 | 200 OK | 349 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray2.png IP97.107.133.178:0
File typePNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data Hash7454c652e0733d92de6c920c2d646ae0 34a5bd8c7401f95e346895b0e5ccffbf0e9ad638 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray2.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:47 GMT
ETag: "15d-5deb63b7cc4c0"
Accept-Ranges: bytes
Content-Length: 349
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/pc_green.png | 97.107.133.178 | 200 OK | 13 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/pc_green.png IP97.107.133.178:0
File typePNG image data, 120 x 97, 8-bit/color RGBA, non-interlaced\012- data Hashb3a43c72ed2264b9ad7283b4fcabc9d4 7f0bd4126bc9723cee50911fda908eb8ed85e8bf 3363faaf5f03a983bec735a8e0041c5c3f7b87c7855b80edc6cbfc597a527429
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/pc_green.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:17:04 GMT
ETag: "3399-5edf931efec00"
Accept-Ranges: bytes
Content-Length: 13209
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl2.png | 97.107.133.178 | 200 OK | 9.6 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl2.png IP97.107.133.178:0
File typePNG image data, 65 x 80, 8-bit/color RGBA, non-interlaced\012- data Hash7a71359c816c3ff8536126cf4ff49167 1ba9c5ac0bc69f0dc70f30e4f93ca988c2d73ed0 e1afc64bded5ccc18187539f64460b288cdd181aeca3e07e4a2b85dcf5f7ce86
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl2.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:25:27 GMT
ETag: "2590-5edf94feb17c0"
Accept-Ranges: bytes
Content-Length: 9616
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.png | 97.107.133.178 | 200 OK | 362 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.png IP97.107.133.178:0
File typePNG image data, 1350 x 586, 8-bit/color RGB, non-interlaced\012- data Size362 kB (362207 bytes) Hash1bbd5f2535757d9cd4cca02e0fda13d7 b668ba508f7b6c859b85848f3b372e4ca817737f 1551731f7cafce0a9b4246a6db5fdccdf56704d266e9ccd56676fb6570c4f8ad
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:35:14 GMT
ETag: "586df-5edf89c545c80"
Accept-Ranges: bytes
Content-Length: 362207
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray3.gif | 97.107.133.178 | 200 OK | 234 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray3.gif IP97.107.133.178:0
File typeGIF image data, version 89a, 16 x 16\012- data Hash9ce99ec458daf212f9812a90f3fadd13 9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1 b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray3.gif HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:51 GMT
ETag: "ea-5deb63bb9cdc0"
Accept-Ranges: bytes
Content-Length: 234
Content-Type: image/gif
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray2.gif | 97.107.133.178 | 200 OK | 377 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray2.gif IP97.107.133.178:0
File typeGIF image data, version 89a, 16 x 16\012- data Hashc10bdec858cb0cf9e6cc5865d5925746 697c095ed5509e5a5af0c5ebf2380662aeffc531 b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray2.gif HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:49 GMT
ETag: "179-5deb63b9b4940"
Accept-Ranges: bytes
Content-Length: 377
Content-Type: image/gif
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.webp | 97.107.133.178 | 200 OK | 284 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.webp IP97.107.133.178:0
File typeRIFF (little-endian) data, Web/P image\012- data Size284 kB (284510 bytes) Hash7e841327d779a5baf27449a093589f83 69880cb82514a97db24a68e33b1e6155dae35352 b564a4e17e9bbe274076e43282cc8ae2881b2788cfbc251c02c786d00623e9c2
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.webp HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:33:47 GMT
ETag: "4575e-5edf89724d8c0"
Accept-Ranges: bytes
Content-Length: 284510
Content-Type: image/webp
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cart.png | 97.107.133.178 | 200 OK | 1.6 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cart.png IP97.107.133.178:0
File typePNG image data, 97 x 48, 8-bit/color RGBA, non-interlaced\012- data Hashbe8947305fc8816f346c2e8f8a75c674 5d7f604bbe1ffb73e264a636b1113e5baf772e49 932a5b0d4ea874522bc8d529dcfbb9f37f840443e02d7a33415833a975d20bcc
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cart.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 07:35:10 GMT
ETag: "62c-5edf6185c6780"
Accept-Ranges: bytes
Content-Length: 1580
Content-Type: image/png
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/100icon.webp | 97.107.133.178 | 200 OK | 2.6 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/100icon.webp IP97.107.133.178:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashf498ff3f0c4999b89101beb12b8f4334 e5e5a62ad30841ca6b5ef7c7c497753061828810 39e36ab1506dc09f89dcdf80755deefc17a35b9e71263b32dc2c1828a14a6adb
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/100icon.webp HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:02:24 GMT
ETag: "a32-5edf826e88c00"
Accept-Ranges: bytes
Content-Length: 2610
Content-Type: image/webp
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/certifi.png | 97.107.133.178 | 200 OK | 3.9 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/certifi.png IP97.107.133.178:0
File typePNG image data, 228 x 42, 8-bit/color RGBA, non-interlaced\012- data Hash9022c3516aad47159731fd7e843a5897 ae03072621611dca2f191d1744508c48a80a0c69 bc512eadb571d6cd4a7c608703be5499db6cf50f8ad996d66e2128069f253a35
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/certifi.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:26:20 GMT
ETag: "f3d-5edf87c802b00"
Accept-Ranges: bytes
Content-Length: 3901
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/translate_24dp.png | 97.107.133.178 | 200 OK | 825 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/translate_24dp.png IP97.107.133.178:0
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Hash55ff382a8b09329e3230a1797eb8f5fd 026ae089006a674da7dcc9bf6b986c5d59e75478 1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/translate_24dp.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amr.uj1h.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 23:31:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:06:10 GMT
ETag: "339-5deb63cdbb880"
Accept-Ranges: bytes
Content-Length: 825
Content-Type: image/png
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9442f1d8864feb84a623305a281e4c56 45250ab44f89bf1a0f665da8b47da06dc1af2af0 2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 23:31:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.3 | 200 OK | 1.8 kB |
URL HTTP/2www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.3:0
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roadssign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 21:28:32 GMT
expires: Mon, 15 Jan 2024 21:28:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 7376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9442f1d8864feb84a623305a281e4c56 45250ab44f89bf1a0f665da8b47da06dc1af2af0 2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 23:31:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0172f92-edd9-4222-8c14-777b67125076.webp | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0172f92-edd9-4222-8c14-777b67125076.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc71e7d628235219b64c13a01d8771e48 5e1af9ebf7f5ad118fd8f8e907d099019003b87f d882cbd5ebb43ed87c0aabe6a0397759b4fa864382768659367096e61d47867d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0172f92-edd9-4222-8c14-777b67125076.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12007
x-amzn-requestid: 43187017-b1fd-405a-af28-5262c9b66270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbKtGJDoAMFeyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47244-0bf0ef184db00272503ce6e7;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BNtbfq7Z8eh66s7YPJL6hudFWUH4JBhX1EWOzPmKuEQI2SkoC1k1aw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:27 GMT
age: 5826
etag: "5e1af9ebf7f5ad118fd8f8e907d099019003b87f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| oni-trk.cj9l.in/ga/click/2-84199188-6949-17195-33659-34312-41309fe144-fa99ce2d08 | 188.114.96.1 | 302 Found | 0 B |
URL HTTP/2oni-trk.cj9l.in/ga/click/2-84199188-6949-17195-33659-34312-41309fe144-fa99ce2d08 IP188.114.96.1:0
GET /ga/click/2-84199188-6949-17195-33659-34312-41309fe144-fa99ce2d08 HTTP/1.1
Host: oni-trk.cj9l.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 15 Jan 2023 23:31:25 GMT
content-type: text/html; charset=utf-8
location: https://amr.uj1h.in/u9uA_LJ?35E_n6=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/gavin%40nicholsconsultancy.com&s3=&s4=
status: 302 Found
x-rack-cache: miss
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-request-id: 556a042e34bddb61cb0ee6efbc95402d
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.042057
expires: Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by: Phusion Passenger 6.0.4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FD%2FmBSv5B4GAXeDAgVmUHTeiQqeWJs57aTJ0Dv2w%2Bkhz7qJKFJqZin6Wy3nNYl9IhJPwytjY%2FLTBvMfDk5%2BUcZY2etsfRqJrao6Vd6ztFHBYH2Zzh%2Fqy%2F1SsqmxBGR31Ak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a2679f3d8ab505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| amr.uj1h.in/u9uA_LJ?35E_n6=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/gavin%40nicholsconsultancy.com&s3=&s4= | 188.114.97.1 | 200 OK | 0 B |
URL HTTP/2amr.uj1h.in/u9uA_LJ?35E_n6=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/gavin%40nicholsconsultancy.com&s3=&s4= IP188.114.97.1:0
GET /u9uA_LJ?35E_n6=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/gavin%40nicholsconsultancy.com&s3=&s4= HTTP/1.1
Host: amr.uj1h.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 15 Jan 2023 23:31:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsa4s23p%2Bvge39nsXBodYXf3i06dtgdRoMm1Us0bGC1HCLeKyKH7jKoHm3fVM%2Ft1v34p3DhNA46Zzp4WROsnC6QgM8jh3kZHGgEuGdGYCSfulfYPMrRpgK3TyFP90A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a267a2e8dfb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|