188.42.218.249/e8f0ccda3a49b9ec577307a0a6cf6334
188.42.218.249200 OK 1.1 kB URL HTTP/1.1 188.42.218.249/e8f0ccda3a49b9ec577307a0a6cf6334
IP 188.42.218.249:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (352)
Hash 6f50296b01e282959a7dbfcd5d5f950b
81a9ed55b533da5b80b05b3d08d8bfced4020d55
806bafd4660b403b201f722b5bfe08a1807326b40bce282aad3f2639f5244ce3
Analyzer Verdict Alert fortinet Phishing
GET /e8f0ccda3a49b9ec577307a0a6cf6334 HTTP/1.1
Host: 188.42.218.249
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: fasthttp
Date: Mon, 26 Sep 2022 19:58:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1122
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9633
Expires: Mon, 26 Sep 2022 22:38:45 GMT
Date: Mon, 26 Sep 2022 19:58:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 19:15:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DXHWvhdiqaJPPekU8PgV3_umx31_HGqFrTDO0ux2CA4Uh8h5bdLpZw==
Age: 2574
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZyhBrIYS6PPggaJ7F4ulJKkJS0136DiCrh8D8Jn2eVqmXhadTPzL8w==
age: 55378
X-Firefox-Spdy: h2
188.42.218.249/favicon.ico
188.42.218.249404 Not Found 9 B URL HTTP/1.1 188.42.218.249/favicon.ico
IP 188.42.218.249:0
File type ASCII text, with no line terminators
Hash 9e076f5885f5cc16a4b5aeb8de4adff5
475c848673a3f79fa778f01c2bd5a721d4c41707
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31
GET /favicon.ico HTTP/1.1
Host: 188.42.218.249
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://188.42.218.249/e8f0ccda3a49b9ec577307a0a6cf6334
HTTP/1.1 404 Not Found
Server: fasthttp
Date: Mon, 26 Sep 2022 19:58:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 9
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:58:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b2f7ad097d3e7799f5299f7b39a03ebb
59bdf631bb8d2fcb084fe2fb395531af3b576e53
072bad906b252f7431238f3463376825288f7bdb49c247cb8a46a34410198962
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "072BAD906B252F7431238F3463376825288F7BDB49C247CB8A46A34410198962"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 01:58:13 GMT
Date: Mon, 26 Sep 2022 19:58:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 19:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 19:26:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eRBVdoiyJnbTFNNWPYAL1n6tXeNAG0sPmzWQDvyx0P2IqV0pWMSuuA==
Age: 2847
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b2f7ad097d3e7799f5299f7b39a03ebb
59bdf631bb8d2fcb084fe2fb395531af3b576e53
072bad906b252f7431238f3463376825288f7bdb49c247cb8a46a34410198962
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "072BAD906B252F7431238F3463376825288F7BDB49C247CB8A46A34410198962"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 01:58:13 GMT
Date: Mon, 26 Sep 2022 19:58:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 591
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:13 GMT
Last-Modified: Mon, 26 Sep 2022 19:48:22 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b2a0d432d303f25a6cb2f0267716167a
a49e73d0a1bc654084c0fd309679b2b55847dd29
b79a37fbf95a390da02f158994befc0a2dc1e8c02a9d2c58618da46f7fc72868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B79A37FBF95A390DA02F158994BEFC0A2DC1E8C02A9D2C58618DA46F7FC72868"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 01:58:13 GMT
Date: Mon, 26 Sep 2022 19:58:13 GMT
Connection: keep-alive
www.totalwebdefence.com/c/9554516e76341b7f?s1=pp4-mc-us&s3=duy&s4=5251413&s5=5900649&s6={user_activity}&s7=14145101&cost=0.0054&SUBID=${SUBID}
52.51.27.131200 OK 4.8 kB URL HTTP/2 www.totalwebdefence.com/c/9554516e76341b7f?s1=pp4-mc-us&s3=duy&s4=5251413&s5=5900649&s6={user_activity}&s7=14145101&cost=0.0054&SUBID=${SUBID}
IP 52.51.27.131:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16263), with CRLF, LF line terminators
Hash ffee66601b885f6c9793ebdf6ee07129
051b983fb7f8f6e4fa7fc8213df1f0b47f8b3f70
243f56acdad4cfa6d63077d200dba2f4e630883f426fbf2f26a5b0728d40a6cf
GET /c/9554516e76341b7f?s1=pp4-mc-us&s3=duy&s4=5251413&s5=5900649&s6={user_activity}&s7=14145101&cost=0.0054&SUBID=${SUBID} HTTP/1.1
Host: www.totalwebdefence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://188.42.218.249/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:58:13 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=63320455000963e5; Path=/; Expires=Fri, 25 Nov 2022 19:58:13 GMT; Secure; SameSite=None
unique_id2=6332045500096cd4; Path=/; Expires=Sun, 25 Dec 2022 19:58:13 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Mon, 26 Sep 2022 19:58:13 GMT; Secure; SameSite=None
6332045500096cd4_sl=[272176]; Path=/; Expires=Mon, 10 Oct 2022 19:58:13 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/272176/1657106049/js/js.cockie.min.js?1657106049
23.36.76.139200 OK 826 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/js/js.cockie.min.js?1657106049
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1619), with no line terminators
Hash 80f159394b22e099038b584495222009
49a38d579533fb963f8f0f94687b40f65713b8dd
2d1575e9baafcb2f70a5d4ff82e829c3722535c3b9921c0d1baf5b54a384b109
GET /landings/272176/1657106049/js/js.cockie.min.js?1657106049 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fyKJ1jwnkYnOxh9xm0MOVudvJ3+rvF1PA+5fsnXcHpO8ag24rslfb2Y5fMhPvGB63mrhBRqG2DQ=
x-amz-request-id: B4MS9WDVSHZ6V50V
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "aeb03440821eecd362780d1d1f8f4751"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 19:58:14 GMT
Content-Length: 826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/css/translate.css?1657106049
23.36.76.139200 OK 655 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/css/translate.css?1657106049
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
Hash 64836db20736f1e7995b43489b4bf0ac
a0db33db05acb39dd01d9f19f5eed634682b0ead
d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87
GET /landings/272176/1657106049/css/translate.css?1657106049 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PU2AacQ7s+ZsdxcboqrynILXXIQ6PDgWRISW5tum5JbPzAQsQRN4uymzhnD8pbMcOWQ9nrw3RFo=
x-amz-request-id: STCG567JMDGTB792
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 655
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
securityprogrampc.com/a70aad04f249?SUBID=$%7bSUBID%7d&cost=0.0054&s1=pp4-mc-us&s3=duy&s4=5251413&s5=5900649&s6=%7buser_activity%7d&s7=14145101
172.67.183.86302 Found 1.1 kB URL HTTP/2 securityprogrampc.com/a70aad04f249?SUBID=$%7bSUBID%7d&cost=0.0054&s1=pp4-mc-us&s3=duy&s4=5251413&s5=5900649&s6=%7buser_activity%7d&s7=14145101
IP 172.67.183.86:0
Hash 87038e728ea83157fdd395dbfda9c55f
b1b2346153f5beee331203fe40bb66b389db1c92
0ee12e6396f7db90bad3541e9aa3737d8543aeaa03194679a76046e97917f3fd
GET /a70aad04f249?SUBID=$%7bSUBID%7d&cost=0.0054&s1=pp4-mc-us&s3=duy&s4=5251413&s5=5900649&s6=%7buser_activity%7d&s7=14145101 HTTP/1.1
Host: securityprogrampc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://188.42.218.249/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 26 Sep 2022 19:58:13 GMT
content-type: text/html; charset=utf-8
location: https://www.totalwebdefence.com/c/9554516e76341b7f?s1=pp4-mc-us&s3=duy&s4=5251413&s5=5900649&s6={user_activity}&s7=14145101&cost=0.0054&SUBID=${SUBID}
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6zi7%2FdfP1pWeMZSDpGetfBdd6h784wEU3kml21zb8wd%2BaueCFwCg3zlvV%2BiUWwiOz1cxkzs1hTVSl0Vg4zGLuQMW05FgEL5b1e8gyPCm1iabTH8JOuc3VlDnA4KgT4%2FWqOTnKM3UpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750e92b54c5b0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/272176/1657106049/js/second_back_multi.js?1657106049
23.36.76.139200 OK 779 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/js/second_back_multi.js?1657106049
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text
Hash dbf49cf3b51574b36e6a1f35b9d39e1f
22253ddc0b47424de0c2456ff076d9abb38dd2d3
45c9b753e2a2291be4a0e4a250d0314f44ded5e7ba4038b8b64658820058dfe4
GET /landings/272176/1657106049/js/second_back_multi.js?1657106049 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: GlV37hotNEsUa8Wapye0Wvs7WKt+oS8IZahA86zJz2pguXZB8Ebn3Zhq9Rq4Zycg4yyskSFrjww=
x-amz-request-id: PQKC4ZAX152RK2X7
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "4034050f2be05cd41b77c4bb153f89eb"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 19:58:14 GMT
Content-Length: 779
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/js/site-protect2.0.js?1657106049
23.36.76.139200 OK 1.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/js/site-protect2.0.js?1657106049
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
Hash c0b31646b3e848af88cf00fe0adb0171
9da7b450c71cfb71ded4b29bac67257a11ad0482
83ba96b1ce362c307684fcf93aba383c2a951cad3e5474807e9cbaa33f8c0556
GET /landings/272176/1657106049/js/site-protect2.0.js?1657106049 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: nWXsyP79l0sdxsGlWT425kCXtEf5DVFYsCQC/brIfnBZV9Xl/kgfYicq5tVjZHxY6A326jWtoqw=
x-amz-request-id: B4MJ7AWYPBA0HGJF
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "fc96ab06b0f9fcea6731405215ae5daf"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 19:58:14 GMT
Content-Length: 1068
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/js/main.js?1657106049
23.36.76.139200 OK 458 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/js/main.js?1657106049
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
Hash 03bd18a48d7063866f2d90657bf5a95d
765830953cb7ec7432f30d8f469d421eaa5b5ae8
6755324986ed1b2bb1b3f71f9c5237a9bc373483aa91460ac156935cfacdd6d9
GET /landings/272176/1657106049/js/main.js?1657106049 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Xf948T4w3yy9IZarqnYxLBa5IpUfZ19TrGDY/OUgjo2zQ0fkZ7WckiXi2iE/rnnYYazWm2Azwsk=
x-amz-request-id: STCVT513BGA8H7T5
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "594b9f556adeea27c9081f45d4efe9d3"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 19:58:14 GMT
Content-Length: 458
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JviFubzP7dMjQfTAAKrVEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I08Q5BwAPA9qQfIwfXFjfqeDOUE=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5042ac958a3eda345cae750ef7c1525
80461da5afe558c466f1b11f98821e6109bef46b
bd194dd4b1a8fd821ba5684d1f7181a339fae703189139dc618915626fa8b3a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD194DD4B1A8FD821BA5684D1F7181A339FAE703189139DC618915626FA8B3A3"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16849
Expires: Tue, 27 Sep 2022 00:39:03 GMT
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1657106049
192.241.132.237200 OK 92 kB URL HTTP/1.1 cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1657106049
IP 192.241.132.237:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 769cd62e758934fa8096b5606b811aed
5aa428b46dcc92de7675431414fa48bf7a45ee34
401c7cf06b98dea0a0724f601d7c6c876d7bd21c5be29f5ac4d8e06cd80cbbec
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/jquery/3.6.0/b/jquery.min.js?1657106049 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript; charset=utf-8
Content-Length: 92399
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 15:47:22 GMT
Cache-Control: public, max-age=43200
Expires: Tue, 27 Sep 2022 07:58:14 GMT
ETag: "1664207242.2010548-92399-3469679441"
Date: Mon, 26 Sep 2022 19:58:14 GMT
cdn.stfilecamp.com/multi_push.js?1657106049
205.185.216.10200 OK 1.1 kB URL HTTP/2 cdn.stfilecamp.com/multi_push.js?1657106049
IP 205.185.216.10:0
Hash a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99
GET /multi_push.js?1657106049 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:58:14 GMT
cache-control: max-age=3600
content-length: 1072
content-type: text/javascript
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx000000000000026f1ab67-0063320456-213ecff2-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1664222294.dop230.sk1.t,1664222294.cds217.sk1.hn,1664222294.cds003.sk1.pr
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/272176/1657106049/images/ring.gif
23.36.76.139200 OK 315 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ring.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 30 x 29\012- data
Hash c3b64d6515c79193f47b3f6780840578
0edb138e48313bbea641208092d9072cee89652e
275e633fe30013ed09ab33d46f668be82c19c93ed3c66485a5bef53d74eeaa89
GET /landings/272176/1657106049/images/ring.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 82Wk5601X5yjEA9T4Qajp8YGSSababmmC8lfxNiMpu9dSQENcjwJIasVLSk7hhy4wVYkx3A1qo4=
x-amz-request-id: BRPE6Y00QXP14AJP
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "c3b64d6515c79193f47b3f6780840578"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 315
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_gray2.png
23.36.76.139200 OK 349 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_gray2.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Hash 7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /landings/272176/1657106049/images/ico_gray2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: XqIfVsLVe5VwHvENB16HkSpcwzlo0vvTYYy58m5m5BbuZZhqA5Gy4DSFkqNkaK81n76dMZjyymM=
x-amz-request-id: BRP170FY4DCYCQHH
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "7454c652e0733d92de6c920c2d646ae0"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 349
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/corner.gif
23.36.76.139200 OK 102 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/corner.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 24 x 9\012- data
Hash ef14d57c065fdbd3c66d017a729ca91f
2e7b72d674361a9c2b41767ccfbed2486e6695dd
6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36
GET /landings/272176/1657106049/images/corner.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: wR3g6LEhv/TCNYYszxLD4ne72qXfDRYFF3eaUYZLCRmkj4MtoPBXvzfl0HTz7esxi2ixbI/cwh4=
x-amz-request-id: Y6TMVKZ65FF9NS38
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "ef14d57c065fdbd3c66d017a729ca91f"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 102
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_tray2.gif
23.36.76.139200 OK 377 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_tray2.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
GET /landings/272176/1657106049/images/ico_tray2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Uq7NhDCFPReqQZy/i66CkaESRMbHXo8N2bRuAh5ZVhbVAMEJ9LoF96Uocwzb+J6OFzeCQdYpwIU=
x-amz-request-id: BRP4FY8HX9CBKDX0
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "c10bdec858cb0cf9e6cc5865d5925746"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 377
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_tray1.gif
23.36.76.139200 OK 69 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_tray1.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash 3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
GET /landings/272176/1657106049/images/ico_tray1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: M/c+l+fP00SHRVtoFXKY0Rdi91DIn11mqp2Hpf055Ul7KhcgqPIIH5nF65zW0oBKt403tyy87Fw=
x-amz-request-id: Y6TS1H5XCSMSPFTW
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "3ae573d079dcd1d2da4086f2c0c72c45"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 69
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl1.gif
23.36.76.139200 OK 511 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl1.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 80 x 65\012- data
Hash af3aca2036675c5979fb535c5d190f15
70c4f17ef1a2afe0477c84c5d209fbe31760b657
aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa
GET /landings/272176/1657106049/images/ico_bl1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DoCBpiwodM4xt6oFe0bRM9xKyqCAW7dqQNAq7xMQX/mV8IqEW2jQ6YQUXnwMJUPwcSowBgmKS2E=
x-amz-request-id: BRP57JZGJHG90CG2
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "af3aca2036675c5979fb535c5d190f15"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 511
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/nrt_logo.png
23.36.76.139200 OK 1.7 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/nrt_logo.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 65 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 552a64cb68788eda1e39803a214e6089
bfdff83a307360453e686bc006e33baa3b7ac6e5
76efdff7f7d19e2b7c161d769c023890a9304a98ac76c26a30d3b8a7dceeaed5
GET /landings/272176/1657106049/images/nrt_logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: TVcTT/pSF/HqfObB3/FnJGuuD54IkupEhSXCeGMci5MF1SXfF3MlEmW5NWrAriZHc4iI0eoY5Os=
x-amz-request-id: BRP25E6TEPA0080K
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "552a64cb68788eda1e39803a214e6089"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1658
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl3.gif
23.36.76.139200 OK 949 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl3.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 78 x 68\012- data
Hash da9d153375da51a616a7663f1504e3a5
bd81fe60fe017bfe79be8c1afed88b659ff166d9
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04
GET /landings/272176/1657106049/images/ico_bl3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: tlznUkB4dd1jX8otsacKd50XyORqzOjSOKXT50dnnM8hUFmjGhWSed616ZdFuzGzMjs8p8ZMARo=
x-amz-request-id: Y6TKX521JEJTYJWC
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "da9d153375da51a616a7663f1504e3a5"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 949
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl4.png
23.36.76.139200 OK 662 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl4.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 78 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a11ddabe8ccece588c8aef50f5d12dc
e36cd99c427e79f156e99bd8078c14be23aec42a
15d874692f178f9bf819b8c13274b71ca400b0f37bfda1433834a959d0413dfa
GET /landings/272176/1657106049/images/ico_bl4.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: CAqI3t/afdvF6SjVdSSUNvNpFZrnB3254HhQWv/N+uGVsJE1vfe7pZj9XvG+6H9Bub3lrhi7ktg=
x-amz-request-id: BRPBHSFFXJ1WQPPX
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "7a11ddabe8ccece588c8aef50f5d12dc"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 662
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/logo-white.png
23.36.76.139200 OK 2.0 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/logo-white.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 415 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c9430ab1ed0536d46dd917813f11c4d
cc4057a93be6f92d7068a8b6d3bcd56f90f4e182
c9170db9afee7b62db6dccbc35fe3111ec22caa8bc378b9804713035692cb986
GET /landings/272176/1657106049/images/logo-white.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: cEmrmz9ffhey+p1KqCOq2qahVy3CghmblhUqXsHKhvSCYdAyQV4FW8topJKesrANe/YMeQ6c4cs=
x-amz-request-id: BRP685F86YVNM1AW
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "3c9430ab1ed0536d46dd917813f11c4d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2013
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/logo.png
23.36.76.139200 OK 5.0 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/logo.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 157 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f00a5ca8441973c8bdb7adad8d10742
575564b9a087ddfb14f5b2544c33e85565089d59
f3c9f517b92df590f6baf628ed1e0bf794872d1c85ecfd163a3a242412e92a5c
GET /landings/272176/1657106049/images/logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: YlqTrY1N1jCmCelWXBnmUjqKjxydMCCddoR52sTjeiUmj9qsWKFo4+jQNqDE9X9fxS01Q2aO9NQ=
x-amz-request-id: BRPABCJE7H774NCW
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "0f00a5ca8441973c8bdb7adad8d10742"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4994
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/win_cls.png
23.36.76.139200 OK 293 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/win_cls.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
GET /landings/272176/1657106049/images/win_cls.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Kz6S4VIgvGkpyc9e1LtltUw2hdpUSRRTvFyjnbV2QibQDtJYfQ2F0HsBRtfujIq4v0GAJeZpM7E=
x-amz-request-id: PQK8GQT0BRN37WMB
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "9eb68d2ce05c151bda542a7a6356e22c"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 293
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl2.gif
23.36.76.139200 OK 1.5 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_bl2.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 65 x 80\012- data
Hash af52e51f42fd0c55bc3cf2c8ece71492
016f83da68ff461a5c6aebcc2a45668317b2f24c
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c
GET /landings/272176/1657106049/images/ico_bl2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: JKvrn4w7SnUu2G0MYzjci27eIkelX1wWXAd5HWeMdZNM7Pf/9E3STigYXESWIBsDolPKbV3ykU4=
x-amz-request-id: Y6TM3F2QDFRWQVX2
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "af52e51f42fd0c55bc3cf2c8ece71492"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 1547
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/cross.gif
23.36.76.139200 OK 211 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/cross.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 29 x 29\012- data
Hash 45b0c8a1e52d91e8cf84eaf75ebca9a9
0e358b8571f9062dedfacd0c31d54179270153cd
4e635bdab7a300d0ccb5aac26b4610a07ee1b33643578c1a4308e677d7eb595d
GET /landings/272176/1657106049/images/cross.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: E5hx5FfjfmlehAJMjxS0uLt6Jf+tGYOBSWQ+MqN8Xszxq1YIlcY6zewTAj4S24cg4c8Exv/sNLM=
x-amz-request-id: BRPEBP82W0NFR99Z
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "45b0c8a1e52d91e8cf84eaf75ebca9a9"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 211
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_gray1.png
23.36.76.139200 OK 364 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_gray1.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /landings/272176/1657106049/images/ico_gray1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: rxysDg3EQP7ZfCfRIk/ZpeWOsh5P/KMeJQW+DAw7twwvcs98MZ3KvYT3dMGmp73I8YLcrymTruo=
x-amz-request-id: BRP2NKCE1BPCQK7P
Last-Modified: Wed, 06 Jul 2022 11:14:12 GMT
ETag: "e144c3378090087c8ce129a30cb6cb4e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 364
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/pc_green.gif
23.36.76.139200 OK 723 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/pc_green.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 120 x 97\012- data
Hash ea44081971aed96fbfa38fa187b6df4a
a3ec8cd4c76f517584faef83f96e32683265bdb1
e0f52d9433540bafa2f05fc3c04839b4990c2ce5ef718975a8d4eef9866f06be
GET /landings/272176/1657106049/images/pc_green.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ek2xpys92QRmka4AQqhe+neNsjjv7IlSCgdymYruIehUOO9VNmVRaAq1IHJ8xKJPdXXXg2stTTk=
x-amz-request-id: BRPEK4776TZM5HH6
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "ea44081971aed96fbfa38fa187b6df4a"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 723
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/win_min.png
23.36.76.139200 OK 128 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/win_min.png
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
GET /landings/272176/1657106049/images/win_min.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fcrQ3kFoL1YICLiPviMaQtC+KfSCB4dPJ9MzTmIx0whyHaxpinBYgNrbp2sFTU2E0Iuo9GPW1Jo=
x-amz-request-id: BRP6MAHTHSBS8F3P
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 128
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_tray3.gif
23.36.76.139200 OK 234 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/ico_tray3.gif
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 16 x 16\012- data
Hash 9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
GET /landings/272176/1657106049/images/ico_tray3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hTW401NWtpU7x5Iyo8t5H51hT2UfwjmDlshj17utCO6zlNYnW0KU1HB+6UdI4nJEqBBvCXrpZEA=
x-amz-request-id: BRP1D1S3TJ3690VM
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 234
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/272176/1657106049/images/mcafee-total-protection.jpg
23.36.76.139200 OK 244 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/272176/1657106049/images/mcafee-total-protection.jpg
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2806x1200, components 3\012- data
Size 244 kB (243629 bytes)
Hash dd4acb73b402577e9296a3d02f01ae23
390fc162fcacda7f0b3d918c3f144021767e237f
ae61661052377eb572cbeeca552616f086fc47f15df4ba36092a20ba8146df69
GET /landings/272176/1657106049/images/mcafee-total-protection.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /SlrwRcANVBNUPK4QIO7Dxg46SKhoNEdd6lWjz35weM3hPm71+B92PMbkuA1030fHys+1xyRXaQ=
x-amz-request-id: BRP4JR5BR6Z27ZF2
Last-Modified: Wed, 06 Jul 2022 11:14:11 GMT
ETag: "dd4acb73b402577e9296a3d02f01ae23"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 243629
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/
23.36.76.139302 Moved Temporarily 0 B IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Mon, 26 Sep 2022 19:58:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn.stfilecamp.com/stormtrk.js
205.185.216.10200 OK 6.5 kB URL HTTP/2 cdn.stfilecamp.com/stormtrk.js
IP 205.185.216.10:0
Hash 469e121bb4c4fe159bbca2b4f5a88267
f0c66f226de28b324e4f1ecb766597938f984c60
4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416
Analyzer Verdict Alert fortinet Phishing
GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:58:14 GMT
cache-control: max-age=2423
content-length: 6502
content-type: text/javascript
last-modified: Tue, 07 Sep 2021 08:59:42 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "469e121bb4c4fe159bbca2b4f5a88267"
x-amz-request-id: tx000000000000026ef12f5-006331ffbd-213dd56e-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1664222294.dop230.sk1.t,1664222294.cds217.sk1.hn,1664222294.cds014.sk1.c
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/404
23.36.76.139404 Not Found 134 B URL HTTP/1.1 cdn-adef.akamaized.net/404
IP 23.36.76.139:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.totalwebdefence.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Mon, 26 Sep 2022 19:58:15 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
172.217.21.170200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 172.217.21.170:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 19:42:28 GMT
expires: Mon, 26 Sep 2022 20:42:28 GMT
cache-control: public, max-age=3600
age: 947
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3648
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:58:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3648
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:58:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3648
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:58:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3648
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:58:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 78479
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:19 GMT
age: 80456
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:14 GMT
age: 79261
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 78718
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 78109
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pt7rJi8EIQFBk0gHQZ1WnjvThPba86XZCGFs83l1ZW2dj-_6bZprAA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 79699
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fwww.totalwebdefence.com%2Fc%2F9554516e76341b7f%3Fs1%3Dpp4-mc-us%26s3%3Dduy%26s4%3D5251413%26s5%3D5900649%26s6%3D%7Buser_activity%7D%26s7%3D14145101%26cost%3D0.0054%26SUBID%3D%24%7BSUBID%7D
104.26.4.120200 OK 1.2 kB URL HTTP/2 stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fwww.totalwebdefence.com%2Fc%2F9554516e76341b7f%3Fs1%3Dpp4-mc-us%26s3%3Dduy%26s4%3D5251413%26s5%3D5900649%26s6%3D%7Buser_activity%7D%26s7%3D14145101%26cost%3D0.0054%26SUBID%3D%24%7BSUBID%7D
IP 104.26.4.120:0
File type JSON data\012- , ASCII text, with very long lines (363)
Hash 3369178dac3417a08dc31d35f92baa6b
3bdb61ad851c716b780c21171963151a5dda1b8b
dd5725a6e2649fc3043fa72aba993ab3641e8f7a3be960f7d6a16b0837f92a12
GET /api/1.0/ping/pong?location=https%3A%2F%2Fwww.totalwebdefence.com%2Fc%2F9554516e76341b7f%3Fs1%3Dpp4-mc-us%26s3%3Dduy%26s4%3D5251413%26s5%3D5900649%26s6%3D%7Buser_activity%7D%26s7%3D14145101%26cost%3D0.0054%26SUBID%3D%24%7BSUBID%7D HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.totalwebdefence.com
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:58:15 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnpryD7JTh%2BFqItvkQlQ0%2Bxu8BUk10hadeCx29r2ndK0yaUdEPg7sp3fo4xaXLK0UVef5v9S24rEgKyfJQZoIDX0llPMqqvUCjVld8Jy2Xmdfu1SEEfTm0hM8k4wDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750e92bff809b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 11:06:43 GMT
expires: Tue, 26 Sep 2023 11:06:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 31892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:58:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.stfilecamp.com/fp.min.js
205.185.216.10200 OK 32 kB URL HTTP/2 cdn.stfilecamp.com/fp.min.js
IP 205.185.216.10:0
File type Unicode text, UTF-8 text, with very long lines (31370)
Hash 198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912
Analyzer Verdict Alert fortinet Phishing
GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:58:15 GMT
cache-control: max-age=1052
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000000000000026ea6750-006331fa62-213dda3c-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1664222295.dop230.sk1.t,1664222295.cds217.sk1.hn,1664222295.cds237.sk1.c
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.totalwebdefence.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 19:58:15 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+969; expires=Wed, 25-Sep-2024 19:58:15 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2