pwn.localdatabaseprotection.site/c/e966842b59cc7d2a?cost={cost}&s1=ra4-avr-de&s3={clickId}&s4=&s5={feedId}&s6={zoneId}&s7={campaignId}&clickId={clickId}
52.51.27.131200 OK 3.0 kB URL HTTP/1.1 pwn.localdatabaseprotection.site/c/e966842b59cc7d2a?cost={cost}&s1=ra4-avr-de&s3={clickId}&s4=&s5={feedId}&s6={zoneId}&s7={campaignId}&clickId={clickId}
IP 52.51.27.131:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19855)
Hash a84a47c662882929043c3e757f970df6
87c51e94df28236cca14af21e0b82e5094192731
94846306b1a902fe99672c465fd68e412858af0e43c7fe785c815f754d646c21
GET /c/e966842b59cc7d2a?cost={cost}&s1=ra4-avr-de&s3={clickId}&s4=&s5={feedId}&s6={zoneId}&s7={campaignId}&clickId={clickId} HTTP/1.1
Host: pwn.localdatabaseprotection.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 17:41:27 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=641de0c70004fe0d; Path=/; Expires=Tue, 23 May 2023 17:41:27 GMT
unique_id2=641de0c700050679; Path=/; Expires=Thu, 22 Jun 2023 17:41:27 GMT
impression=; Path=/; Expires=Fri, 24 Mar 2023 17:41:27 GMT
641de0c700050679_sl=[269163]; Path=/; Expires=Fri, 07 Apr 2023 17:41:27 GMT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3514
Expires: Fri, 24 Mar 2023 18:40:01 GMT
Date: Fri, 24 Mar 2023 17:41:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15099
Expires: Fri, 24 Mar 2023 21:53:06 GMT
Date: Fri, 24 Mar 2023 17:41:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16487
Expires: Fri, 24 Mar 2023 22:16:14 GMT
Date: Fri, 24 Mar 2023 17:41:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 39rOsAPyvSNpfbUXjPK94KICkFHH16TBzUW7VugNpXfmN8VZJKLXfZpSqoc1Kslktk9nMSyOuGc=
x-amz-request-id: FFVAXY4MJM0X7X3A
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 17:00:26 GMT
age: 2461
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 17:15:17 GMT
content-type: application/json
age: 1570
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 17:41:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499
95.101.10.34200 OK 655 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 64836db20736f1e7995b43489b4bf0ac
a0db33db05acb39dd01d9f19f5eed634682b0ead
d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/css/translate.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: aoGFvfdn1t7k/40oKC0Lf4MlwRx6eQNH5k/9myaKH+TvjmOeO1zgq5tQ0h0l/jk6a8UZAcbg408=
x-amz-request-id: 01H4QG8WMM80K66C
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 655
Date: Fri, 24 Mar 2023 17:41:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499
95.101.10.34200 OK 559 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 7a2813dd2f72e952a133e5d6f13a808a
7472ee61fbd566913fd48f40f76e63edb9ea1faf
ea14a153c8c32aecd506eeb112e67542e62ea7e312dc77de3149df90c8a9336d
GET /landings/269163/1672139499/js/translete.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: UBm6fjoiwYikBArmXu2bb6RRqTVzex1cD3b3tZoePTOWde8aafjfdh6JGfdRnF3v3QWbm+gqt8o=
x-amz-request-id: K9TRN658N2MX7ZXZ
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "ec54980cfed635492cef5628111560d2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 24 Mar 2023 17:41:28 GMT
Content-Length: 559
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499
95.101.10.34200 OK 5.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24988), with no line terminators
Hash 4f6795f72fdbcb15309fd2aaba55302d
d613bd45610ff3a3e0a581d360847f01de563368
787035c2e2a9154a7ab7805185cf09b73f252b86221c975244259db327db8193
GET /landings/269163/1672139499/js/interactive.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: mJJTHFUE9GFMsGZbg1+9c/IY5j+1ShW0BoQwoUOHDRj96nx42YVIK+l3uJHxEwAiKd/UJVBmSFo=
x-amz-request-id: K9TMP29RZZQ2QRFG
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "7f1b8cc7b3f5bae928d07c8605d0c0d8"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 24 Mar 2023 17:41:28 GMT
Content-Length: 5095
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499
95.101.10.34200 OK 826 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1619), with no line terminators
Hash 80f159394b22e099038b584495222009
49a38d579533fb963f8f0f94687b40f65713b8dd
2d1575e9baafcb2f70a5d4ff82e829c3722535c3b9921c0d1baf5b54a384b109
GET /landings/269163/1672139499/js/js.cockie.min.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 37wI1/5QzIXHxYNiWh5vxL9rCAGhyg8pK+TmGnGPX5TX1ZIvBx4XSZPr6Txiz8l5zLMsSVHjvRY=
x-amz-request-id: K9TVWR1YV8STTEDF
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "aeb03440821eecd362780d1d1f8f4751"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 24 Mar 2023 17:41:28 GMT
Content-Length: 826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499
95.101.10.34200 OK 728 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash cf00d833782706194b8c8d7a10222c7e
eb5fcbf9e53b3e2882d671cea6a73210effff810
b1d0dec6c93c760e5890b5f36ce72d46f4d9be7650d8eda017ef0bb640080b05
GET /landings/269163/1672139499/js/second_back_multi.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: tNC0XWTlAPbNMrp7KLFFemt5R7eKCozURoFqccJYNz3UR/1zhxw3TzVSh0MZqUXqpa0s8bbNGM4=
x-amz-request-id: K9TJY7N9D9K8SHM4
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "f428fe6667efbbe5781d64826256609b"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 24 Mar 2023 17:41:28 GMT
Content-Length: 728
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499
95.101.10.34200 OK 1.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 85e3bd021961fdac95655a71435375f5
9d03222c7a2acb3c790270e3f07bebc485759db2
bd6d5b382238afd5ee6299972b66f4e22521fe96487dfc620be38e1743d71887
GET /landings/269163/1672139499/js/site-protect.2.0.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: HKiRcuAEGKhNwvVW74QDNfwEF6A4wZ+xVZUK8G3fEuc2fdCxPPLu2apz7mHyHDeUyfzOoeDaF+M=
x-amz-request-id: K9TGAPDTZZ91ZQMT
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "311a4a9bfb7699c36f9310aa8484b360"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 24 Mar 2023 17:41:28 GMT
Content-Length: 1073
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499
95.101.10.34200 OK 769 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash a22a1a0161c2da8eab4d825d701e0d30
17a279b59fa2371f8661d5558662df7abdcf5442
4d7d84af0a913c75c83eda10419b18fd30ec7f481bf627fa89d8ff450df53580
GET /landings/269163/1672139499/js/main.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: yisJyc5CcMze9Pt293bDHrzLDwJgkbXsOvjbr5/n5+Hwq8zW6FlMaHQMBJ8i1yNysu9J6EMR34U=
x-amz-request-id: 01H6Q3RV4DEDNS0R
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "a22a1a0161c2da8eab4d825d701e0d30"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 769
Date: Fri, 24 Mar 2023 17:41:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
95.101.10.34200 OK 2.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash 9e6e17753fd08ccffdaab4bc97d7af50
f4a6f23df54e760b305134eb5587ccd0b0c6ad49
01f65c67d47ef19588c9c3e19fc6e2e123ff3f0e2f1cfdf9ad61a655efe23cf8
GET /landings/269163/1672139499/css/style.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: uKxrqyhGBLZW+QOY36oWBQzXq8GtmTkghZmhbZLfyDo9egvQA7tQPLuK/UuyBfL/vXoVPoCYz3U=
x-amz-request-id: TR653A6YHKFA73GM
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "790ea33cbfafd3311bd7083f70a179c6"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 24 Mar 2023 17:41:28 GMT
Content-Length: 2856
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ab0b4b80bb8e2eb6a8fa8faa77ca3c6
7f97e852e12c364b1ca3dea1462885eea0e4452c
11fdae6561347ad66e83e5ded44c9bce979e283a93cd7c57ce0135682930adfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11FDAE6561347AD66E83E5DED44C9BCE979E283A93CD7C57CE0135682930ADFD"
Last-Modified: Wed, 22 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20197
Expires: Fri, 24 Mar 2023 23:18:05 GMT
Date: Fri, 24 Mar 2023 17:41:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 17:17:23 GMT
age: 1445
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4308
Expires: Fri, 24 Mar 2023 18:53:16 GMT
Date: Fri, 24 Mar 2023 17:41:28 GMT
Connection: keep-alive
cdn.stfilecamp.com/multi_push.js?1672139499
205.185.216.10200 OK 1.1 kB URL HTTP/2 cdn.stfilecamp.com/multi_push.js?1672139499
IP 205.185.216.10:0
Hash a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /multi_push.js?1672139499 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 17:41:28 GMT
cache-control: max-age=3600
content-length: 1072
content-type: text/javascript
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx0000000000000284d7411-00641de0c8-2fb1d735-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1679679688.dop221.sk1.t,1679679688.cds208.sk1.hn,1679679688.cds231.sk1.pr
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.200.175.54101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.175.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WcSL0BQBvLSopqwd7RLjJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wOIedmmswNDBTtWmrAg8IKwDP1A=
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499
206.189.196.86200 OK 92 kB URL HTTP/1.1 cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499
IP 206.189.196.86:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 592b7b5eaf9e1e3c052e1e3862df509c
89aa21dc9dfd5deb49ba2b0f3a244a5a84afc4c7
3f0d3be46e4588111766fd24f94a1e531efab2a0a072327e9200ada81d310900
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 24 Mar 2023 17:41:28 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92013
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Sat, 25 Mar 2023 05:41:28 GMT
cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png
95.101.10.34200 OK 1.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 35 x 34, 8-bit/color RGB, non-interlaced\012- data
Hash 1eab4e4fb7a147352b0027c0e4df1fe6
99e621180265541383f5c081cd6f7c77b7d21e0d
a66a5ce08b112086075a336e9f18d5cea683143b552a50641971ef00d3895207
GET /landings/269163/1672139499/images/check.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Glks8cmbuFdLZl33dmLAdcGZAdTG/EBtp+ThbS4YHtVvFk/O1ccsWgRbnx9IdvxgZdPgafKYW5o=
x-amz-request-id: H9CTHFFSH9D37XZX
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "1eab4e4fb7a147352b0027c0e4df1fe6"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1946
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png
95.101.10.34200 OK 1.7 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash bc32798c28d2145f979848809ba5f858
7bc0276cd56bf6463113a9c5d33ea9aacbdb5f51
7319ffc0fdb40740b07f1a286348fa0f29676127996481b6310f3dd7f322d4ee
GET /landings/269163/1672139499/images/menu2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gm86Yd68FBV9pZnLdvEpXSLtMogWmnAAL22kecwGDT3DBze/95xE6Se6s4SRHecDO/5zF1B8Lxs=
x-amz-request-id: TWRS4S8CDYGCZYN6
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "bc32798c28d2145f979848809ba5f858"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1665
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png
95.101.10.34200 OK 1.8 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash 7af58322b67083908a8519d74471f47d
256a9119feb235759cf98f211bc6398f58c4ee43
bfab83c5a6c9c62450668ba960527fc9b17ed316a52436f0f63fd1eedcd45a3d
GET /landings/269163/1672139499/images/menu4.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Lrvoj41xEHM+NL8KeqPDxzUdmc9oIz3NAU/lI/L6wQ52HtgX8o7xCrpt/IAaUf90HYaaWbzojEM=
x-amz-request-id: TWRRJRPTY7N1FDYF
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7af58322b67083908a8519d74471f47d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1812
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/cross.gif
95.101.10.34200 OK 211 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/cross.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 29 x 29\012- data
Hash 45b0c8a1e52d91e8cf84eaf75ebca9a9
0e358b8571f9062dedfacd0c31d54179270153cd
4e635bdab7a300d0ccb5aac26b4610a07ee1b33643578c1a4308e677d7eb595d
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/cross.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zE2YFI/e+Qyb9mFWP3J/+NIxNh7UeIA/dLCrJZwQ3qewv6YNTzbIBp0Q3/DfcNabctTchXlteHo=
x-amz-request-id: K6KMRS01GW11F4R5
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "45b0c8a1e52d91e8cf84eaf75ebca9a9"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 211
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png
95.101.10.34200 OK 1.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash b2b98941a9fe6bbcb6745989b3289b1e
5fb8fce5934af6d3426a37eb58b9846fa80ead39
d9efcb7b0f632cb3d2650c0c676b3c758f00c52f5d1cc5e7963dd456aaa03833
GET /landings/269163/1672139499/images/menu1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VEnBKXlsnNgWmoI4MkUrusfR+JwHe9bbNCn3G6kMeQy8gRUSvb7UHw/YSZiPPlTwBLMt6M959Lo=
x-amz-request-id: BZ29HH80JC7NGZSY
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "b2b98941a9fe6bbcb6745989b3289b1e"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1920
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png
95.101.10.34200 OK 1.5 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 23 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash 7f7b44979afb15dfdc18e7d754c6d0f5
7426889578a3a6f20f620611f7ea8d4dadaf3b87
cb2eff4a1cf5f187eda87e71d6039f24af63844617a7f890070b9afd5c965a33
GET /landings/269163/1672139499/images/info.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: EhBlY3kgGMj39R56Gi0kM/kKdrwt5rE2FkOurKsHvLX6UxSAEgaVLrFP0vKafd9IsFt46s9C/NQ=
x-amz-request-id: TWRRDNE88A4B70DR
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7f7b44979afb15dfdc18e7d754c6d0f5"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1545
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png
95.101.10.34200 OK 1.5 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash 860d945f4bba4b150b4c6300bdd87527
4c3f11a2902bf437bb578871f7e27625f0ae6504
bdca8ddc4aaf7200e8c215c5eedeae489626d9df23313578ac0cfe45854ea0c8
GET /landings/269163/1672139499/images/menu3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ft2ttM5pdqVPK4mUYtzHatqDTMKiId8KZPjapU9wDv+P9NEA6iHsQOWAA7cucWMFr8PScY/J6d4=
x-amz-request-id: DC3K97HVMXSDD8SX
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "860d945f4bba4b150b4c6300bdd87527"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1483
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png
95.101.10.34200 OK 4.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 152 x 121, 8-bit/color RGB, non-interlaced\012- data
Hash a0f86853c68b824dd5c15b0fae66fdfe
0c8ba75f1370ba3c10a309be4c1c96a5067c6098
f58fdb3b3ba6dc0943458179df29efb7201b84ff2edbf03d9ad5cb26c4e52917
GET /landings/269163/1672139499/images/icon2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: U0D+e7QXc2zBdQlh/cYa+Qz5abLBXrsxrV4nVZmiEZyW2RHXCjKUjJZq8T7p4hLvI2+PaK1tNKM=
x-amz-request-id: TWRWQDHMW37NQF7K
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "a0f86853c68b824dd5c15b0fae66fdfe"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4856
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png
95.101.10.34200 OK 293 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/win_cls.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +kgKhY8KlyrrMqImgzNR8PYXuZCzH5rsWv6s5wWD8c3pPgL7ICKPGgP5V1w5+qFF+fhTSZorM1g=
x-amz-request-id: ZKAJVQBC9AR6TD6Y
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9eb68d2ce05c151bda542a7a6356e22c"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 293
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif
95.101.10.34200 OK 69 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash 3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/ico_tray1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: V9Bah/SeG+IrDwgGgMRexBqsArCDA/ebglyNkXX9A9a3gPsfuOkmdW7vMLroKriiDizLSYlG8uY=
x-amz-request-id: BZ24VP7M8QQBQV83
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "3ae573d079dcd1d2da4086f2c0c72c45"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 69
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png
95.101.10.34200 OK 4.2 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash 2dd0fb3f8327cbd8ae041f7fdb1eb8bf
35cbcecbf827dbf814f249ff6f3124d671afd1a3
98035853429a64f9c5e3a1eb3dacd1592b1eda2f5ec5e54b02fe427e117f0f26
GET /landings/269163/1672139499/images/avira-logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dDfAxffDZbYyWyLzEan0C6iYvF7LXCE+ie0myCTT2vZGCIbQwRLF4o7SMHBX6f6GP3oeNEvTm2U=
x-amz-request-id: H9CKJ2MCZG77V7SK
Last-Modified: Tue, 27 Dec 2022 11:11:40 GMT
ETag: "2dd0fb3f8327cbd8ae041f7fdb1eb8bf"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4226
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png
95.101.10.34200 OK 5.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 139 x 130, 8-bit/color RGB, non-interlaced\012- data
Hash fa6582524d715994e9d9036eca9b034b
06cce1b23faba93959df12a9eccaa3d6f51341ce
cf05a371ab1261c3e1f2785e26c95cc5869b37de15c9d48206e78a58894a0cdc
GET /landings/269163/1672139499/images/icon1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7Pe3UIMSMz4wjwqVMS8Hz1WyJwZSjZkBhc6HTW25E7pihP412OpS5m3+8dpcj35SELD+f3O6JfA=
x-amz-request-id: H9CVCHZH0P9CEG6P
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "fa6582524d715994e9d9036eca9b034b"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5928
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png
95.101.10.34200 OK 5.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 137 x 131, 8-bit/color RGB, non-interlaced\012- data
Hash 8a07f71c9d0642e8b94bd2b9687c768f
fb2f6f1a6a421101a4b10c315f340d0565709abf
e77edd6c132664f48fb66468de2e1b5068d61e9f04e03d6a51668b14d00af0ed
GET /landings/269163/1672139499/images/icon3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7pb8nNBafXJQUG2TvS8lw6J/7UQ7JfP6hw9NeGGaPTB4yEbFXcM9Wb7QmPqIOKfhQJ+IkdQc/Zk=
x-amz-request-id: GQXXAC79EZ0XFYAY
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "8a07f71c9d0642e8b94bd2b9687c768f"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5904
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif
95.101.10.34200 OK 377 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/ico_tray2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: oaxPRMjtQtWut/cNaIqHquTbu5gctnLemErzPz3i1hKSlCV8avmSCb7xNMd/SrvSRiV5dAAYXGU=
x-amz-request-id: ZKAY66NNN0W8MJDD
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "c10bdec858cb0cf9e6cc5865d5925746"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 377
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png
95.101.10.34200 OK 128 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/win_min.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SAxGM11SbJnVx6/Ct4IH4I/dSXIOP6+EiMe0aKkSGiyVWlFxecnW8/3STxyBeIG4uLYp7cs9i9c=
x-amz-request-id: YNQRBYHSHDTSHZ5V
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 128
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg
95.101.10.34200 OK 7.7 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Hash 04cafbd162493b66a25988eb1cb58d07
fc780a93ddbacd25467c56bfb6bd46e8bc94503e
7aeb8ef4156327a8bb0c98b0f6ecc8409ab462a64c61df589c7e2477bd761628
GET /landings/269163/1672139499/images/logo.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4qP+2vMOAoNJKKnFsFvh2HsPEszBvyBTBHDlejPf7byR2q9TIooExkXZTUXwWwXzO3Av4hjaxKg=
x-amz-request-id: FMM4Z77KQD7006E4
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "04cafbd162493b66a25988eb1cb58d07"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7653
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png
95.101.10.34200 OK 1.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 124 x 22, 8-bit/color RGB, non-interlaced\012- data
Hash 32fded5a952e60a48a879e414c590f24
834e44460475c20ce9f4c801a4ccf53130749af3
d712d6bf38edf55c605c2a568ce2de1caae95d26b00c02c4f9a1eed6f370d76e
GET /landings/269163/1672139499/images/icons.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Q2eHBeG8ApAk3tVDTbrK2eWZ7yg/OtazJNekCCOmlqDzcXYViqKjW44wylspeklhIKr/DNSTt1s=
x-amz-request-id: BZ257XV639M4FZCW
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "32fded5a952e60a48a879e414c590f24"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1932
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png
95.101.10.34200 OK 303 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1440 x 700, 8-bit gray+alpha, non-interlaced\012- data
Size 303 kB (302963 bytes)
Hash bc336a3a0c484d7c65299b9c4af45596
36cb2608b4fef19277220dab7e0cb0a623eee289
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b
GET /landings/269163/1672139499/images/globe-alpha.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: su5BA8qTheZbfSZwAYVTybvhVitJjrBXpAJJKeyQvVn9OSFEeoJ3ZOXAKuOo08f+f9r+Ec5Sx10=
x-amz-request-id: C87DXBDVPPTKZB9P
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "bc336a3a0c484d7c65299b9c4af45596"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 302963
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif
95.101.10.34200 OK 234 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash 9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /landings/269163/1672139499/images/ico_tray3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: kr2gKswrmvLF9cfXSRe/xRbRJKhZqYGe7l8OzLhkRke6UO1QCxRmCYG9CrDdTbj9EnvK/0+LAxk=
x-amz-request-id: P90T6CY1W9CZ77MB
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 234
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png
95.101.10.34200 OK 59 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Hash 15cac20be8d4fdd074e21a4a52604d2f
fd4c43583bec2c7bfae3cb9feb2699abbc50c578
d4ad291dfcf93d75db62260b5ba53ddda1f2a9c855a3019cf7ae52c3cd936739
GET /landings/269163/1672139499/images/avira-white.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ivz4X6NrcRrxUM1QWcZ1KPKXo74vUilBEAodvQyZPO0rwvGBSAaTx9/wsxGtbgqLkzW+U8RwYGU=
x-amz-request-id: 617XG32NZQKNC9VQ
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "15cac20be8d4fdd074e21a4a52604d2f"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 59078
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn.stfilecamp.com/stormtrk.js
205.185.216.10200 OK 6.8 kB URL HTTP/2 cdn.stfilecamp.com/stormtrk.js
IP 205.185.216.10:0
Hash 39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a
Analyzer Verdict Alert fortinet Phishing
GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 17:41:29 GMT
cache-control: max-age=3222
content-length: 6807
content-type: text/javascript
last-modified: Sat, 24 Dec 2022 08:48:24 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx000000000000022ee0c4e-00641ddf4f-30769e63-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1679679689.dop221.sk1.t,1679679689.cds208.sk1.hn,1679679689.cds014.sk1.c
X-Firefox-Spdy: h2
cdn.stfilecamp.com/fp.min.js
205.185.216.10200 OK 32 kB URL HTTP/2 cdn.stfilecamp.com/fp.min.js
IP 205.185.216.10:0
File type Unicode text, UTF-8 text, with very long lines (31370)
Hash 198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
fortinet Phishing
GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 17:41:29 GMT
cache-control: max-age=403
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000000000000022e5b664-00641dd44c-30769e63-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1679679689.dop221.sk1.t,1679679689.cds208.sk1.hn,1679679689.cds237.sk1.c
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/beep.mp3
95.101.10.34302 Moved Temporarily 0 B URL HTTP/1.1 cdn-adef.akamaized.net/beep.mp3
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET /beep.mp3 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
route.frest.pro/is_redirect
172.67.211.109200 OK 17 B URL HTTP/2 route.frest.pro/is_redirect
IP 172.67.211.109:0
File type JSON data\012- , ASCII text
Hash 6dec798efb56f56f33660938f6249ff6
e889219883cef38754dc1e5df7ca5277b3b314c8
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 10
Origin: http://pwn.localdatabaseprotection.site
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 17:41:29 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDuFEnkVH8B7AlizL30jV4ZaZaU%2BxnB1ldcCh8rf0zIxR%2FmR5Qao48WmLGJsGS1HZXxlCMzTZ7MPSbya%2FDImTiCm1xCQJtkhySJDBS8bCi2Lb7awsV5otIfTZJ8JJKBkSQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad0b48a9adc0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/404
95.101.10.34404 Not Found 134 B URL HTTP/1.1 cdn-adef.akamaized.net/404
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: http://pwn.localdatabaseprotection.site/
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/images/favicon.ico
95.101.10.34200 OK 4.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/images/favicon.ico
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: IjvSRVcJlrA8KRtuHCIvySb7T9M4setamspkp4J4t5oLIH6qyzaHxu8PdVPZHXMCPnB1SRcSZOs=
x-amz-request-id: 9B7689322D7626CA
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Fri, 24 Mar 2023 17:41:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ac8d4dabc0044d3f9300e6f09b86bc68
331a761e7d051c94831a30254ca3ce25b2e7dd2d
05ef2753d9e9b8cd1f09c88eb1cc42ee88ffd4db561c9a05e069373c24112d60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 17:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 28 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
Hash e9b17eca1677546af5825994abd62a5f
22b1a79b67d6015c6707235f9a2ed4f8ddbe14e6
9c931d59f220d33e07d07cd9704c85d7d0194c63de5795a05a51d09f5fb8e391
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Mar 2023 17:41:29 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+605; expires=Sun, 23-Mar-2025 17:41:29 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 17:41:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
142.250.74.35200 OK 4.2 kB URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
IP 142.250.74.35:0
File type ASCII text, with very long lines (23228), with no line terminators
Hash 8f89ebd6757f0474347497a9545d3cc2
014d050331fcdbcff8cbf854b4c926286e0c104a
015111236a8db21de30b2af7d2d24221a9f358fe83137f4651707f4728043585
GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 02:39:09 GMT
expires: Fri, 22 Mar 2024 02:39:09 GMT
cache-control: public, max-age=31536000
age: 140541
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3100
Expires: Fri, 24 Mar 2023 18:33:10 GMT
Date: Fri, 24 Mar 2023 17:41:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3100
Expires: Fri, 24 Mar 2023 18:33:10 GMT
Date: Fri, 24 Mar 2023 17:41:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a5974456d5b0e7b60127595d497e7105
301f44b5137d00ec286c36869a5ae233b6da8881
67e273220b1367d1001f870bdefca145c98dbf6cbe4d0c5e8dcb8f184018d5a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 17:41:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3100
Expires: Fri, 24 Mar 2023 18:33:10 GMT
Date: Fri, 24 Mar 2023 17:41:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d6ed667dad0c17b3f1697f6ad5f1dd2
9eff2b1900bc9788dfbff11fce69cc7c944b1fc1
ec0f7b928c7efd46d2679477acd9f3bf0b335f31b9739c4e925b23bd5cd16a05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8385
x-amzn-requestid: 70d658a2-706c-428d-b232-d4a343556e55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8IUHv7IAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73ce-4288c6f05be90c543a5adb5a;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:58 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 00pLSzTvmnnvhdLG4rOtVPVM_F2rfQXus98AyXsY129ejW-1Y-UblQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 01:36:32 GMT
age: 57898
etag: "9eff2b1900bc9788dfbff11fce69cc7c944b1fc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 725b558c5b217b40ec923c072a764dc9
f3a16cf007c5793b3abc4978fe023f60d375315b
543d159b2fe8680fcaebd19ed567ea7725030f8c564784be0c542deed456144d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10649
x-amzn-requestid: e8bfb59a-ccad-4150-9dfa-a9ae7966500b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM7CIHrFoAMFTXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b720d-0ef87c8a6a55d9c77f2faa03;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:24:29 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: MZAWLd0V6aOwfS3stOcabNJMrPjvrfMHg8lLXDrdEL6y-8XPZTgydQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 17:04:28 GMT
age: 2222
etag: "f3a16cf007c5793b3abc4978fe023f60d375315b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee90ddfbbe80c960f79e4dc02fc0262b
94bce2b76308d2135544dfccf31bd0d9f88af4d9
ed01967238a15bca10092d62913e416eb931674b86469648973caa1d13912274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 17:41:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: EI1picNm6z4XmZxnCmqbdZv4ok9AqXNvYGy8CtENrRkWLuuLUuETlg==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:43:19 GMT
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
age: 71891
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vOBDFA2LzOIp_0dMXApotrithfiToWtpM2xMRyx1pWAE86olKT6EpQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 02:36:43 GMT
age: 54287
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cdbc190c56cfc889845d881cf88fed4
106075aa275beeaa40d4fa0587c3cee93b763bcf
5959109c9d987617bdcbb6e1ca8553d970b365390140906d41ff9a84462f1b2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4970
x-amzn-requestid: d55dee06-0562-4a17-8109-595ec62cc440
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHzHu2IAMFgfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-2f3b14aa47db00ba68b963b8;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Dzf09PcQ1jc16E3V0kY1OcG4BipVgcvIVi3jtrv2rkllCed-6QnxFg==
via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:15:05 GMT
etag: "106075aa275beeaa40d4fa0587c3cee93b763bcf"
content-type: image/jpeg
age: 69985
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:00:02 GMT
age: 70888
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main
172.217.21.170200 OK 75 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main
IP 172.217.21.170:0
File type ASCII text, with very long lines (1665)
Hash 028ffa7b57c1fd69787200d635396b46
5276fd8933eb26e281fc0963c7bb6045d76099f0
bbbf2f923f44c50acf39b245c42fc8cd32c387037a1adcbd2eced810c9db23ed
GET /_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75429
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 18:32:04 GMT
expires: Fri, 22 Mar 2024 18:32:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 00:32:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 83366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee90ddfbbe80c960f79e4dc02fc0262b
94bce2b76308d2135544dfccf31bd0d9f88af4d9
ed01967238a15bca10092d62913e416eb931674b86469648973caa1d13912274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 17:41:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-adef.akamaized.net/
95.101.10.34302 Moved Temporarily 0 B IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Fri, 24 Mar 2023 17:41:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/404
95.101.10.34404 Not Found 134 B URL HTTP/1.1 cdn-adef.akamaized.net/404
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pwn.localdatabaseprotection.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Fri, 24 Mar 2023 17:41:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/
95.101.10.34302 Moved Temporarily 0 B IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Fake AntiVirus / Security software
GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Fri, 24 Mar 2023 17:41:34 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/404
95.101.10.34404 Not Found 134 B URL HTTP/1.1 cdn-adef.akamaized.net/404
IP 95.101.10.34:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pwn.localdatabaseprotection.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Fri, 24 Mar 2023 17:41:34 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fpwn.localdatabaseprotection.site%2Fc%2Fe966842b59cc7d2a%3Fcost%3D%7Bcost%7D%26s1%3Dra4-avr-de%26s3%3D%7BclickId%7D%26s4%3D%26s5%3D%7BfeedId%7D%26s6%3D%7BzoneId%7D%26s7%3D%7BcampaignId%7D%26clickId%3D%7BclickId%7D
172.67.69.203200 OK 0 B URL HTTP/2 stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fpwn.localdatabaseprotection.site%2Fc%2Fe966842b59cc7d2a%3Fcost%3D%7Bcost%7D%26s1%3Dra4-avr-de%26s3%3D%7BclickId%7D%26s4%3D%26s5%3D%7BfeedId%7D%26s6%3D%7BzoneId%7D%26s7%3D%7BcampaignId%7D%26clickId%3D%7BclickId%7D
IP 172.67.69.203:0
GET /api/1.0/ping/pong?location=http%3A%2F%2Fpwn.localdatabaseprotection.site%2Fc%2Fe966842b59cc7d2a%3Fcost%3D%7Bcost%7D%26s1%3Dra4-avr-de%26s3%3D%7BclickId%7D%26s4%3D%26s5%3D%7BfeedId%7D%26s6%3D%7BzoneId%7D%26s7%3D%7BcampaignId%7D%26clickId%3D%7BclickId%7D HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pwn.localdatabaseprotection.site
Connection: keep-alive
Referer: http://pwn.localdatabaseprotection.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 17:41:29 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WI5eeBHG1niNEbnbewg1D%2BxyRjA%2BPKKutwUOCFcv1bL3DJDGhsQ6cV7CsZFrNLX7J8kd3pBDmX9fTxf%2FglLutRj2s%2BP%2FU4K6X6BX0IReLz7Pczyg%2FVoM%2F1VQK3Xjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad0b48b3faafabc-OSL
content-encoding: br
X-Firefox-Spdy: h2