vvb.totalhighleveldefence.site/c/0300c78642bedb97?clickId={clickId}&cost={cost}&s1={s1}&s3={clickId}&s4={feedId}&s5={zoneId}&s6={creativeId}&s7={campaignId}&aff_sub={aff_sub}&sub1={sub1}&sid1={sid1}&t={t}&ac={ac}&sa={feedId}-{zoneId}&sid3={sid3}&aff_sub2={aff_sub2}
52.51.27.131200 OK 3.1 kB URL HTTP/1.1 vvb.totalhighleveldefence.site/c/0300c78642bedb97?clickId={clickId}&cost={cost}&s1={s1}&s3={clickId}&s4={feedId}&s5={zoneId}&s6={creativeId}&s7={campaignId}&aff_sub={aff_sub}&sub1={sub1}&sid1={sid1}&t={t}&ac={ac}&sa={feedId}-{zoneId}&sid3={sid3}&aff_sub2={aff_sub2}
IP 52.51.27.131:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20345)
Hash d68520a8ff6d3eb6e42a2f447de9e6f6
dac041b2162d046cba5f9e538129759f94680320
3a71c99151568d9d2b927385db6bb9267163542519821b9813f28fbc1565041c
GET /c/0300c78642bedb97?clickId={clickId}&cost={cost}&s1={s1}&s3={clickId}&s4={feedId}&s5={zoneId}&s6={creativeId}&s7={campaignId}&aff_sub={aff_sub}&sub1={sub1}&sid1={sid1}&t={t}&ac={ac}&sa={feedId}-{zoneId}&sid3={sid3}&aff_sub2={aff_sub2} HTTP/1.1
Host: vvb.totalhighleveldefence.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jan 2023 23:00:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=63c3340c0001a8f7; Path=/; Expires=Wed, 15 Mar 2023 23:00:28 GMT
unique_id2=63c3340c0001b035; Path=/; Expires=Fri, 14 Apr 2023 23:00:28 GMT
impression=; Path=/; Expires=Sat, 14 Jan 2023 23:00:28 GMT
63c3340c0001b035_sl=[269163]; Path=/; Expires=Sat, 28 Jan 2023 23:00:28 GMT
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18812
Expires: Sun, 15 Jan 2023 04:14:01 GMT
Date: Sat, 14 Jan 2023 23:00:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3110
Expires: Sat, 14 Jan 2023 23:52:19 GMT
Date: Sat, 14 Jan 2023 23:00:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5433
Expires: Sun, 15 Jan 2023 00:31:02 GMT
Date: Sat, 14 Jan 2023 23:00:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 22:48:56 GMT
content-type: application/json
age: 693
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yFoBtoNr8lVvt8OMIp9So9TPNI1yMNWhZrSmGbp+uwNdA2Y6PhAQZ04r0LVmnxmx3ZJwiF+aJmk=
x-amz-request-id: 6RRYXY0XN23JAQ3A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 22:43:54 GMT
age: 995
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 23:00:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499
95.101.10.34200 OK 655 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 64836db20736f1e7995b43489b4bf0ac
a0db33db05acb39dd01d9f19f5eed634682b0ead
d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/css/translate.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: MnASxduGJcaBTwG80ooit8SvRKgqLj8fqb6wcS/1GwkPmyqOU3yGz916wuWwAhmQ6V4H/b0xI9s=
x-amz-request-id: 3M84M62K4M2SD8GZ
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 655
Date: Sat, 14 Jan 2023 23:00:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499
95.101.10.34200 OK 826 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1619), with no line terminators
Hash 80f159394b22e099038b584495222009
49a38d579533fb963f8f0f94687b40f65713b8dd
2d1575e9baafcb2f70a5d4ff82e829c3722535c3b9921c0d1baf5b54a384b109
GET /landings/269163/1672139499/js/js.cockie.min.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /RB+DZOTcK9GPoMYZMWA/P0wUWU0pa/eHZN5YGd6v1RADqC041+mxl2HyRuTacd5FmwFbfkssmY=
x-amz-request-id: SJE8PCB7EGBAEV89
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "aeb03440821eecd362780d1d1f8f4751"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 23:00:29 GMT
Content-Length: 826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499
95.101.10.34200 OK 5.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24988), with no line terminators
Hash 4f6795f72fdbcb15309fd2aaba55302d
d613bd45610ff3a3e0a581d360847f01de563368
787035c2e2a9154a7ab7805185cf09b73f252b86221c975244259db327db8193
GET /landings/269163/1672139499/js/interactive.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: AEVyW8DNBDNcPxnMT/2XmjQ9aA2V26puzAAVus4weuEK3DRYuGMANhPoRZ84dQDOT5AprH6QVno=
x-amz-request-id: SJEDVXKDKXPYHR1M
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "7f1b8cc7b3f5bae928d07c8605d0c0d8"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 23:00:29 GMT
Content-Length: 5095
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
95.101.10.34200 OK 2.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 9e6e17753fd08ccffdaab4bc97d7af50
f4a6f23df54e760b305134eb5587ccd0b0c6ad49
01f65c67d47ef19588c9c3e19fc6e2e123ff3f0e2f1cfdf9ad61a655efe23cf8
GET /landings/269163/1672139499/css/style.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FpyyGNodXA1qDSMbCZHyvlsm3P9iit9TKMJC0DNCAB0N7N0An9J3Zpob/s/ffCjcknxPRRdw8GY=
x-amz-request-id: WAGNRACP1VC18Z8X
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "790ea33cbfafd3311bd7083f70a179c6"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 23:00:29 GMT
Content-Length: 2856
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499
95.101.10.34200 OK 769 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash a22a1a0161c2da8eab4d825d701e0d30
17a279b59fa2371f8661d5558662df7abdcf5442
4d7d84af0a913c75c83eda10419b18fd30ec7f481bf627fa89d8ff450df53580
GET /landings/269163/1672139499/js/main.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: E7AwzcP636dkXXsmJ3Rjiy2o8u02kzqJ9FdjbvJPsTzeOMW8x9TRJh5OC0uSw8WGaXz4A318WTk=
x-amz-request-id: SJE7CWCHN240G8DM
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "a22a1a0161c2da8eab4d825d701e0d30"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 769
Date: Sat, 14 Jan 2023 23:00:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499
95.101.10.34200 OK 728 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash cf00d833782706194b8c8d7a10222c7e
eb5fcbf9e53b3e2882d671cea6a73210effff810
b1d0dec6c93c760e5890b5f36ce72d46f4d9be7650d8eda017ef0bb640080b05
GET /landings/269163/1672139499/js/second_back_multi.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dQFnmddX8B8FMu0yPRUjG16jbAT7E/LqzzDYylYLA2FWJP309Ti9LS4vj3Da3mZgf4ZAFFNlcEw=
x-amz-request-id: PQNMJQHKJ6MPN471
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "f428fe6667efbbe5781d64826256609b"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 23:00:29 GMT
Content-Length: 728
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499
95.101.10.34200 OK 559 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 7a2813dd2f72e952a133e5d6f13a808a
7472ee61fbd566913fd48f40f76e63edb9ea1faf
ea14a153c8c32aecd506eeb112e67542e62ea7e312dc77de3149df90c8a9336d
GET /landings/269163/1672139499/js/translete.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2ZHoemUf7unBzfvf/RsmhdIpCviotvmxTg3+c6UVSST5xE/NTzbxgiohGYd4+1VVlEmqyqQIfSQ=
x-amz-request-id: PQNYF2KQ3GVDTC6Q
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "ec54980cfed635492cef5628111560d2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 23:00:29 GMT
Content-Length: 559
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499
95.101.10.34200 OK 1.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 85e3bd021961fdac95655a71435375f5
9d03222c7a2acb3c790270e3f07bebc485759db2
bd6d5b382238afd5ee6299972b66f4e22521fe96487dfc620be38e1743d71887
GET /landings/269163/1672139499/js/site-protect.2.0.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: AeKq3ugHgVGk3LAPzvn1BKPhob9TvTKVtjbLDw6meoXm0rljwJu3g+zPnv+vHe7BVCLT2rUFoiE=
x-amz-request-id: PQNXZKM1V6GQS34Y
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "311a4a9bfb7699c36f9310aa8484b360"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 23:00:29 GMT
Content-Length: 1073
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 22:17:25 GMT
age: 2584
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1a72b54390ff79679a2d99b65733150e
a8e6c055a180166656d6250261563a85d80123ae
ae8b8ee357e2510708807ce81437144382713afef505e3b5611dd498456d224b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8B8EE357E2510708807CE81437144382713AFEF505E3B5611DD498456D224B"
Last-Modified: Sat, 14 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Sun, 15 Jan 2023 05:00:18 GMT
Date: Sat, 14 Jan 2023 23:00:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1572
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:00:29 GMT
Last-Modified: Sat, 14 Jan 2023 22:34:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499
192.241.132.237200 OK 90 kB URL HTTP/1.1 cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499
IP 192.241.132.237:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 7c14a783dfeb3d238ccd3edd840d82ee
ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 14 Jan 2023 23:00:29 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 89500
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Sun, 15 Jan 2023 11:00:29 GMT
push.services.mozilla.com/
34.213.53.184101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.53.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N/gKufLKztroBOoon+rUww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FzPRz+PrTVgSHAI6AIzIYagbpzU=
cdn.stfilecamp.com/multi_push.js?1672139499
205.185.216.42200 OK 1.1 kB URL HTTP/2 cdn.stfilecamp.com/multi_push.js?1672139499
IP 205.185.216.42:0
Hash a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /multi_push.js?1672139499 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:00:30 GMT
cache-control: max-age=3600
content-length: 1072
content-type: text/javascript
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx0000000000000030f332d-0063c3340e-2d9d3fca-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-sp-metadata: HS256.CJ6EjZ4GEocBCiRiMDg2ZDU0NC04ZTA1LTQ3NWMtOGM4NC1lZjFiMWY0ZTVmYTUQgMPq7NjG+wIaBgiN6IyeBiIMOTEuOTAuNDIuMTU0KOHLAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GikSJDRiZjkwYjE0LWFiZmItNDJjZC04OTVmLWI4M2E3ZWQyY2VlNRiwCCIaCAISFGNkczIzMS5zazEuaHdjZG4ubmV0GAk=.pgQMVfueuHxxGXJPlVS8ZUn5r1U/8RhVu6U3CvFny9Q=
x-hw: 1673737229.dop223.sk1.t,1673737229.cds239.sk1.hn,1673737230.cds231.sk1.pr
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif
95.101.10.34200 OK 234 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash 9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/ico_tray3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: HO9uDBJWbkRXbKPfFkeyJtn1fviYaUxOXjtAZAUFJhtAl01lOruQoOlWA1R0jBg8LJVPXQoH5Ko=
x-amz-request-id: YX5ZHMQ07YNYPRJH
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 234
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg
95.101.10.34200 OK 7.7 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Hash 04cafbd162493b66a25988eb1cb58d07
fc780a93ddbacd25467c56bfb6bd46e8bc94503e
7aeb8ef4156327a8bb0c98b0f6ecc8409ab462a64c61df589c7e2477bd761628
GET /landings/269163/1672139499/images/logo.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gcs5V26pq8WI+ScSj3J0xZMpE3Msp/2z478iOARsVl/02XQ+WM5GWdLWsfQ9ER8RDLEpSUdQjnA=
x-amz-request-id: D74Y0T03VTDTAC1Q
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "04cafbd162493b66a25988eb1cb58d07"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7653
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png
95.101.10.34200 OK 59 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Hash 15cac20be8d4fdd074e21a4a52604d2f
fd4c43583bec2c7bfae3cb9feb2699abbc50c578
d4ad291dfcf93d75db62260b5ba53ddda1f2a9c855a3019cf7ae52c3cd936739
GET /landings/269163/1672139499/images/avira-white.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: eiyDLYS0OJYdcqpRZAjVOHhd2rQSXzga5olaWVx7uUJ2nORmKgVJ+UbYlqexNKtdzpwKhUs4wLM=
x-amz-request-id: WPD4F2JE76EAHSB7
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "15cac20be8d4fdd074e21a4a52604d2f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 59078
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png
95.101.10.34200 OK 1.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash b2b98941a9fe6bbcb6745989b3289b1e
5fb8fce5934af6d3426a37eb58b9846fa80ead39
d9efcb7b0f632cb3d2650c0c676b3c758f00c52f5d1cc5e7963dd456aaa03833
GET /landings/269163/1672139499/images/menu1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NXSyckf/+P8VIGe5lFA8+oruhev6CDUfHMTHYw0FQi/V4f+ueay2w1febcgkabX3K79BtduiGss=
x-amz-request-id: D74Q0VDD0RPFC5RF
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "b2b98941a9fe6bbcb6745989b3289b1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1920
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png
95.101.10.34200 OK 1.5 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash 860d945f4bba4b150b4c6300bdd87527
4c3f11a2902bf437bb578871f7e27625f0ae6504
bdca8ddc4aaf7200e8c215c5eedeae489626d9df23313578ac0cfe45854ea0c8
GET /landings/269163/1672139499/images/menu3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2N57kO72JqvaUX+Fm7tB7csQhInkuuPa+9AirTsi/w/6AyELjmp640c4Lj4qdK0WRgQx10Au7SQ=
x-amz-request-id: XKBJF4JF13K4CDBM
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "860d945f4bba4b150b4c6300bdd87527"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1483
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png
95.101.10.34200 OK 1.8 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash 7af58322b67083908a8519d74471f47d
256a9119feb235759cf98f211bc6398f58c4ee43
bfab83c5a6c9c62450668ba960527fc9b17ed316a52436f0f63fd1eedcd45a3d
GET /landings/269163/1672139499/images/menu4.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: E5fHTFrS3Vf/lGVGPTVDcad6kUNpmJCMavQg4a+UZOP51FeWuzgbdp6lOagB52xnwUfcS2g296I=
x-amz-request-id: 2T5NBRF1ZN7EGR8Y
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7af58322b67083908a8519d74471f47d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1812
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png
95.101.10.34200 OK 1.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 124 x 22, 8-bit/color RGB, non-interlaced\012- data
Hash 32fded5a952e60a48a879e414c590f24
834e44460475c20ce9f4c801a4ccf53130749af3
d712d6bf38edf55c605c2a568ce2de1caae95d26b00c02c4f9a1eed6f370d76e
GET /landings/269163/1672139499/images/icons.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: krsDJnCm+JYBsRuXR8I47/9bn1JxHtgpeqCoQvbheXMgSrOe+BVe20tLqawZrORrF2LrhCgrZug=
x-amz-request-id: D74N52WQNHDQ9ZSS
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "32fded5a952e60a48a879e414c590f24"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1932
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png
95.101.10.34200 OK 1.7 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash bc32798c28d2145f979848809ba5f858
7bc0276cd56bf6463113a9c5d33ea9aacbdb5f51
7319ffc0fdb40740b07f1a286348fa0f29676127996481b6310f3dd7f322d4ee
GET /landings/269163/1672139499/images/menu2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: H5xsZBlHHhwKi1thgatpUrVXMBu+8ab58h8XNslvw7UGIv03/W6SGMZ2vqbg6PDrrbNB0bgB7cE=
x-amz-request-id: XKBQJ8E004CMMHFV
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "bc32798c28d2145f979848809ba5f858"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1665
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png
95.101.10.34200 OK 1.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 35 x 34, 8-bit/color RGB, non-interlaced\012- data
Hash 1eab4e4fb7a147352b0027c0e4df1fe6
99e621180265541383f5c081cd6f7c77b7d21e0d
a66a5ce08b112086075a336e9f18d5cea683143b552a50641971ef00d3895207
GET /landings/269163/1672139499/images/check.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: cyktyUplJUoO9PsZEonEIcgXItAl9hoJGL5LAVT5xeLxQMquT8uecSzYtPCOd87QWvVOEDj1kjA=
x-amz-request-id: YX5N7ABGRW6QG8E7
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "1eab4e4fb7a147352b0027c0e4df1fe6"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1946
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png
95.101.10.34200 OK 4.2 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash 2dd0fb3f8327cbd8ae041f7fdb1eb8bf
35cbcecbf827dbf814f249ff6f3124d671afd1a3
98035853429a64f9c5e3a1eb3dacd1592b1eda2f5ec5e54b02fe427e117f0f26
GET /landings/269163/1672139499/images/avira-logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: e+eVZl4lOVjqg6fcuB/Lsg/jTVOmNSArwO+rpKmlfKSJHvlCIEJUCOALKfuQ3X2mIaIRdfUFIzQ=
x-amz-request-id: 795M51344RS6P2HJ
Last-Modified: Tue, 27 Dec 2022 11:11:40 GMT
ETag: "2dd0fb3f8327cbd8ae041f7fdb1eb8bf"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4226
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png
95.101.10.34200 OK 1.5 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 23 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash 7f7b44979afb15dfdc18e7d754c6d0f5
7426889578a3a6f20f620611f7ea8d4dadaf3b87
cb2eff4a1cf5f187eda87e71d6039f24af63844617a7f890070b9afd5c965a33
GET /landings/269163/1672139499/images/info.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6DhtEJGAN4DoO3fWh4+92RfhG8GsjScyzHpCTrmoZqSoetK+9tJC/6wA2vRv7V86+xAXVXkgh6w=
x-amz-request-id: 7N3P5R3ZBHHM64P8
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7f7b44979afb15dfdc18e7d754c6d0f5"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1545
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/cross.gif
95.101.10.34200 OK 211 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/cross.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 29 x 29\012- data
Hash 45b0c8a1e52d91e8cf84eaf75ebca9a9
0e358b8571f9062dedfacd0c31d54179270153cd
4e635bdab7a300d0ccb5aac26b4610a07ee1b33643578c1a4308e677d7eb595d
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/cross.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xiCrXFTNWfID6P8ZTRyWX2l3LnFk42A86Tc3TG77/i3Iy9hvL5wdbTgwdl7qF12zEWQQtWwVUIo=
x-amz-request-id: SPDKG2HYRC1T2JRD
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "45b0c8a1e52d91e8cf84eaf75ebca9a9"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 211
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png
95.101.10.34200 OK 4.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 152 x 121, 8-bit/color RGB, non-interlaced\012- data
Hash a0f86853c68b824dd5c15b0fae66fdfe
0c8ba75f1370ba3c10a309be4c1c96a5067c6098
f58fdb3b3ba6dc0943458179df29efb7201b84ff2edbf03d9ad5cb26c4e52917
GET /landings/269163/1672139499/images/icon2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +odWxgHKwn8gUcH+3BM7RmqSh7pcDQpJgapxy3ECHCyIhHgZnPT2FBoD4td0RDs/tOArDYLMzKQ=
x-amz-request-id: YX5K4P1T3VSM9YZR
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "a0f86853c68b824dd5c15b0fae66fdfe"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4856
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png
95.101.10.34200 OK 128 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/win_min.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6QqulANwD3dPnvomOyI7Qco5ExIkGiiAvjBTX+xW6+DtqEnmyAeFLFq5OhCAc1eo3jXItaYQOCg=
x-amz-request-id: 2T5HZ4J0M2079D3T
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 128
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png
95.101.10.34200 OK 5.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 139 x 130, 8-bit/color RGB, non-interlaced\012- data
Hash fa6582524d715994e9d9036eca9b034b
06cce1b23faba93959df12a9eccaa3d6f51341ce
cf05a371ab1261c3e1f2785e26c95cc5869b37de15c9d48206e78a58894a0cdc
GET /landings/269163/1672139499/images/icon1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: MKxP6g7F4W55VJyDflmvev3fwdeHePa6u9zZFHgGEva+KG0TPcC0ADwJ+ZDiUrUyYNFUQKtesOc=
x-amz-request-id: 7N3V0H5CQ8N3WXYG
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "fa6582524d715994e9d9036eca9b034b"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5928
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png
95.101.10.34200 OK 5.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 137 x 131, 8-bit/color RGB, non-interlaced\012- data
Hash 8a07f71c9d0642e8b94bd2b9687c768f
fb2f6f1a6a421101a4b10c315f340d0565709abf
e77edd6c132664f48fb66468de2e1b5068d61e9f04e03d6a51668b14d00af0ed
GET /landings/269163/1672139499/images/icon3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RaBDEG9v754DmqOkL9kaRwTgqCE5Y4fdDb0u+yF2adcykGCsqZuvsDIwWyTsxGTv7UsYKJILh1I=
x-amz-request-id: 795W0CNQNXZ9XHZ9
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "8a07f71c9d0642e8b94bd2b9687c768f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5904
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif
95.101.10.34200 OK 69 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash 3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/ico_tray1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: EXFXbwut14IYlzB3L07w6SqzSpLP97Zy8A7XIHoMy0/dshvOUnrxHGQ0cs8iUOiTWjrfyipTk1w=
x-amz-request-id: YX5VP6TXEQ4ANAC5
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "3ae573d079dcd1d2da4086f2c0c72c45"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 69
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png
95.101.10.34200 OK 293 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/win_cls.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dPM2HkUmbGEhuGmYk8yrT5p9DADuJb+dNkwwRk3SsDXYgTHLWvW/Ie9e50M4VoYDoLGSrA70JxM=
x-amz-request-id: 5WFFZXFXKZFP8MKE
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9eb68d2ce05c151bda542a7a6356e22c"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 293
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif
95.101.10.34200 OK 377 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/ico_tray2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 8kYa3m5UIhAo1ruNttK1h/OaTBtY72XPbEUYoPyVeHytFhBAiUu5xckYzHNqshDC1CSu01pPC7A=
x-amz-request-id: GY8G5A41HBSMXDEV
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "c10bdec858cb0cf9e6cc5865d5925746"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 377
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png
95.101.10.34200 OK 303 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1440 x 700, 8-bit gray+alpha, non-interlaced\012- data
Size 303 kB (302963 bytes)
Hash bc336a3a0c484d7c65299b9c4af45596
36cb2608b4fef19277220dab7e0cb0a623eee289
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b
GET /landings/269163/1672139499/images/globe-alpha.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: L4BcaUbSZUve+8jx9fPGcwSCuKIwpk7Dn5qJlm9MtBIDAlugn4xX3UEtBit5qEQvkPjvi0EKKCrwH41S/qnzrw==
x-amz-request-id: YX5RWEK510JS204B
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "bc336a3a0c484d7c65299b9c4af45596"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 302963
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/images/favicon.ico
95.101.10.34200 OK 4.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/images/favicon.ico
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: IjvSRVcJlrA8KRtuHCIvySb7T9M4setamspkp4J4t5oLIH6qyzaHxu8PdVPZHXMCPnB1SRcSZOs=
x-amz-request-id: 9B7689322D7626CA
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:00:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.stfilecamp.com/stormtrk.js
205.185.216.42200 OK 6.8 kB URL HTTP/2 cdn.stfilecamp.com/stormtrk.js
IP 205.185.216.42:0
Hash 39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a
Analyzer Verdict Alert fortinet Phishing
GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:00:30 GMT
cache-control: max-age=974
content-length: 6807
content-type: text/javascript
last-modified: Sat, 24 Dec 2022 08:48:24 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx00000000000001e0470ff-0063c329cc-2bd116bf-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-sp-metadata: HS256.CJ6EjZ4GEocBCiQ3NWI2NjJhMC0zMzYyLTQ1MWYtODFkZi1iOTVhM2FlODhkYTEQgMPq7NjG+wIaBgiO6IyeBiIMOTEuOTAuNDIuMTU0KOHLAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkMDhhMzEwYjUtMDQzMi00Nzc0LWIxNGMtNzU1OWE0ZTkyN2Q4GJc1IhgIAhIUY2RzMDE0LnNrMS5od2Nkbi5uZXQ=.eZd2c5xoLv/W7Y+ZiiLqa9Q+31tUTi3xxOdqEAMz4mU=
x-hw: 1673737230.dop223.sk1.t,1673737230.cds239.sk1.hn,1673737230.cds014.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:00:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.110200 OK 27 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.110:0
Hash 3ed195ad4382fb94efeac3873faa008c
6a196cd98f3145840ccca0373656d5d9d533a7b1
ed4067e7894d8689cddac37611e4fc4596c5e2b3aed94725966a1930254ca929
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 23:00:30 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+941; expires=Mon, 13-Jan-2025 23:00:30 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.10200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.10:0
File type ASCII text, with very long lines (22967)
Hash f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 22:37:32 GMT
expires: Sat, 14 Jan 2023 23:37:32 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
age: 1378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:00:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-adef.akamaized.net/beep.mp3
95.101.10.34302 Moved Temporarily 0 B URL HTTP/1.1 cdn-adef.akamaized.net/beep.mp3
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /beep.mp3 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/404
95.101.10.34404 Not Found 134 B URL HTTP/1.1 cdn-adef.akamaized.net/404
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: http://vvb.totalhighleveldefence.site/
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sat, 14 Jan 2023 23:00:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:00:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 17:00:53 GMT
expires: Sun, 14 Jan 2024 17:00:53 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 21578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:00:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fvvb.totalhighleveldefence.site%2Fc%2F0300c78642bedb97%3FclickId%3D%7BclickId%7D%26cost%3D%7Bcost%7D%26s1%3D%7Bs1%7D%26s3%3D%7BclickId%7D%26s4%3D%7BfeedId%7D%26s5%3D%7BzoneId%7D%26s6%3D%7BcreativeId%7D%26s7%3D%7BcampaignId%7D%26aff_sub%3D%7Baff_sub%7D%26sub1%3D%7Bsub1%7D%26sid1%3D%7Bsid1%7D%26t%3D%7Bt%7D%26ac%3D%7Bac%7D%26sa%3D%7BfeedId%7D-%7BzoneId%7D%26sid3%3D%7Bsid3%7D%26aff_sub2%3D%7Baff_sub2%7D
104.26.5.120200 OK 2.2 kB URL HTTP/2 stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fvvb.totalhighleveldefence.site%2Fc%2F0300c78642bedb97%3FclickId%3D%7BclickId%7D%26cost%3D%7Bcost%7D%26s1%3D%7Bs1%7D%26s3%3D%7BclickId%7D%26s4%3D%7BfeedId%7D%26s5%3D%7BzoneId%7D%26s6%3D%7BcreativeId%7D%26s7%3D%7BcampaignId%7D%26aff_sub%3D%7Baff_sub%7D%26sub1%3D%7Bsub1%7D%26sid1%3D%7Bsid1%7D%26t%3D%7Bt%7D%26ac%3D%7Bac%7D%26sa%3D%7BfeedId%7D-%7BzoneId%7D%26sid3%3D%7Bsid3%7D%26aff_sub2%3D%7Baff_sub2%7D
IP 104.26.5.120:0
File type JSON data\012- , ASCII text, with very long lines (485)
Hash 6480505bb8fa2978b3040213c69f7ccc
f1cc70f2ee6b5984fad7730127fc9e0e2aad9670
45d61ef88f970d60821f5e1011dcd9a462353d1a28b43ef4cbd22cd61ec81eda
GET /api/1.0/ping/pong?location=http%3A%2F%2Fvvb.totalhighleveldefence.site%2Fc%2F0300c78642bedb97%3FclickId%3D%7BclickId%7D%26cost%3D%7Bcost%7D%26s1%3D%7Bs1%7D%26s3%3D%7BclickId%7D%26s4%3D%7BfeedId%7D%26s5%3D%7BzoneId%7D%26s6%3D%7BcreativeId%7D%26s7%3D%7BcampaignId%7D%26aff_sub%3D%7Baff_sub%7D%26sub1%3D%7Bsub1%7D%26sid1%3D%7Bsid1%7D%26t%3D%7Bt%7D%26ac%3D%7Bac%7D%26sa%3D%7BfeedId%7D-%7BzoneId%7D%26sid3%3D%7Bsid3%7D%26aff_sub2%3D%7Baff_sub2%7D HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://vvb.totalhighleveldefence.site
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:00:30 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pbYQqtODZRVPS%2BqzP5rK%2FULnC30PBQ4i6j8GvzeT79Gq2RuebPINEasxH%2F9RuNopqWfaznOkqoqLlmt9b3H6cuV%2BlLqJS6Q2h95KYtlrADdygRN6L58IFB0N1JBYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7899fcfadb49b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.stfilecamp.com/fp.min.js
205.185.216.42200 OK 32 kB URL HTTP/2 cdn.stfilecamp.com/fp.min.js
IP 205.185.216.42:0
File type Unicode text, UTF-8 text, with very long lines (31370)
Hash 198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
fortinet Phishing
GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:00:31 GMT
cache-control: max-age=1946
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000000000000002e8fa84-0063c32d99-2d8da7eb-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-sp-metadata: HS256.CJ+EjZ4GEocBCiQxNWE4NzgwZC1kNzY0LTQ2N2ItOGFlMC1kNDljY2E5MThlZTcQgMPq7NjG+wIaBgiP6IyeBiIMOTEuOTAuNDIuMTU0KOHLAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkYjRjY2Y4YzItZTZlNS00MDZkLTgxMTUtYmI5NzQwYTE1M2QxGNn3ASIYCAISFGNkczIzNy5zazEuaHdjZG4ubmV0.B1ydJksVJnr5+Cg49PFLSTx206dd/JrClRlaFvGIZLw=
x-hw: 1673737231.dop223.sk1.t,1673737231.cds239.sk1.hn,1673737231.cds237.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:00:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6611
Expires: Sun, 15 Jan 2023 00:50:42 GMT
Date: Sat, 14 Jan 2023 23:00:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6611
Expires: Sun, 15 Jan 2023 00:50:42 GMT
Date: Sat, 14 Jan 2023 23:00:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6611
Expires: Sun, 15 Jan 2023 00:50:42 GMT
Date: Sat, 14 Jan 2023 23:00:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6611
Expires: Sun, 15 Jan 2023 00:50:42 GMT
Date: Sat, 14 Jan 2023 23:00:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4e46b934e0fe8ce439f5900f72ca8c8
d225e7cadd7cb400e39f9cef903249c77b34ec1c
19dfdcbad9e017e133cbbbf3aa6189815d914a3e189ab89730c09c211339cba2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed8393c5-4540-4060-a0b5-fbfed12b654c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4594
x-amzn-requestid: e234a2c4-83b0-4ff6-817c-b35a0c748266
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etpRiHPiIAMF7bA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c22270-5e7f22a758ee77e034987dbb;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hGqDibdgHNG6D1g-Vw_PeHScGFFfpZTo9JfuL66BzOASOzzYKSuUcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:35:28 GMT
age: 62703
etag: "d225e7cadd7cb400e39f9cef903249c77b34ec1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91a664271b9042ab5a34c1259df6ab93
7ce177939ceed31dbe137996cace3f71eaab3cf4
08b872b4c8dc8d4b5e26d7c5e7985c144dcf45623737e6daf7813b2add8ab013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11285
x-amzn-requestid: 988e5b38-d173-4e8c-9fe6-98f8f2a76b97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXEAsE5FoAMFd9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b91a04-63377e2a6fd82d8d0f582918;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NdMsi2pSibnQ_tyUM4QXeIemgBJuVrRVcBLGmgMp7C895mwY1J53JA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:25:26 GMT
age: 66905
etag: "7ce177939ceed31dbe137996cace3f71eaab3cf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccd9a6ee59820f0e819323256cdeebcf
4b7dc1d4fa669c62d8506add356364020c203c7b
4d55fcb90dddc5eae466cc9ce0c42b560b964e3c5c02f069f6a09695af996fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: a5c3a403-75f7-4bda-b22f-089919454a6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniY8HxoIAMF3EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb105-36f4b9a9056d844955c9996f;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:04:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _1zECIPTchQXa3nVdsaH_-OY6oXEhgM8dkG_Tp084XK0eaJxYbq6tQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:48:22 GMT
age: 76329
etag: "4b7dc1d4fa669c62d8506add356364020c203c7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:58:29 GMT
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
age: 61322
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c8e4b9f12af5bbc6b743aeae4dfc55a
97f874ba034be152dfecd90e4996c928aa268950
bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kXpAcGM2UzmXWcbf7AJhy_J3Ssq-vWbcHErGAme2fThP9xa72SOPpA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 09:13:30 GMT
age: 49621
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F814c3b17-a3b2-43d8-b4e1-ecffa7e1f5c2.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F814c3b17-a3b2-43d8-b4e1-ecffa7e1f5c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b27c5238311e30e043c3c15bb9d31767
4f992451e2bfed5d25b013340c0ac1193d571623
072e513547eacfd5c53a943be02e88b84548d7070263144a00573f87b884df9b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F814c3b17-a3b2-43d8-b4e1-ecffa7e1f5c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8738
x-amzn-requestid: 7f3ea5e5-26f1-4d53-87a4-ec4f30472170
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewISDHNiIAMF_QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320d9-56e4275f0cea448645beed3f;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8sgWglzDqGNs_LrMKut5jfeZc8AhZQNRx8bxK0VlrhgzE57HiSuaPg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:34 GMT
etag: "4f992451e2bfed5d25b013340c0ac1193d571623"
content-type: image/jpeg
age: 4917
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/
95.101.10.34302 Moved Temporarily 0 B IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Sat, 14 Jan 2023 23:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/404
95.101.10.34404 Not Found 134 B URL HTTP/1.1 cdn-adef.akamaized.net/404
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vvb.totalhighleveldefence.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sat, 14 Jan 2023 23:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/
95.101.10.34302 Moved Temporarily 0 B IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vvb.totalhighleveldefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Sat, 14 Jan 2023 23:00:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/404
95.101.10.34404 Not Found 134 B URL HTTP/1.1 cdn-adef.akamaized.net/404
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vvb.totalhighleveldefence.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sat, 14 Jan 2023 23:00:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"