Report - dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click

Report Overview

Submitted URL
dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1}
IP
52.51.27.131
ASN
#16509 AMAZON-02
Submitted
2023-02-26 06:00:47
Access
Website Title
Final URL
Tags
fake_software fraud
urlquery detections
Fraud - Fake AntiVirus / Security software

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	77 kB	142.250.74.170
stormtrk.com	289095	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	750 B	703 B	104.26.5.120
cdn.stfilecamp.com	400667	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	41 kB	205.185.216.42
route.frest.pro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	766 B	172.67.211.109
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
cdnjs.claudflare.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	92 kB	206.189.196.86
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
dlnl.newrequireddefence.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	548 B	3.5 kB	52.51.27.131
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	493 B	5.1 kB	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
cdn-adef.akamaized.net	125719	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	435 kB	23.36.76.194
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.242.38
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	29 kB	142.250.74.142
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	570 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-26	medium	cdn.stfilecamp.com/stormtrk.js	Phishing
2023-02-26	medium	cdn.stfilecamp.com/fp.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-25	medium	claudflare.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499	3.1 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:44 Last Seen2024-02-28 17:41:57 Times Seen66 Hash 311a4a9bfb7699c36f9310aa8484b360 4b5773045e6d05c620cdaf3beb73e979f12185e2 bc6a799d0e1dcff39b50eb0848daca50bcad457fe4e7d55f5d04e9577cb91e8f Loading...

	cdn.stfilecamp.com/stormtrk.js	6.8 kB	2023-03-12	2024-03-03
Pretty URL cdn.stfilecamp.com/stormtrk.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:32:38 Last Seen2024-03-03 21:18:43 Times Seen307 Hash 39e5f8ad757fe438c784e8d883e47ab0 6b2905489485100c83605f43186c5843031e1f3b e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499	25 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:39 Last Seen2024-02-28 09:24:22 Times Seen19 Hash 7f1b8cc7b3f5bae928d07c8605d0c0d8 51b5a4a877f16d74b6ffc21caba71f976bf5b573 ea22c4c2f6384d1828eb9a62c4d4ecbab3f570d9e4003b9ff6df406ceab70ef9 Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499	769 B	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:39 Last Seen2024-02-28 09:24:22 Times Seen19 Hash a22a1a0161c2da8eab4d825d701e0d30 17a279b59fa2371f8661d5558662df7abdcf5442 4d7d84af0a913c75c83eda10419b18fd30ec7f481bf627fa89d8ff450df53580 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.RLnYC_Xfmug.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrFzCd3hXJFvGdEZnWn3bIJB3Fquw/m=el_main	214 kB	2023-03-14	2023-03-14
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.RLnYC_Xfmug.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrFzCd3hXJFvGdEZnWn3bIJB3Fquw/m=el_main IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:25:57 Last Seen2023-03-14 13:27:34 Times Seen1 Hash abf12f3a4500e2b5943fa5951caed1e2 222031a5c75300cf6dbc161d512989c71db6b666 b45627ac6d0181263d04b8b8d7aaaffa8a71b4798f669021ba1a5ca89dbc9344 Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499	2.2 kB	2023-03-08	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:27 Last Seen2024-02-28 09:24:22 Times Seen19 Hash f428fe6667efbbe5781d64826256609b a22fa069217b69eaf17ff01598c767d024276714 1f42bf468de596cc87ad4afc995cdd28f893b143ba096774404997fcacd9c5ef Loading...

	cdn.stfilecamp.com/multi_push.js?1672139499	1.1 kB	2023-03-07	2024-02-16
Pretty URL cdn.stfilecamp.com/multi_push.js?1672139499 IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-02-16 11:05:10 Times Seen152 Hash a50322f9d3f3fafe3fb02be02285e433 c0a894b3bfa545832c3ad1c2f145005d02e50ac4 cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99 Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499	1.6 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:41 Last Seen2024-02-28 17:41:57 Times Seen75 Hash aeb03440821eecd362780d1d1f8f4751 9a8590f4ade02e37499f5d41e1797170f6abf016 21bde0ff3710d3310fcdfd34a1beaa5aa12da96f55305c82e223e0f1a3feabae Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499	1.4 kB	2023-03-07	2024-04-06
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-06 19:00:00 Times Seen122 Hash ec54980cfed635492cef5628111560d2 a5dbc3628701447711d16decd4409070c9967714 b402b988b04cea3b1ba157a14aa973998a6f5cad4d079dfc81622d77c3ba7558 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-24
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-24 16:00:39 Times Seen14152 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 18:35:23 Times Seen37043456 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	81 kB	2023-03-14	2023-03-14
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:49:57 Last Seen2023-03-14 11:53:30 Times Seen1 Hash c0d4c3d0adfd29de6b41f8f66dd30fce fd28bc0b02320a1b8917a8850aa06087702d627e 25e8ca620c5641383447cd3499048c07dba68387220edbc3455d8d048718e45a Loading...

HTTP Transactions (70)

URL IP Response Size

dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1}

52.51.27.131

200 OK

3.0 kB

URL HTTP/1.1
dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1}
IP
52.51.27.131:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20195)
Size
3.0 kB (3030 bytes)
Hash
062b72e63092a192e86ade7893d9a27b
90c103f5dc28e47e4225712580325a28d18e93ef
eb2f00e32710b0b3e8724491f73d3cfde71f0a41cd612fdec514aa459c3d1c71

HTTP Headers

GET /c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1} HTTP/1.1
Host: dlnl.newrequireddefence.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 26 Feb 2023 06:00:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=63faf584000a3c58; Path=/; Expires=Thu, 27 Apr 2023 06:00:36 GMT
unique_id2=63faf584000a431c; Path=/; Expires=Sat, 27 May 2023 06:00:36 GMT
impression=; Path=/; Expires=Sun, 26 Feb 2023 06:00:36 GMT
63faf584000a431c_sl=[269163]; Path=/; Expires=Sun, 12 Mar 2023 06:00:36 GMT
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc3cacbc6c565bf2955b507302b8fb41
7b773e19aff1d4904cec328c456513e80f917ba4
b45c582b42efef5e8bd5744333a137f13e94a93cafbaace39b36cfa1eeb041bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B45C582B42EFEF5E8BD5744333A137F13E94A93CAFBAACE39B36CFA1EEB041BD"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8726
Expires: Sun, 26 Feb 2023 08:26:02 GMT
Date: Sun, 26 Feb 2023 06:00:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
666c7f3c3342b2fdca31a2355ee20bea
09bd5cbacba34412f5fff9d44f97e46c8c76d001
cb3a380fc71bc65dfde35069f0fc441400974afcf28c0fbb6fec8f41e16f70c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB3A380FC71BC65DFDE35069F0FC441400974AFCF28C0FBB6FEC8F41E16F70C8"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5946
Expires: Sun, 26 Feb 2023 07:39:42 GMT
Date: Sun, 26 Feb 2023 06:00:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
955732a866f4168dcaaa1dbcfb06e776
24161b6d53bbf84abc87c943f67daadd7fbcc9f4
ac3d306cc00fcafe5d6fadd5bc1c4398ca87dec499fd0e4ffe60d0e1c3535578

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC3D306CC00FCAFE5D6FADD5BC1C4398CA87DEC499FD0E4FFE60D0E1C3535578"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19921
Expires: Sun, 26 Feb 2023 11:32:37 GMT
Date: Sun, 26 Feb 2023 06:00:36 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Feb 2023 05:07:52 GMT
content-type: application/json
age: 3164
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: VjSQRsjUMY8UaKnQKlZFDSo6OrjQI/VWKNayLY7HtOV9mRuZKmtNT7ck8cSnLQvBehgauEze4Er6IbX/GEFlHg==
x-amz-request-id: YD4BHRBJRQBGCKZF
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Feb 2023 05:31:17 GMT
age: 1759
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 06:00:36 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499

23.36.76.194

200 OK

769 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
769 B (769 bytes)
Hash
a22a1a0161c2da8eab4d825d701e0d30
17a279b59fa2371f8661d5558662df7abdcf5442
4d7d84af0a913c75c83eda10419b18fd30ec7f481bf627fa89d8ff450df53580

HTTP Headers

GET /landings/269163/1672139499/js/main.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 5C0a3PdxgjpVDn+c74yPxxc1ZoAClrJlOQ8yVPzDbxOR0Ul0umL1ZZdRTn/Kguw72TtTOWMRHTI=
x-amz-request-id: W284DFSWT3SW3D3F
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "a22a1a0161c2da8eab4d825d701e0d30"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 769
Date: Sun, 26 Feb 2023 06:00:37 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499

23.36.76.194

200 OK

655 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
655 B (655 bytes)
Hash
64836db20736f1e7995b43489b4bf0ac
a0db33db05acb39dd01d9f19f5eed634682b0ead
d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/css/translate.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: lhcifVWg8gYIiT8Rf76hcHbyOlIRmimK37Wr1infQMoPoj6bMNhZ6VnvLBH9X+shV2QmB1jHe8A=
x-amz-request-id: X72MGA21V27PNWE5
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 655
Date: Sun, 26 Feb 2023 06:00:37 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499

23.36.76.194

200 OK

2.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
2.9 kB (2856 bytes)
Hash
9e6e17753fd08ccffdaab4bc97d7af50
f4a6f23df54e760b305134eb5587ccd0b0c6ad49
01f65c67d47ef19588c9c3e19fc6e2e123ff3f0e2f1cfdf9ad61a655efe23cf8

HTTP Headers

GET /landings/269163/1672139499/css/style.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qufEYPc9y6KgRXvEchyW55rLl82tjAJ8o+Go6G0b+8dVIbBU7W5Q7CnjX1kvR8/C09G/xxeh6iE=
x-amz-request-id: P1751PTDJH8W116R
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "790ea33cbfafd3311bd7083f70a179c6"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 26 Feb 2023 06:00:37 GMT
Content-Length: 2856
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499

23.36.76.194

200 OK

5.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (24988), with no line terminators
Size
5.1 kB (5095 bytes)
Hash
4f6795f72fdbcb15309fd2aaba55302d
d613bd45610ff3a3e0a581d360847f01de563368
787035c2e2a9154a7ab7805185cf09b73f252b86221c975244259db327db8193

HTTP Headers

GET /landings/269163/1672139499/js/interactive.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: T2tZi3dAK8MbPb1TaMbQuq/GIufj6jXkIdgKLktA0cspaP7b8n6VvPF5F4UzDIWV9ufwHM+nnTQ=
x-amz-request-id: W283XN0576Z26XH5
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "7f1b8cc7b3f5bae928d07c8605d0c0d8"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 26 Feb 2023 06:00:37 GMT
Content-Length: 5095
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499

23.36.76.194

200 OK

559 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
559 B (559 bytes)
Hash
7a2813dd2f72e952a133e5d6f13a808a
7472ee61fbd566913fd48f40f76e63edb9ea1faf
ea14a153c8c32aecd506eeb112e67542e62ea7e312dc77de3149df90c8a9336d

HTTP Headers

GET /landings/269163/1672139499/js/translete.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 5SgJ3pTlMQcjUbhEAF36n0L9CnXlMK0GFf7EItDRicOyjpMGy5pq8vIi2cdAm/xxszR3wY6grYI=
x-amz-request-id: J8MB8TRZ9B3KJ0GN
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "ec54980cfed635492cef5628111560d2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 26 Feb 2023 06:00:37 GMT
Content-Length: 559
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499

23.36.76.194

200 OK

826 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (1619), with no line terminators
Size
826 B (826 bytes)
Hash
80f159394b22e099038b584495222009
49a38d579533fb963f8f0f94687b40f65713b8dd
2d1575e9baafcb2f70a5d4ff82e829c3722535c3b9921c0d1baf5b54a384b109

HTTP Headers

GET /landings/269163/1672139499/js/js.cockie.min.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: +gaeW8JMiZ7bWIpZYTYZ5JqdkWRnOmeneDRWPNH5REt4VghQGGrGPgEdkbDPDVDdF8YPvFiTJWk=
x-amz-request-id: W28F5FV1MDABMMY7
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "aeb03440821eecd362780d1d1f8f4751"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 26 Feb 2023 06:00:37 GMT
Content-Length: 826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499

23.36.76.194

200 OK

1.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
1.1 kB (1073 bytes)
Hash
85e3bd021961fdac95655a71435375f5
9d03222c7a2acb3c790270e3f07bebc485759db2
bd6d5b382238afd5ee6299972b66f4e22521fe96487dfc620be38e1743d71887

HTTP Headers

GET /landings/269163/1672139499/js/site-protect.2.0.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2SJiDeh2mxH/X/uSnoXhgOLVIgX4QROvjXrd3Z92ZRDaYBHTq07FswU9qCbKOmmpipI28A+/SgA=
x-amz-request-id: P17AHXQX68W2MEFA
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "311a4a9bfb7699c36f9310aa8484b360"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 26 Feb 2023 06:00:37 GMT
Content-Length: 1073
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499

23.36.76.194

200 OK

728 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
728 B (728 bytes)
Hash
cf00d833782706194b8c8d7a10222c7e
eb5fcbf9e53b3e2882d671cea6a73210effff810
b1d0dec6c93c760e5890b5f36ce72d46f4d9be7650d8eda017ef0bb640080b05

HTTP Headers

GET /landings/269163/1672139499/js/second_back_multi.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: OwUXHrKbmKcspp75L+RoEPyTSjsEp0CnyBgTH42w3Udlt4rsSSq/Sbz2jqDtFJP4su36Srie0Gw=
x-amz-request-id: W2852RADPYP02GH6
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "f428fe6667efbbe5781d64826256609b"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 26 Feb 2023 06:00:37 GMT
Content-Length: 728
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Feb 2023 05:03:35 GMT
age: 3422
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b417a4465b796ee19347d510256357d2
960cbd3b6d671b9decc281801765604a21ffbdf8
818ffd930e15dd2c08f4abac70f594d826b9acb1016ef42238f7bb36bf718340

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "818FFD930E15DD2C08F4ABAC70F594D826B9ACB1016EF42238F7BB36BF718340"
Last-Modified: Sat, 25 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21536
Expires: Sun, 26 Feb 2023 11:59:33 GMT
Date: Sun, 26 Feb 2023 06:00:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85cbb48f071581b644dd200623699bd6
0c9d7c3ca38562a97a4a6af3fb96f68982027594
d83caa4c6791e3b475a8ae8c255b84dc0bf0a8d06b65e5e6195af4f66e47eb86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D83CAA4C6791E3B475A8AE8C255B84DC0BF0A8D06B65E5E6195AF4F66E47EB86"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10946
Expires: Sun, 26 Feb 2023 09:03:03 GMT
Date: Sun, 26 Feb 2023 06:00:37 GMT
Connection: keep-alive

cdn.stfilecamp.com/multi_push.js?1672139499

205.185.216.42

200 OK

1.1 kB

URL HTTP/2
cdn.stfilecamp.com/multi_push.js?1672139499
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
1.1 kB (1072 bytes)
Hash
a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /multi_push.js?1672139499 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 26 Feb 2023 06:00:37 GMT
cache-control: max-age=3600
content-length: 1072
content-type: text/javascript
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx00000000000000904cfbb-0063faf585-3048037b-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1677391237.dop016.sk1.t,1677391237.cds251.sk1.hn,1677391237.cds231.sk1.pr
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.242.38

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.242.38:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2tQSJBOLp/h+abb5b9SMIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9AkQMqF8YZ+LDnjVDrBvqkdBphw=

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499

206.189.196.86

200 OK

92 kB

URL HTTP/1.1
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499
IP
206.189.196.86:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (65447)
Size
92 kB (92013 bytes)
Hash
0dd85f14c26ab969e3821b1242e990dc
93fab83252b745e1c443d3e2f9aade1ac24f20ba
b6e8a194a1a400ed9f2ce3155e243ccd3a0740066a3d39bc06a7a56193290995

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Sun, 26 Feb 2023 06:00:37 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92013
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Sun, 26 Feb 2023 18:00:37 GMT

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png

23.36.76.194

200 OK

4.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 152 x 121, 8-bit/color RGB, non-interlaced\012- data
Size
4.9 kB (4856 bytes)
Hash
a0f86853c68b824dd5c15b0fae66fdfe
0c8ba75f1370ba3c10a309be4c1c96a5067c6098
f58fdb3b3ba6dc0943458179df29efb7201b84ff2edbf03d9ad5cb26c4e52917

HTTP Headers

GET /landings/269163/1672139499/images/icon2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: W0Ru4qPVZM3D18KZGoe8e3RZLeGsYCoB2vCK50lwDPLuy3rik6G8M9Q1TvD8F8i8zNH5KkkWiuw=
x-amz-request-id: BPCGDHFYZMS21DQA
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "a0f86853c68b824dd5c15b0fae66fdfe"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4856
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png

23.36.76.194

200 OK

5.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 139 x 130, 8-bit/color RGB, non-interlaced\012- data
Size
5.9 kB (5928 bytes)
Hash
fa6582524d715994e9d9036eca9b034b
06cce1b23faba93959df12a9eccaa3d6f51341ce
cf05a371ab1261c3e1f2785e26c95cc5869b37de15c9d48206e78a58894a0cdc

HTTP Headers

GET /landings/269163/1672139499/images/icon1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 5I1ie0D95MGvFfsw9aWPUCxMDZDidn3KREhJhNfdrHk8gkTJ0dW37/u1g++mIFbK8ZwG3aPjxZ4=
x-amz-request-id: BPCGG2NRKWJGE7Y6
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "fa6582524d715994e9d9036eca9b034b"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5928
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png

23.36.76.194

200 OK

1.5 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 23 x 20, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1545 bytes)
Hash
7f7b44979afb15dfdc18e7d754c6d0f5
7426889578a3a6f20f620611f7ea8d4dadaf3b87
cb2eff4a1cf5f187eda87e71d6039f24af63844617a7f890070b9afd5c965a33

HTTP Headers

GET /landings/269163/1672139499/images/info.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qhS84vMnfChWPTXjeIv7iv3BMydv2KBv5pNkNwKRCKMq6tUJIgtJlbeadrmosIAh09SP5dg9sTw=
x-amz-request-id: BPCHNV7GH91H7DWD
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7f7b44979afb15dfdc18e7d754c6d0f5"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1545
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png

23.36.76.194

200 OK

4.2 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4226 bytes)
Hash
2dd0fb3f8327cbd8ae041f7fdb1eb8bf
35cbcecbf827dbf814f249ff6f3124d671afd1a3
98035853429a64f9c5e3a1eb3dacd1592b1eda2f5ec5e54b02fe427e117f0f26

HTTP Headers

GET /landings/269163/1672139499/images/avira-logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: dGqdHI4PyAkktX2xFivuAphJBvovNsu8gZV2xORU0fmmFabNrTwOGXI2UquZIxTc8diinwc+Sd8=
x-amz-request-id: P17DK2K5ES0PCVRN
Last-Modified: Tue, 27 Dec 2022 11:11:40 GMT
ETag: "2dd0fb3f8327cbd8ae041f7fdb1eb8bf"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4226
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png

23.36.76.194

200 OK

293 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
293 B (293 bytes)
Hash
9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/win_cls.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Ti06l/C/pXBrKdEKY1xxLnUyU6skHEflbKPVytNXB8fOBlxP4WvQ3Qui3jrNsBQ2+1rZfzj31ss=
x-amz-request-id: BPCRVG49F3YQVZ1Q
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9eb68d2ce05c151bda542a7a6356e22c"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 293
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif

23.36.76.194

200 OK

69 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/ico_tray1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: /6o4ihTAzGUKNPIbCqLxiqVcUzJ0FrDarMNsYjDyifUanCuyAFw9rxXW5/1UM//dHYo1t6UOR7U=
x-amz-request-id: P17B956SYGQYW73A
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "3ae573d079dcd1d2da4086f2c0c72c45"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 69
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif

23.36.76.194

200 OK

377 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/ico_tray2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: pP/f5iHre0PLI+cWjFdc8VZmg3H4US47PtJOJsolMlJqqgkgdXI3yLv61OVAr1qp+OItQtjcPZs=
x-amz-request-id: 38ZXYY487KY1C1D0
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "c10bdec858cb0cf9e6cc5865d5925746"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 377
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png

23.36.76.194

200 OK

5.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 137 x 131, 8-bit/color RGB, non-interlaced\012- data
Size
5.9 kB (5904 bytes)
Hash
8a07f71c9d0642e8b94bd2b9687c768f
fb2f6f1a6a421101a4b10c315f340d0565709abf
e77edd6c132664f48fb66468de2e1b5068d61e9f04e03d6a51668b14d00af0ed

HTTP Headers

GET /landings/269163/1672139499/images/icon3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: nz4U36ZUhMHYLmfL1KhQDqlkZZvgD2IaGZljTbn3HCV36LrTpZOuzqfoKpLZzwZ68yQZ1ShUYhU=
x-amz-request-id: 38ZRY322MF5FMF00
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "8a07f71c9d0642e8b94bd2b9687c768f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5904
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png

23.36.76.194

200 OK

128 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
128 B (128 bytes)
Hash
0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/win_min.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: TOmzOy5y95ydZgXJJhL+Wm1Gv8wBUoLvTKCcIebxqx0oRfA0uSkLzNHoSndDulf9XVvOoEAZOlk=
x-amz-request-id: NCS92251ERNEHK02
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 128
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif

23.36.76.194

200 OK

234 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/ico_tray3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: FQUpoI2ZK0f9QQxm//NI4DOVXDf1mANQrICdpHtKKfv3PiWXWWi+qYwMHsS8eyPWQFxyTRathqQ=
x-amz-request-id: NCS4F6G2SS5C2Q96
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 234
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png

23.36.76.194

200 OK

59 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (59078 bytes)
Hash
15cac20be8d4fdd074e21a4a52604d2f
fd4c43583bec2c7bfae3cb9feb2699abbc50c578
d4ad291dfcf93d75db62260b5ba53ddda1f2a9c855a3019cf7ae52c3cd936739

HTTP Headers

GET /landings/269163/1672139499/images/avira-white.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: pDyJD5TJ+Qxe3AzlMKUviaBz58qUoWjmntXBizLjYFbBPOj6hLQ267IcBP7RLtKMJL+rkillhfA=
x-amz-request-id: P177JW2KQ90SBK03
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "15cac20be8d4fdd074e21a4a52604d2f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 59078
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg

23.36.76.194

200 OK

7.7 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Size
7.7 kB (7653 bytes)
Hash
04cafbd162493b66a25988eb1cb58d07
fc780a93ddbacd25467c56bfb6bd46e8bc94503e
7aeb8ef4156327a8bb0c98b0f6ecc8409ab462a64c61df589c7e2477bd761628

HTTP Headers

GET /landings/269163/1672139499/images/logo.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: erkjjnRb4j8t7awj4tT1iGaegO5GXqxkoekw23A6fpavNFr0c6iEWwx/kX0sJxya1zjClYdc4cI=
x-amz-request-id: XS4XJDFMFST8RZHE
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "04cafbd162493b66a25988eb1cb58d07"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7653
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png

23.36.76.194

200 OK

1.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 124 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1932 bytes)
Hash
32fded5a952e60a48a879e414c590f24
834e44460475c20ce9f4c801a4ccf53130749af3
d712d6bf38edf55c605c2a568ce2de1caae95d26b00c02c4f9a1eed6f370d76e

HTTP Headers

GET /landings/269163/1672139499/images/icons.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: SCCwr5Sic/SOFsy2tf4ylD+9VznB3M9OIQ7lU9yVHoBhYTH07oR5udNv5BupdnviEde0Em/hfN8=
x-amz-request-id: P17FS9ZG516JT4J3
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "32fded5a952e60a48a879e414c590f24"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1932
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png

23.36.76.194

200 OK

1.8 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.8 kB (1812 bytes)
Hash
7af58322b67083908a8519d74471f47d
256a9119feb235759cf98f211bc6398f58c4ee43
bfab83c5a6c9c62450668ba960527fc9b17ed316a52436f0f63fd1eedcd45a3d

HTTP Headers

GET /landings/269163/1672139499/images/menu4.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: rBQ5gY5gGP0yNi9l8wHQwAXrHn4JH/BmtajbyS2RxPEI3ORcA1JISjkrKhXvjIuTvTAKCzR30EA=
x-amz-request-id: 73BYRYTD8Z77JHVE
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7af58322b67083908a8519d74471f47d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1812
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png

23.36.76.194

200 OK

1.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1920 bytes)
Hash
b2b98941a9fe6bbcb6745989b3289b1e
5fb8fce5934af6d3426a37eb58b9846fa80ead39
d9efcb7b0f632cb3d2650c0c676b3c758f00c52f5d1cc5e7963dd456aaa03833

HTTP Headers

GET /landings/269163/1672139499/images/menu1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: oPkHa66YOuoPnk4E+bhZnSf+xKsyYVX5bSKiNce4AFd6EaJYoHNlh0RYgXy+dcpXFWiI4+Zj9Wg=
x-amz-request-id: P172HBHE22FE02NB
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "b2b98941a9fe6bbcb6745989b3289b1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1920
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png

23.36.76.194

200 OK

1.5 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1483 bytes)
Hash
860d945f4bba4b150b4c6300bdd87527
4c3f11a2902bf437bb578871f7e27625f0ae6504
bdca8ddc4aaf7200e8c215c5eedeae489626d9df23313578ac0cfe45854ea0c8

HTTP Headers

GET /landings/269163/1672139499/images/menu3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: mQcrMSno4SzfmSBuTwYUwFkgKyeE49fS683rgb/Upw787DVOOLUY6Plmds8XQoE59XNikEJMlzY=
x-amz-request-id: X72H7S1G9K2NQANW
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "860d945f4bba4b150b4c6300bdd87527"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1483
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png

23.36.76.194

200 OK

1.7 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1665 bytes)
Hash
bc32798c28d2145f979848809ba5f858
7bc0276cd56bf6463113a9c5d33ea9aacbdb5f51
7319ffc0fdb40740b07f1a286348fa0f29676127996481b6310f3dd7f322d4ee

HTTP Headers

GET /landings/269163/1672139499/images/menu2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: +uVGbsGU27Y1CvJCaiz8iem11ON7WGo2H+Z9yjI2CEiEtQLuMILy3uI/sY2vjZPpFbUTS61mFv4=
x-amz-request-id: P1766DSF0DCE8ZR9
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "bc32798c28d2145f979848809ba5f858"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1665
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png

23.36.76.194

200 OK

1.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 35 x 34, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1946 bytes)
Hash
1eab4e4fb7a147352b0027c0e4df1fe6
99e621180265541383f5c081cd6f7c77b7d21e0d
a66a5ce08b112086075a336e9f18d5cea683143b552a50641971ef00d3895207

HTTP Headers

GET /landings/269163/1672139499/images/check.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: EV+V7ssRDNm+XsgD++yR3rCCzuer8Lmfca4FYcu/c8tGlOzBIYUD7vFX22Tjyxwg88J+ciMZ3ok=
x-amz-request-id: X72QVEY9AYPJN5Y0
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "1eab4e4fb7a147352b0027c0e4df1fe6"
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1946
Server: AmazonS3
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png

23.36.76.194

200 OK

303 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 1440 x 700, 8-bit gray+alpha, non-interlaced\012- data
Size
303 kB (302963 bytes)
Hash
bc336a3a0c484d7c65299b9c4af45596
36cb2608b4fef19277220dab7e0cb0a623eee289
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b

HTTP Headers

GET /landings/269163/1672139499/images/globe-alpha.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
x-amz-id-2: TMdIsRGIpPb5q6SvAyHSvQiEpWMz+r1vxMtHubrCrN7EcOiqpH+kBd8Mt6bLTV1W5IDdP43DKqE=
x-amz-request-id: 73BWQPB35D32K7KT
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "bc336a3a0c484d7c65299b9c4af45596"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 302963
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.194

200 OK

4.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e00c6f8f222eed0add0e48dc26e5847
aefe756ca2598053b65bc3391869e3558ec1d5fc
2a489e57a2fa47e4747f2aa3fe356d3849c1ba44cf5b3255bd639f8e1ebae3d2

HTTP Headers

POST /s/gts1p5/K65h7ENLtOQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-adef.akamaized.net/beep.mp3

23.36.76.194

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/beep.mp3
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /beep.mp3 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

23.36.76.194

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: http://dlnl.newrequireddefence.site/
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sun, 26 Feb 2023 06:00:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c097c52b999b332336e4f3d86d3073d6
d5b56e700f47fa6f84f421b66c1ab3c487fa62dd
fe0efdfe994a6e3abb0c12e6a5c0d65f46ec5900f9abdb88c40f66d751ab06eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c097c52b999b332336e4f3d86d3073d6
d5b56e700f47fa6f84f421b66c1ab3c487fa62dd
fe0efdfe994a6e3abb0c12e6a5c0d65f46ec5900f9abdb88c40f66d751ab06eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.142

200 OK

28 kB

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
data
Size
28 kB (28424 bytes)
Hash
7aa0295939ad1186ce255681e6d67b26
f82b8a52cac0b63c76f823efc51c19842e72f7d6
626ee019e1d2891e267b55a3e455a56666ffd9b70981f2c6db09b4d0fb2c33ca

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 26 Feb 2023 06:00:38 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+261; expires=Tue, 25-Feb-2025 06:00:38 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.0rZG3fI8nBA.L.F4.O/d=0/rs=AN8SPfqjjvJx_x7Gi7b-Ll7QLaWsKl87tA/m=el_main_css

142.250.74.35

200 OK

4.3 kB

URL HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.0rZG3fI8nBA.L.F4.O/d=0/rs=AN8SPfqjjvJx_x7Gi7b-Ll7QLaWsKl87tA/m=el_main_css
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23413), with no line terminators
Size
4.3 kB (4259 bytes)
Hash
c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.0rZG3fI8nBA.L.F4.O/d=0/rs=AN8SPfqjjvJx_x7Gi7b-Ll7QLaWsKl87tA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 13:20:54 GMT
expires: Thu, 22 Feb 2024 13:20:54 GMT
cache-control: public, max-age=31536000
age: 319184
last-modified: Wed, 08 Feb 2023 02:19:28 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6dbbf8a99f14aa5c8b76354b0a8ea3e2
3435f4c413860589d0650ba43cc30b0056f9a3f7
069ba4e9cdcb97a7ce504c51018753af78e643f7c0c65f799faba8ed2daeac7a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.stfilecamp.com/stormtrk.js

205.185.216.42

200 OK

6.8 kB

URL HTTP/2
cdn.stfilecamp.com/stormtrk.js
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
6.8 kB (6807 bytes)
Hash
39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 26 Feb 2023 06:00:38 GMT
cache-control: max-age=3600
content-length: 6807
content-type: text/javascript
last-modified: Sat, 24 Dec 2022 08:48:24 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx00000000000000904d06c-0063faf586-3048037b-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1677391238.dop016.sk1.t,1677391238.cds251.sk1.hn,1677391238.cds014.sk1.pr
X-Firefox-Spdy: h2

route.frest.pro/is_redirect

172.67.211.109

200 OK

17 B

URL HTTP/2
route.frest.pro/is_redirect
IP
172.67.211.109:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text
Size
17 B (17 bytes)
Hash
6dec798efb56f56f33660938f6249ff6
e889219883cef38754dc1e5df7ca5277b3b314c8
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

HTTP Headers

POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 10
Origin: http://dlnl.newrequireddefence.site
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 26 Feb 2023 06:00:39 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGCdjMSJ3g9o8ihk0zTnyg9r2pPeESL5nE8uXmMB0zV3bLX1JvwRny9zFJTS2d6tKt7YMYRRdAD5zlIOEiQ2qJjPBWf3kkov2hoaLn1rniYEHiHJ%2F6Aj4FS1ed8HJT6tGE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79f676297b9ab509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3281
Expires: Sun, 26 Feb 2023 06:55:20 GMT
Date: Sun, 26 Feb 2023 06:00:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3281
Expires: Sun, 26 Feb 2023 06:55:20 GMT
Date: Sun, 26 Feb 2023 06:00:39 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6832ad0cb02cc3a3b8b396c543188bed
be89c17eb73e465ff69c67f30162d45fa8e2d8a4
4e327ab482594d6bdf040d2fd8f8fc9213aaf1014c1f74587a976981cc741aa2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f98177b-c275-4a6b-b962-9ab32af49803.png

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f98177b-c275-4a6b-b962-9ab32af49803.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12088 bytes)
Hash
fc698b1dd0ccb5bc3621d9d45ec217bb
48e953f7189e8b37a933f3fb6be24c67d308484b
130160ed336a6e4927417e094ec79639bbea7538313f780175f8a5b5e9095009

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f98177b-c275-4a6b-b962-9ab32af49803.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12088
x-amzn-requestid: 056c9afd-4245-4aef-8797-74ded6964bc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6k9sFMloAMFveQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa81f0-3aa24f1313f08f236ff37a15;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:47:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: JBdW8aVlVX4Jj7ZNVwqMBirmlG6bBfZyut_ITqLsPqK_l989XHBdsw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:56:41 GMT
age: 29038
etag: "48e953f7189e8b37a933f3fb6be24c67d308484b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8170 bytes)
Hash
32d08a3dc7c1e88313f487d74babdfe5
12f4693c36cb8980a5c740b735b7cf64542734e4
ae717a6760a0a6c179b950643eb3590c0ab5ec6cf159061246c6e8fc38a7ae89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: bd3ecc5c-1efc-4589-8789-48693fbfa6d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6i2sGKkIAMFXtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7e90-7acdeb5b05f8bcf726309125;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: OIer9IgcIIbMg6EdrYFpojiEtN5oxPBijKFbX4UzURWTKha09i8NcQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:53:01 GMT
age: 29258
etag: "12f4693c36cb8980a5c740b735b7cf64542734e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfc71e0-2817-4dc2-97e5-2c0ed7ae0032.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11087 bytes)
Hash
ff7856d6954a828d04f1730f9932960c
03828b0e9bcc0b87db81c669cee1330c5ebe1788
e7408c0d0029118dcb6a3806634b6cc421866490aaef95886a1591774f19de63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfc71e0-2817-4dc2-97e5-2c0ed7ae0032.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11087
x-amzn-requestid: 9b38187e-968c-4d94-8dfa-8e52f720c5f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A4jigFuBoAMFlJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f9b2dc-331cab00708c324f14158ec9;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 07:03:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: gr4R-ZSclXGe_Bx-w5s3LY3mAmkOjpryG8oDEjjXLes7TGJ7vcuNBA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 07:54:57 GMT
age: 79542
etag: "03828b0e9bcc0b87db81c669cee1330c5ebe1788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9093 bytes)
Hash
2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGDTF9U77Y1pmqtYk-yDa2GsiRraTcwCOBV-yAzDPT2PvS89NeCtZg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:35:01 GMT
age: 30338
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe77b1d0f-5804-4373-bf1f-1ccf30a63e90.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7152 bytes)
Hash
3b4f86705cff478531c4e8179f4e4212
7a046fad49c62f07ad0abee1f92b91485c99d6bd
ef38cf14533daa38b0e73a1d93efa25f5f1cefb15e2d52da57c7b1e2550e2272

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe77b1d0f-5804-4373-bf1f-1ccf30a63e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 36d9cbc5-f9c9-4a28-8cc0-40c154663617
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6jiaGm1IAMFq-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7fa8-17115e325a6d99513d7bebe8;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:37:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j7eZW0XvrzWfgNt3sAe4oVK_ojd-yrv2d5OKjuyf7gQRiDcQd8H5SQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 22:21:14 GMT
age: 27565
etag: "7a046fad49c62f07ad0abee1f92b91485c99d6bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4454c135-aa94-4606-877c-2c96f8e9b18c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5878 bytes)
Hash
33076a654df014f10e09f8f4935455cd
7bf89b0d90131bacd9b9d2a394f7cd27e52483e0
26a6f81a1fe4c569601f2ec3e58dba7eee98327de4cd55d95e4bc988693d693f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4454c135-aa94-4606-877c-2c96f8e9b18c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5878
x-amzn-requestid: 841ac153-4828-4dd2-ab63-2db09f2940dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6i0tGmLoAMFXSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7e84-4354f29c64392380174ee73f;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:32:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: h3m7SnH6z71WXNhU1wYOKS-s3-mZgLhOG7m3iHnYHmDjbdQhWJT3Dw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:51:23 GMT
age: 29356
etag: "7bf89b0d90131bacd9b9d2a394f7cd27e52483e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.RLnYC_Xfmug.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrFzCd3hXJFvGdEZnWn3bIJB3Fquw/m=el_main

142.250.74.170

200 OK

76 kB

URL HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.RLnYC_Xfmug.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrFzCd3hXJFvGdEZnWn3bIJB3Fquw/m=el_main
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1640)
Size
76 kB (75874 bytes)
Hash
89b5349539b3bd7289fc64152318d6dd
14cc1424ae49cdd70df54da8513753f2589bf76f
bca554be07200e3ef88663d67d8642cd610455998de3e19268cb7d3e8877ec86

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.RLnYC_Xfmug.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrFzCd3hXJFvGdEZnWn3bIJB3Fquw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75874
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 19:53:42 GMT
expires: Fri, 23 Feb 2024 19:53:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Feb 2023 22:14:37 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 209217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6832ad0cb02cc3a3b8b396c543188bed
be89c17eb73e465ff69c67f30162d45fa8e2d8a4
4e327ab482594d6bdf040d2fd8f8fc9213aaf1014c1f74587a976981cc741aa2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
195c21814e3486a11e61838a46969440
fbc001852731af63fedcaf0e48efafb2c6432ed4
70690664d049221a70e43efe8452489d84c68570d42459e971f68149b4080a40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90389
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:39 GMT
Etag: "63f9b39c-117"
Expires: Mon, 27 Feb 2023 07:07:08 GMT
Last-Modified: Sat, 25 Feb 2023 07:07:08 GMT
Server: nginx
Content-Length: 279

ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e00c6f8f222eed0add0e48dc26e5847
aefe756ca2598053b65bc3391869e3558ec1d5fc
2a489e57a2fa47e4747f2aa3fe356d3849c1ba44cf5b3255bd639f8e1ebae3d2

HTTP Headers

POST /s/gts1p5/K65h7ENLtOQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Feb 2023 06:00:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-adef.akamaized.net/

23.36.76.194

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Sun, 26 Feb 2023 06:00:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

23.36.76.194

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dlnl.newrequireddefence.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sun, 26 Feb 2023 06:00:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn.stfilecamp.com/fp.min.js

205.185.216.42

200 OK

32 kB

URL HTTP/2
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
Unicode text, UTF-8 text, with very long lines (31370)
Size
32 kB (31705 bytes)
Hash
198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
fortinet	Phishing

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 26 Feb 2023 06:00:40 GMT
cache-control: max-age=3600
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx00000000000000903aaed-0063faf588-30769e63-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1677391239.dop016.sk1.t,1677391239.cds251.sk1.hn,1677391240.cds237.sk1.pr
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/

23.36.76.194

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Sun, 26 Feb 2023 06:00:43 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

23.36.76.194

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
23.36.76.194:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dlnl.newrequireddefence.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sun, 26 Feb 2023 06:00:43 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fdlnl.newrequireddefence.site%2Fc%2Fa4510ff39c33bdb3%3Fclickid%3D%7Bclick_uuid%7D%26bid%3D%7Bbid_cpc%7D%26s1%3D%7Bs1%7D%26s3%3D%7Bs3%7D%26s4%3D%7Bsubscriber_age_days%7D%26s5%3D%7Bsubid_uuid%7D%26s6%3D%7Bzone_uid%7D%26s7%3D%7Bplatform_name%7D%26s8%3D%7Bcampaign_id%7D%26s9%3D%7Bclick_uuid%7D%26sub1%3D%7Bsub1%7D

104.26.5.120

200 OK

0 B

URL HTTP/2
stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fdlnl.newrequireddefence.site%2Fc%2Fa4510ff39c33bdb3%3Fclickid%3D%7Bclick_uuid%7D%26bid%3D%7Bbid_cpc%7D%26s1%3D%7Bs1%7D%26s3%3D%7Bs3%7D%26s4%3D%7Bsubscriber_age_days%7D%26s5%3D%7Bsubid_uuid%7D%26s6%3D%7Bzone_uid%7D%26s7%3D%7Bplatform_name%7D%26s8%3D%7Bcampaign_id%7D%26s9%3D%7Bclick_uuid%7D%26sub1%3D%7Bsub1%7D
IP
104.26.5.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/1.0/ping/pong?location=http%3A%2F%2Fdlnl.newrequireddefence.site%2Fc%2Fa4510ff39c33bdb3%3Fclickid%3D%7Bclick_uuid%7D%26bid%3D%7Bbid_cpc%7D%26s1%3D%7Bs1%7D%26s3%3D%7Bs3%7D%26s4%3D%7Bsubscriber_age_days%7D%26s5%3D%7Bsubid_uuid%7D%26s6%3D%7Bzone_uid%7D%26s7%3D%7Bplatform_name%7D%26s8%3D%7Bcampaign_id%7D%26s9%3D%7Bclick_uuid%7D%26sub1%3D%7Bsub1%7D HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dlnl.newrequireddefence.site
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 26 Feb 2023 06:00:39 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAj3Qu7WleoMQhjik7HhNcY4Oyu7Yu6qdsYPOs8DKOTQUaM4MQuSBia5T13D3sbotW97f2R%2BAaiI%2B4juQXWBX5xFLB%2Fg7WaPS5iIFZKMuVyxbnsV0fp%2BkUEiVDDY%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79f6762d7f36b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML