| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/mastercard.jpg | 104.21.33.27 | 200 OK | 105 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/mastercard.jpg IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 2400 x 1911, 8-bit/color RGBA, non-interlaced Size105 kB (105021 bytes) Hashd506ca4f2dbd5b4f5bfaf3d98bdc6d73 394267b310501329bd1b612e10eaefab571dae1f d8b0c64f17fef96d35ef346f05acb617ffb26a38ed5ae986965c33364b473d9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/mastercard.jpg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/jpeg
content-length: 105021
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "19a3d-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1axxYOFggg06B7PuVUHxGbHjWHbKNW8rIWF0Y2oPVCCADIIvvAth61Tjnyoz86t7EoAmSoyKvRLmR8KJXJgtWnLzxg36%2FyWga9K9Pdfrx5%2FN%2FHJZO5NyTZjuKCwQXPK1%2Bxy5jFR%2BI1X6eSf5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e9985695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/linkdin.png | 104.21.33.27 | 200 OK | 8.4 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/linkdin.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit colormap, non-interlaced Hash561c311316449326389b716eaeec2451 6c25819765f163f704b9125ab4ae3e1c27d03eb4 c8cef8389d9c9a8c2ff16afa6eb276268099aa921bdb36d2eefe2b33af50f50c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/linkdin.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 8403
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "20d3-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtdiEvOppYOI2LyfxRL83HOLZKgQjdZM9aNmCh3f7U8gXJXG6naMnrbptR7mnT9avujbyc2ZzleAKFShqhYiIEVnuhgCPqfYon%2FfIPZG9MgNRMQT1kqP3SCYKwD7yRZ60OGQiWDUwrDzflfdIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e99d5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/visa.png | 104.21.33.27 | 200 OK | 82 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/visa.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 4060 x 1648, 8-bit colormap, non-interlaced Hashfdabc70aa6ab121bfac7b48af833183e 62a8b0b9fc1bb346112fa530cf2213cdc9a24c0e 60fc37f80886700e21b2f04c04bf880087a5a69d87a530e33d11e4eaea5ac67c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/visa.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 82387
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: "141d3-615f10b785100"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TX3Z%2BpnyLl5TZYysO8liQsKnXy%2F1YijT9l%2FJLsTYUxHi4DCDicvLutLfuk1Bj1s5upyPfCWueyWXjJZBWGgQk%2B3yl8GaQVR1Uch8EmaEWDwaxUNhUN9ldyKxb0LMjDOYpvkfPxO%2FW7YQSOJE6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e9965695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/insta.png | 104.21.33.27 | 200 OK | 12 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/insta.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit colormap, non-interlaced Hashef61fced5f633cdb15e2a425d7349d7c 372f46526e0d64cf70ae2a204bc31530a1b135c5 7e56e7b4b4c6004151eb38ab7edac2e59c8b1dba84167972aea5c36f5ef7b4f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/insta.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 11517
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "2cfd-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pw7zx9hN3U05TGKi4Y85jUsMTVMfqCp%2FwVs7moK8wz1ETiXgZAt5qno5bqntdPs8Hj1tmjzmKt0h4IYpJKz5dpyqMrXUpqTtN8D72hj8c8ODTMufsNTxYLPb38%2BjPvmhKXarvQGT2MciP50bYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e99e5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/footer-logo.png | 104.21.33.27 | 200 OK | 5.1 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/footer-logo.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 251 x 72, 8-bit/color RGBA, non-interlaced Hash9eeb62d06658401be45d9ca5122cd00c 56970c3b579bf76f1ac41a4b5fa3f36abf81013e 07fb85ec6f21fa9861447a6dcd851e42ba67b4c51f771fb8a90c4a23a9b67a0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/footer-logo.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 5108
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "13f4-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3vtfdEFytjnbbT2frZjWz2wgNb5gj0ZoP7VU%2BwK6dnlmEPFmRSBOZZCRYNuyU%2Bc%2BYwYIvs97HWA2xBtMKYBkmxrVv2pjPLr90rt58RWh5pzELGTILA839ESOzjE1JypsqGW0yzyNRnGDFOezg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677f9a85695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/twi.png | 104.21.33.27 | 200 OK | 17 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/twi.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit/color RGBA, non-interlaced Hashba2a875bddda0b9951b5231a35937de5 974a2154867390225a17014df5b436375669af52 4bcc1e5b6bfb781478082f1cbc21589c5b5e6935cfb2ca855eddd245cfe9cd28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/twi.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 16616
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "40e8-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKy0OTkkzmFLvNrj0jxc7PvunD3jt%2BBq6eg7KrSwIW982KrJV7y5ZeoK0YZJHwx9Yr6dueKFYIbpTS31qzOexZnylt5Gc1WrRV1sBp57Pzbvws5tf7me6KVEtRNmRWdi7TYNGTsxAvZOPrbyiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677f9a35695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/ytb.png | 104.21.33.27 | 200 OK | 13 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/ytb.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1050 x 1050, 8-bit/color RGBA, non-interlaced Hasha9071c276e993eb3317486b0e2769b01 66a7abd4dbcb8e0deeb1fd0712e9325706c2f4fb 0342963ffb9a54079b741bfa9b72652710e7d6ccce3e8e8073261f5f0c200ec9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/ytb.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 13296
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: "33f0-615f10b785100"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtKfrq8sLT60%2FKf6So35IAvHxmijMbIZQDynfbnBpxkrw69wwH2wrxyE9ixGTyIrz20qw0vWBpZXQlRvOQbA%2BPDvjgEou9JDUivlLYbHm9iNQhRkGmGkM7S6SghT8s16DVQGszhJFA%2FRI%2FEXBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e9a05695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/amex.png | 104.21.33.27 | 200 OK | 36 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/amex.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 1600 x 1600, 8-bit/color RGBA, non-interlaced Hash07bc54fe610c57523760fccc8c13667f 04bcfa13942e2ea61b75862bd027148ae4d9fe2f 0b5a6e9ebd217ed4b2bf8fc8e9d350b2ae07989fe9834e57714dd6211abd65f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/amex.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 36313
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "8dd9-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1n%2FSO19jdcBb%2BY6WS56nckOcabWZ6zDWKjUTanfR%2Fl%2FWLDNnuqVgeIrKrPpfm50RkKrkGgXc49CQpjrXppxGqDjsJ1Ldm5Xie%2FliHevFcOEL4CrysfQ2JIwQ6Qq8Q7hX%2Fughx%2F%2BlJJhKoDLv9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e9995695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/maestro.png | 104.21.33.27 | 200 OK | 41 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/maestro.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 3840 x 2160, 8-bit colormap, non-interlaced Hash9e952831fd8afa91a0bed93050f989aa 0002afc8a1e47f2f11682b1ca9e77cf445a51046 255c01d6580e09159070c65d900876e6024f34ed23e8519e8c764414410147c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/maestro.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 40978
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "a012-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQcIzelQfxJ546NmW%2BtRMKS%2BruRPLbcmb%2B4HI1twaQHuFtX5lToL%2FkKCrBxT8la9t4v%2BUz6CsL5t07%2B5jCzy1M77FyBYa%2FALS2lGP4s9wla0K2%2FiBsxAKXITmauR97h3BpttyvL7xS7pA8Hanw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e99b5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background3.jpg | 104.21.33.27 | 200 OK | 195 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background3.jpg IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 832x1276, components 3 Size195 kB (195297 bytes) Hash369192f22489f8c36ee6abdde46e460b 8bca51619a7f94c590c97c6ff0032913efbcb38f 9b6e8117d1546091dcea2394ce697c509be3f11e6f6d7f54531bf73293fde953
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/brt-background3.jpg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/jpeg
content-length: 195297
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "2fae1-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9H9Yn%2BIj1swoFULzoXM0%2BC5Rh9CUKbRqb9FT5JUhltXqWfNstfAyd%2F0ySXwPgcOLqpKDbEHj3L603%2BfK7OIPSqzxJB1M1Ljn1xEJdS4FMJLtVrJ22suwyH5SwALnlWLr2XMMtDVQOX8A3qOetg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677d9895695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background2.jpg | 104.21.33.27 | 200 OK | 178 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt-background2.jpg IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 975x549, components 3 Size178 kB (178297 bytes) Hash723a28b213a67ec7b3695ab1b9b869f2 aefbd2db90b265991c300ba549609be72d40d2a6 9f71dde1e427a12a5f007cb81e87e816d4bd4492b6ef5f0049418d2019c8a4fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/brt-background2.jpg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/jpeg
content-length: 178297
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "2b879-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iGbwtHVAYejOicEnMJXswP%2FrhKmkcl0lg19PaBaOtvvlvuU8rDDv%2B2iypxdykZEYGOvw%2F3LhnRdEAynP%2B6tS8zWg4M8H2oaxCFqjECAlUgUMB44T6De7O8rvVPQ2%2FqA3qHyPCfsC49UXJ9EKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677d98b5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt.png | 104.21.33.27 | 200 OK | 346 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/brt.png IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typePNG image data, 7229 x 3545, 8-bit/color RGBA, non-interlaced Size346 kB (346310 bytes) Hash63eb193510a0caa72a0b3056669b4a3f 0029f4e7af86865aa1e78508c5b89bdda5ce0804 6b8bcb8f77668bec2cdf00ed339c7d544ae3ffe477f81a9db2ea8a35c83a9d3e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/brt.png HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/png
content-length: 346310
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: "548c6-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWP1njjmYgIOcspUu5iw%2FnU%2F%2BsyrWIdLUAz9Lp5JbFsT7V%2FpH%2F8fXv7%2BXJxr78KU0JJ6gTnFEwe3wX3y02i9OafXZ2nJgE7Aw6hfV5vHl0MhCu6few1XN4Wnu2fX7lQAx0Vc1qXQ0WZjVTQWCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677d98c5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/pc.css | 104.21.33.27 | 200 OK | 49 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/pc.css IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with no line terminators Hash5acf8767a51ffed25a256f9b511ed1a4 3d243c6fe7d2568882e90cf3262623216c26da0a 9e3a5819544f6124f865b54d95276278cc2a5de373db26261dd966b86c6d8d58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/pc.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"31-615f10b785100"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmTqEH7MPZYwplC1BYPOCfSaQA3KEshgdQaUqHBjI%2BmKH648LHmPDKg32BmF0byZjdZhCmyzh3Kjt328lkeZUanRej3RcyK0aQWnReCBUcjOiBd2yKJGa4GB4Ss5OMRIdV0riBd8BrEAwrfppQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677d9865695-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/juniaframework.js | 104.21.33.27 | 200 OK | 21 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/juniaframework.js IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeJavaScript source, ASCII text, with very long lines (20970), with CRLF line terminators Hashb8723de823c2f611edbad54f44db5a8e ea2a2642111f833d7f44f4ed5da134ea9458c45e 0ce34c540c10651e8e5991321111d8d1098121f68ae03c78d0ce9c6fa7a1dcfc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/javascript/juniaframework.js HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"5298-615f10b879340-gzip"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dYD%2FL0nvrzJp8JpDg5%2FRPCIKvp9hAssGdUe4mFvrwoGXPJrnctwh2KhGDoHM%2FuuhNDdcNTajqxi1JTtixK7sacX080JEhmsqOD1txb3ZgIWZZWRT5S4ERvzx9XlPC7aV7Hx8kMsFTCLb9US0VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d3677f9aa5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/script.js | 104.21.33.27 | 200 OK | 206 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/javascript/script.js IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with no line terminators Hash853b449bcbef82e716ef99895acbb3c6 c8b5c187fc5f97f9ec324da6eb10bd4dd006a2c1 d26bd2ccdd791476c2451efb08085f4a71d708c0b97427287301abe2528bb69d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/javascript/script.js HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"ce-615f10b879340-gzip"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98MmeA8nWlMw7G6tPoZX6oGuEtaFZmkuFrQfhgcdDacGQso1CqrtvDmXh3yL75KOFbQJFpuSWomqCiLqq3CWRv0YYJwNPGstshXJlMqjYw1U8w97A4xWON4knFLINvJ%2Fdfa3EAYMv1fiSvRIqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d3677f9ab5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/header.css | 104.21.33.27 | 200 OK | 797 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/header.css IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with very long lines (891), with no line terminators Hashb93b2da2101bb8b89fe5ad3d42d2fd14 d783705218f8d2508793d25ef03fcc761c96dd8e 4597831e5c003e685de5a5dc68b2edbdb4014f79d9938ef1d73396c03bd3b787
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/header.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"31d-615f10b785100-gzip"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyIf5NNGbcin2QFJhyZ3luNVA0GEq1D2ORWOv16oG0LY1%2FC8DMv2sVbcy4yeAe9T27OYOCKWUs2wcpZp3yty0AObGZCPemyuPND1kNwKw97TnbdBAQtsmT2nLiNlhNOYK9vtg6hJpVQ%2B3PuNWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d3677d9805695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/details.svg | 104.21.33.27 | 200 OK | 261 B |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/details.svg IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeSVG Scalable Vector Graphics image Hasha84a7e069a2a3ee5a7bc6f292e517f1a 7e85360ce83a9744c23df54c3002a1e7155bcdf0 a54708e20aa9d4f10189f4fcd0cdb65105810e111306479cd16a485efece0665
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/details.svg HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"105-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODkdpIMXbSbefL3rjGPATubQFTmifGB3kyQXYmowhfS%2FYocTBLt5gXgGZMZHalQtpSgF64xp44kJOrgGs%2BducVj2L%2FEY6BBwVtHY2P1AKww7uD%2Bd5fK2vBOq%2Br0XLGhxBLFPY%2FPRuHwKShPDEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3677e9925695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/favicon.ico | 104.21.33.27 | 200 OK | 1.2 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/images/favicon.ico IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash3de409186a3ce3a9320a9b9702adf3bc efc0f61498618a6ce899d3b395ff504753527f40 50fb9b0362d99bc8671991bcbb18493aeec3de00b6a771bda72a723d206ad119
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/images/favicon.ico HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:05 GMT
content-type: image/vnd.microsoft.icon
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:25 GMT
etag: W/"47e-615f10b879340"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:05 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrOBVWsTPdhQrSeMj3ZXKwJAPaTK%2B%2B9K%2B7ezQ4Ay%2F51pgjRGCB%2BQdOnUsgwIt3U5w5LYIi%2BYxOyeM50Jo0pSjGZ2xl8VQj77fLM1zS3yTsSjkhAq7Iqh1157%2FqjBth85bHI%2BIc8k1lEAeUGGEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d3680bb865695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/mobile.css | 104.21.33.27 | 200 OK | 1.7 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/mobile.css IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with very long lines (1911), with no line terminators Hashc3359538f8b6b1ddcff4bb371be1ecef 02d995bb2a81f2758ecd5f4e0da694fbebe672fe 36e492fd9ca1d4ed51d1f1babf60513ae38419d31586496286caecc84b2e680d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/mobile.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"6b9-615f10b785100-gzip"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cR%2Fox9n%2FPwSi%2FqRLcyTjrzLkQDAnEVVSsQXNuL92LRgGDjUX%2FU2F5QEN0RlAhepCmL5fmw8DyxAEF0eSaQepeQHvsaABmXEI9FmdgunEMx2A01j8%2By%2BGvr3R9ukbXjQc9G2mEmOe63%2Fsfyu6cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d3677d9845695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans | 0.0.0.0 | | 0 B |
URL GET db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans IP0.0.0.0:0
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans HTTP/1.1
Host: db.onlinewebfonts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/main.css | 104.21.33.27 | 200 OK | 4.3 kB |
URL GET HTTP/3raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/styles/main.css IP104.21.33.27:443
Requested byhttps://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
File typeASCII text, with very long lines (4748), with no line terminators Hash69b31784540162841336c78bc0d87936 5a36732bab33e687bad399e5903242e59e83457f 2f44cde5a80a9f69634223a1571fc64986ec6d4a4ae39472d87e3052f2aee9ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/styles/main.css HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 13 Apr 2024 02:21:24 GMT
etag: W/"10a2-615f10b785100-gzip"
cache-control: max-age=14400
expires: Fri, 19 Apr 2024 14:24:04 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34YsMowRb60vZ0i5XIOk%2F3VF5%2BWfXhg6%2BYWKyFr0A%2FdKl4YHYkHDw%2FoQYYyY40FaYrWNuhOD0vSt1DZjMup70%2FBslPNXZ3MEmZ%2FLmA6Y4BwfWm3w17esF%2BvoRCp12sj3h%2BrU768M9RIsKbHsWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d3677d9835695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php | 104.21.33.27 | 200 OK | 14 kB |
URL User Request GET HTTP/2raleighdurhamdrugrehab.com/it/sicurezza/cliente/brt/payment.php IP104.21.33.27:443
CertificateIssuerGoogle Trust Services LLC Subjectraleighdurhamdrugrehab.com Fingerprint41:A8:7E:A9:C8:85:24:4D:46:B4:67:AC:52:4A:AA:EF:F9:2B:5D:52 ValiditySun, 07 Apr 2024 06:15:18 GMT - Sat, 06 Jul 2024 06:15:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /it/sicurezza/cliente/brt/payment.php HTTP/1.1
Host: raleighdurhamdrugrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 13:24:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.16
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
expires: Fri, 19 Apr 2024 14:24:04 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6l9oki5KGP9ediTFqkBbi%2BibaT9rqwFB2KkvY7qs5aYQsdNeNz%2BHUvKGyOF4Ekvlln4EVbGsyUv20Bb1EP9SuiG5XK%2Bv4slckrRiB%2Bo7jBgEtEhdgLl4DEsj8a3Qlezqzh3UtpVTwKz7z1Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d3675de76b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|