Report - www.fortect.com/go/route-website.php?channel=website&lpx=lwdu

Report Overview

Visited public
2023-11-30 09:15:06
Tags
URL
www.fortect.com/go/route-website.php?channel=website&lpx=lwdu
Finishing URL
www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
IP / ASN
172.67.75.40
#13335 CLOUDFLARENET
Title
Your One-Stop Solution for PC Repairs and Performance Optimization

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.fortect.com	unknown	2022-01-21	2022-04-04 16:49:19	2023-11-29 10:14:17	21 kB	1.4 MB	104.26.2.16
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-30 08:05:45	1.8 kB	673 kB	142.250.74.168
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-11-30 05:09:14	2.2 kB	872 B	216.239.34.36
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-11-30 06:00:14	583 B	580 B	142.250.74.163
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-11-30 08:06:05	898 B	62 kB	216.58.207.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-30 09:14:51	medium	Client IP	Internal IP	ET ADWARE_PUP Observed DNS Query to PC Optimizer Software Domain (fortect .com)
2023-11-30 09:14:51	medium	Client IP	Internal IP	ET ADWARE_PUP Observed DNS Query to PC Optimizer Software Domain (fortect .com)
2023-11-30 09:14:51	medium	Client IP	104.26.2.16	ET ADWARE_PUP Observed PC Optimizer Software Domain (fortect .com in TLS SNI)
2023-11-30 09:15:07	medium	Client IP	172.67.75.40	ET ADWARE_PUP Observed PC Optimizer Software Domain (fortect .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed
2023-11-30	medium	fortect.com	Sinkholed

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	www.fortect.com/creative/fix-pc-issues/js/language.js	ScriptElement	188 B	2023-11-17	2025-02-15
Pretty URL www.fortect.com/creative/fix-pc-issues/js/language.js IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 22:33 Last Seen2025-02-15 14:56 Times Seen36 Hash fc5ba66882baa7d1171ca0ae3159f3ed 3db11f6754e950ad27dbb5d25d74865da0da5c75 bc70b7a2058772608cbb9bf32952dd276db5008e135a559c32429b24205c4994 Loading...

	www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu	ScriptElement	31 B	2023-06-11	2025-03-30
Pretty URL www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-11 20:54 Last Seen2025-03-30 11:47 Times Seen61 Hash 641edba24b97bd213a0dccb04927f6fc 435a846bc9e7779270edab52064c337b953005a3 5da56e1c16af75b2ef613e259a8e251a47173cdb392a11bb9cf7cf194da5ac7d Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js	ScriptElement	85 kB	2023-03-07	2025-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 12:03 Times Seen1681 Hash b04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Loading...

	www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu	ScriptElement	9.4 kB	2023-11-17	2024-08-20
Pretty URL www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-17 22:33 Last Seen2024-08-20 19:01 Times Seen37 Hash 6538b06d264279ee8ce747e8a77767f7 dd09909a2c143dcd7cf7e59a85dc29dfa1a6b472 a9e0f91c703f658c8063be5f959332da25840546daf01a6538ff96471f9e266a Loading...

	www.fortect.com/creative/assets/scripts/cookie-note.js	ScriptElement	666 B	2023-11-17	2025-03-30
Pretty URL www.fortect.com/creative/assets/scripts/cookie-note.js IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 22:33 Last Seen2025-03-30 11:47 Times Seen41 Hash 388107a3b4b8e433a1814b656cbfe147 f6e91d94a1559f1a7e201bc3adb1ff6311701e58 6daa909e586fba2e24d053b46189ac0eaa79883d7ad5229b87d6d5815106bd99 Loading...

	www.fortect.com/creative/fix-pc-issues/js/platform.js	ScriptElement	45 kB	2023-11-17	2025-02-15
Pretty URL www.fortect.com/creative/fix-pc-issues/js/platform.js IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 22:33 Last Seen2025-02-15 14:56 Times Seen36 Hash d1d5098bbfc3fa28ea05dfb2f8159da3 36295b913e38f9aa121cec62e540a8d1887ca1c8 be3e043c34528b38fcbdd77247f30ffaba46a97ad10f10683f5ed81515d33d46 Loading...

	www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu	ScriptElement	0 B	0001-01-01	2025-05-10
Pretty URL www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-10 12:10 Times Seen4643561 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972	ScriptElement	263 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 10:15 Last Seen2023-11-30 10:15 Times Seen1 Hash 8df15ee99d4b84aaf502072622a654c2 32160fdc32c4ea8e720309fb53ee391dd84172db 9fb1edfb04376add049f8a824061343b6e5877fa4bf7d01b69c9570a13f8147e Loading...

	www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu	ScriptElement	4.6 kB	2023-06-11	2025-03-30
Pretty URL www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-11 20:54 Last Seen2025-03-30 11:47 Times Seen59 Hash 5b0c0adcf9a5301929015d3389c4d515 a959129527211adefca092c8b15e795557cd585f c580b304ebd6341edde5231c83e96405db5dc41e747281b1ac2f1f0e3bc743dc Loading...

	www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu	ScriptElement	4.3 kB	2023-11-17	2024-08-20
Pretty URL www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-17 22:33 Last Seen2024-08-20 19:01 Times Seen37 Hash c504357e6fe20449edf5fc8b06e3b8d3 bb01e74be2a442b7d30192c2b4f551b2ea594744 3d38f79199cbcf9930d48f4604cf36ea5710ad0352041aa1e3f1309e6519095a Loading...

	www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972&l=dataLayer&cx=c	ScriptElement	263 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 10:15 Last Seen2023-11-30 10:15 Times Seen1 Hash 32c81cd8a98d9ded2b04b18d2d120436 9443b3f0901cf4235ad426874be6dc75fe9f0d40 1981c8ec9c6395bd11391f80d3dd1fbacba6e5ed00c65df490cbe4da543b364c Loading...

	www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu	ScriptElement	92 B	2023-06-11	2025-02-15
Pretty URL www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-11 20:54 Last Seen2025-02-15 14:56 Times Seen60 Hash e1e68f09b215be9d5e376d61aa4d6901 65389ca834c0613ac9340c845b79ea8b1c797007 ed65bdf047bed5bb619e9401db5a941bbb8ed39e8a5f46b7e5c87b96385ad46a Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5KRZPKQX	ScriptElement	115 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5KRZPKQX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 10:15 Last Seen2023-11-30 10:15 Times Seen1 Hash 41e5faaf96d7c5a38897e469fb18dc13 986f92439393790134de67ef6bf5df6738c5a039 4892cf09c9d5cfe4b9d0007c2856120db49b80f6c1af1aba120a5fed30e97fdc Loading...

	www.googletagmanager.com/gtag/js?id=G-VF1NM4E7T8	ScriptElement	274 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-VF1NM4E7T8 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 10:15 Last Seen2023-11-30 10:15 Times Seen1 Hash 4d2c5334be58bcdd23cb60029131e06f bda44d9c2660a8a96b88c685c9386517fd4a181f 3b4c9a454d7162ab0c14243352c250961224e9911feb60ce84cf1b08833ed7d0 Loading...

	www.fortect.com/creative/fix-pc-issues/js/script.js	ScriptElement	2.9 kB	2023-11-17	2025-02-15
Pretty URL www.fortect.com/creative/fix-pc-issues/js/script.js IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 22:33 Last Seen2025-02-15 14:56 Times Seen36 Hash 403f4564e4daaae88db4d6bcb7401665 1573e984ee90ab906d63b4a7598765cf18a772cf d13210fe9bdd6de40bbe8278fc3f7632c19987a370c75684fb2cc0926d0af3d6 Loading...

HTTP Transactions (33)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js

216.58.207.234

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
30 kB (29839 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /ajax/libs/jquery/1.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29839
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:34 GMT
expires: Fri, 29 Nov 2024 04:48:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 15973
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js

216.58.207.234

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
30 kB (29839 bytes)
Hash
b04a3bccd23ddeb7982143707a63ccf9
4a5dc1389aad050a44ee5e81408238a317ab3413
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

HTTP Headers

GET /ajax/libs/jquery/1.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29839
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:34 GMT
expires: Fri, 29 Nov 2024 04:48:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 15974
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.fortect.com/creative/fix-pc-issues/src/trust-img.webp

104.26.2.16

200 OK

362 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/trust-img.webp
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
362 kB (362136 bytes)
Hash
8132ebe2a919f64c41c2f45b68bdcada
f8381d9cdf2174ab6bcd21785609fc65e5d42720
4f6cadd13647be75f96b6dc5fdcef9f75ee1308504fd22569eee32e12a7458be

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/trust-img.webp HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-length: 362136
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: "58698-5fe3f434a6746"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGRj6OQnLlRE7cqPd0K5INVkdSvL4fjBtGRA61u7ysaVbM3fsA8MNoY5fZcKVcsv%2B%2BERdDWC4s9ChoKaEdFI7v5Q4Z2Jt5RVoGYUjIV1WOVDg1B%2Fy3reJP4V2OHmwGGB8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb72bb750afa-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972

142.250.74.168

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
89 kB (89192 bytes)
Hash
8df15ee99d4b84aaf502072622a654c2
32160fdc32c4ea8e720309fb53ee391dd84172db
9fb1edfb04376add049f8a824061343b6e5877fa4bf7d01b69c9570a13f8147e

HTTP Headers

GET /gtag/js?id=G-E4ZHLMS972 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 09:14:48 GMT
expires: Thu, 30 Nov 2023 09:14:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu

104.26.2.16

200 OK

106 kB

URL User Request GET HTTP/2
www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (586)
Size
106 kB (105466 bytes)
Hash
5705ffd67f1277b337dfe40d577b6692
71efd16759d9b64c07679e3569fc301071e41df5
a1cc37e285c912adfdfefc9a81869e4bdc1192877fd4bbe485259daa7838e9c8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:47 GMT
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; path=/
_refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com
_testcookie=test; expires=Thu, 30-Nov-2023 09:20:47 GMT; Max-Age=360; path=/; domain=fortect.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gicv5mzsm3dJYCmf6M6NhVsMRwMB25g4yVvLVOrrDJIOyQcCBMbJsoV32MtQlCK%2FFxZfz%2FnlcHrqdUIvcSue5%2BydnZ0zO0PiKqbTrmC3JtV0V3T2muUrxi01qyFOPHjsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb6f59e30afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-5KRZPKQX

142.250.74.168

200 OK

44 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5KRZPKQX
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (2213)
Size
44 kB (44331 bytes)
Hash
41e5faaf96d7c5a38897e469fb18dc13
986f92439393790134de67ef6bf5df6738c5a039
4892cf09c9d5cfe4b9d0007c2856120db49b80f6c1af1aba120a5fed30e97fdc

HTTP Headers

GET /gtm.js?id=GTM-5KRZPKQX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 09:14:48 GMT
expires: Thu, 30 Nov 2023 09:14:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.fortect.com/creative/fix-pc-issues/src/logo-footer.svg

104.26.2.16

200 OK

93 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/logo-footer.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1198)
Size
93 kB (92844 bytes)
Hash
2018bc0ea239cb5311abcd81d16f3b50
61676b1e5108458cbaf7435cab335d140512363d
11a244ea54ee7a57d4b670e70cb70ae5f76810f17ee991879886a085300e3e01

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/logo-footer.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: W/"239d-5fe3f434a6746"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quDDaGvGE%2Ba8y1DHyxUpiJ42XZN4cUcY%2BOsgftslqrtk25Rt4XkECEhoiq1ENOnUc073rv3i9aCA1ixSAD03k1T07EWDUg3AK4ROGOCtZvcEMpxdVc947RLoLmjAlEBzUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb72eb890afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/microsoft.svg

104.26.2.16

200 OK

347 B

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/microsoft.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
347 B (347 bytes)
Hash
139f8c932f943c66b8389dd2e5c47699
f3cea439c054c2f6196a34f675526dc655c0506a
7e47906b881611d378997fa72b06e56db0478c57abddca5cb39dcb2387122235

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/microsoft.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:56 GMT
etag: W/"252-5fe3f43c0ae06"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSNNAoBXJkEdlHpwL7%2BcwQk6Q%2BOh%2FHRjdIfrHsGJO2a8UjLku%2FWcFgE%2FmDxjvcOySoRteLp1NcYB9Y8%2FQVx0gm5YXOSgTpboEEumPXK8DN8uDxpLJRQgswSNDjKIX3YJVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb72ab6d0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-E4ZHLMS972&gtm=45je3b60v874595246&_p=1701335692535&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989531229.1701335693&ul=en-us&sr=1280x1024&_s=1&sid=1701335692&sct=1&seg=0&dl=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex_src.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dr=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dt=Your%20One-Stop%20Solution%20for%20PC%20Repairs%20and%20Performance%20Optimization&en=page_view&_fv=1&_ss=1&_ee=1&tfd=613

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-E4ZHLMS972&gtm=45je3b60v874595246&_p=1701335692535&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989531229.1701335693&ul=en-us&sr=1280x1024&_s=1&sid=1701335692&sct=1&seg=0&dl=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex_src.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dr=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dt=Your%20One-Stop%20Solution%20for%20PC%20Repairs%20and%20Performance%20Optimization&en=page_view&_fv=1&_ss=1&_ee=1&tfd=613
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-E4ZHLMS972&gtm=45je3b60v874595246&_p=1701335692535&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989531229.1701335693&ul=en-us&sr=1280x1024&_s=1&sid=1701335692&sct=1&seg=0&dl=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex_src.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dr=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dt=Your%20One-Stop%20Solution%20for%20PC%20Repairs%20and%20Performance%20Optimization&en=page_view&_fv=1&_ss=1&_ee=1&tfd=613 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fortect.com
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.fortect.com
date: Thu, 30 Nov 2023 09:14:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-E4ZHLMS972&gtm=45je3b60v874595246&_p=1701335692535&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989531229.1701335693&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701335692&sct=1&seg=0&dl=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex_src.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dr=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dt=Your%20One-Stop%20Solution%20for%20PC%20Repairs%20and%20Performance%20Optimization&en=view_search_results&ep.search_term=direct&tfd=5622

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-E4ZHLMS972&gtm=45je3b60v874595246&_p=1701335692535&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989531229.1701335693&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701335692&sct=1&seg=0&dl=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex_src.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dr=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dt=Your%20One-Stop%20Solution%20for%20PC%20Repairs%20and%20Performance%20Optimization&en=view_search_results&ep.search_term=direct&tfd=5622
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-E4ZHLMS972&gtm=45je3b60v874595246&_p=1701335692535&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1989531229.1701335693&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701335692&sct=1&seg=0&dl=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex_src.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dr=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu&dt=Your%20One-Stop%20Solution%20for%20PC%20Repairs%20and%20Performance%20Optimization&en=view_search_results&ep.search_term=direct&tfd=5622 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fortect.com
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.fortect.com
date: Thu, 30 Nov 2023 09:14:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.fortect.com/go/route-website.php?channel=website&lpx=lwdu

104.26.2.16

301 Moved Permanently

21 kB

URL User Request GET HTTP/2
www.fortect.com/go/route-website.php?channel=website&lpx=lwdu
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type

Size
21 kB (21303 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /go/route-website.php?channel=website&lpx=lwdu HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 09:14:47 GMT
content-type: text/html; charset=UTF-8
location: https://www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com
_source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; expires=Mon, 29-Jan-2024 09:14:47 GMT; Max-Age=5184000; path=/; domain=fortect.com
_testcookie=test; expires=Thu, 30-Nov-2023 09:20:47 GMT; Max-Age=360; path=/; domain=fortect.com
marketnetwork_subid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=fortect.com
accept-ch: Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Invx0m7sL6s8n5SLyECAQu%2FKJE2o2ne56fDQJQmWZJBoAq8fkKbku7HL3NTR7d30BzXie7r40lJ1%2FCpfUEdYuWB20UfpI2ymyOBrYBH2%2B8MfRK%2Bqva3hz9RUcWVORYtAQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb6de9290afa-OSL
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/css/style.css

104.26.2.16

200 OK

14 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/css/style.css
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
ASCII text
Size
14 kB (14267 bytes)
Hash
eddd16f9e00733736d3555d94717f681
328ad59be417bb5445bc67b669b56205f26f5f5d
5f4aa79696e10e5e53a4ce6232a6bf7a1747be009afd36c138483fdbba71b82a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/css/style.css HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
last-modified: Thu, 30 Nov 2023 08:47:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4l45olnVxj51uk6fYGbk9jgYTDGq7nmVWSkoW08RM1O8fmxGyzNO6YRZM9QCZr8QAw2%2Bifa2y%2BsuLiwViLTg93N%2BB53sUMWwpudgo%2BBnco8q6kIQ9XZTCxwP0atM9zZQCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb728b540afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972&l=dataLayer&cx=c

142.250.74.168

200 OK

263 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-E4ZHLMS972&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
263 kB (263203 bytes)
Hash
32c81cd8a98d9ded2b04b18d2d120436
9443b3f0901cf4235ad426874be6dc75fe9f0d40
1981c8ec9c6395bd11391f80d3dd1fbacba6e5ed00c65df490cbe4da543b364c

HTTP Headers

GET /gtag/js?id=G-E4ZHLMS972&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 09:14:48 GMT
expires: Thu, 30 Nov 2023 09:14:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.fortect.com/creative/fix-pc-issues/src/Roboto-Medium.ttf

104.26.2.16

200 OK

169 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/Roboto-Medium.ttf
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Size
169 kB (168644 bytes)
Hash
68ea4734cf86bd544650aee05137d7bb
3c6a09fcc6a454924c81af7dff94fc6d399ed79b
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/Roboto-Medium.ttf HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/css/style.css
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu; _ga_VF1NM4E7T8=GS1.1.1701335692.1.0.1701335692.0.0.0; _ga=GA1.1.1989531229.1701335693; _ga_E4ZHLMS972=GS1.1.1701335692.1.0.1701335692.60.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:49 GMT
content-type: font/ttf
last-modified: Fri, 16 Jun 2023 13:35:56 GMT
etag: W/"292c4-5fe3f43c09e66"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBm0cWuaFfhzhaJqEo1xGcrmkFsHSb9mCpPOcTU4vx3pzKFqkI8jcN6lzzakqVQD7JQc5yUwDuJdRboavIL0yrss3atN9K%2FUJPCIxyCvD8pCK%2FaAoWNcNLzplD2iPoiHxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb763d280afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu

104.26.2.16

200 OK

62 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type

Size
62 kB (62535 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: text/html; charset=utf-8
accept-ch: Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu; expires=Mon, 29-Jan-2024 09:14:47 GMT; Max-Age=5184000; path=/; domain=fortect.com
_testcookie=test; expires=Thu, 30-Nov-2023 09:20:47 GMT; Max-Age=360; path=/; domain=fortect.com
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrbfeCuiBWXbN6wL4%2FXGbsszkuY1XX3Gwv1do1brFydLXvfYY59y4jnHNdjVFRMvB6vlGfbRVJxnTxycTf9oV2ykXRNqI19R1D7dQYEduYDGGhefET%2BygWcdWH6AktM6bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb718ae40afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/js/language.js

104.26.2.16

200 OK

188 B

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/js/language.js
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
ASCII text, with no line terminators
Size
188 B (188 bytes)
Hash
81ee609e4938ddb77737ae09f57a0bf6
f5ab8aceac3f1cbffd55557cd1080a57031e1426
9e2b9b0685146961e43e41e981d95840d5e2e2577424d648e2c9951a1809629f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/js/language.js HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: application/javascript
last-modified: Fri, 16 Jun 2023 13:32:13 GMT
etag: W/"bc-5fe3f366f7594-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Bu7z2sOHXQfCWpCkHkxB7G%2B6otL9nlYXXCBQIJeN%2FF8RYksmGtNqzxkc971Nyegda206lB55NzbSV3Pgi4s9hyq5K3%2Fz51L9khPrik0gXGa2mIHqs34tl43wHefT9vbIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb72eb8d0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/js/script.js

104.26.2.16

200 OK

2.9 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/js/script.js
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
ASCII text, with very long lines (3022), with no line terminators
Size
2.9 kB (2934 bytes)
Hash
e96316ab76986fdfd6e605225aa467ee
7aea84a16732d749c6e8b59be848be3a75295984
a7d50ead61ca86e3569761b06535da524af41ede3b514e1a7394d45c211ea05e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/js/script.js HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: application/javascript
last-modified: Tue, 03 Oct 2023 09:30:26 GMT
etag: W/"b76-606cc8a7120e5-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NKpwqEd%2BzD3tJiBp%2Bet20x2c13X97MQAbGAQ93VwPem2Nkjfg02DQSCghFJfn%2FsNxLsx9%2B7Xj5TSzb2GbHbl7axWwU6RyA9NGJVmX6rlBNhCJ85P8y4KKhxGahyOtd3lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb731ba70afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/about-img-1.svg

104.26.2.16

200 OK

19 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/about-img-1.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2964)
Size
19 kB (19209 bytes)
Hash
f1c8384ae95243848fbab3f7ec7e0324
eaab15897c82242b72a58f2e80f5aaacb89fc26d
1ab98046009429bea361e19782143f553f28954ccd57a11a7984c5b8b7d93326

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/about-img-1.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:56 GMT
etag: W/"4b09-5fe3f43c0ae06"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYh%2BNb%2B19w%2BqHz2mR6JpFb1DAE6wtID5w6ZNFA7ZII%2B60Xu0Q9p0XSTdWI3utic%2FL4GrymAWfzsOjWGnkWp2zAeUYn7oy30O6MnLSlV%2BaiyT0fY%2F2A%2BUx6csCeekTsS6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb729b670afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/download.svg

104.26.2.16

200 OK

568 B

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/download.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (613), with no line terminators
Size
568 B (568 bytes)
Hash
9cc15d4181264168d9ff161996270a6b
f91c9b90c554083fd47bf7ba65031bfea5674d14
3e9e1d6ac306269cde10f0843eb2ea5f572045c45bcb5634e48925b48e873ce0

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/download.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: W/"238-5fe3f434a6746"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmXZNi3DrLnYYPzqjzi6qE6Yt6JwbJnLOEF1Y3ha87ITOBDoAHxIxCuPIbzr6Gu9KbnRlyidg5Xw2Q4UVXYLtd5QvXu1h7e8DdmvMCfMfX3yQJS5rTZGu7j%2B1%2BB%2F1RhdpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb72bb730afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/assets/scripts/cookie-note.js

104.26.2.16

200 OK

666 B

URL GET HTTP/2
www.fortect.com/creative/assets/scripts/cookie-note.js
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
ASCII text, with very long lines (708), with no line terminators
Size
666 B (666 bytes)
Hash
a5784504ee319abc6458fac32270c260
40c4e3f9a293c72e6506e6014cc8a560601e80f9
10848e003e44c69caae3b8c85af2e0de4aef529a78c91a3b7d437ef52f49b2e1

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/assets/scripts/cookie-note.js HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 10:58:51 GMT
etag: W/"29a-5d80c6b19594f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N522KWv92ED2vTZLhnCyCKFRsEJp0p%2Bjcuue6QvnF5cqA%2B1AdAJRqxizS8pkXD1HioF9UEErv8PlZM1cSlSn2Y9l8HLX5jfS1LA2tOtQw0Mla%2FqYzbE27DPNGRuafLcOBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb72eb8a0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/js/platform.js

104.26.2.16

200 OK

45 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/js/platform.js
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
ASCII text, with very long lines (570)
Size
45 kB (45200 bytes)
Hash
d1d5098bbfc3fa28ea05dfb2f8159da3
36295b913e38f9aa121cec62e540a8d1887ca1c8
be3e043c34528b38fcbdd77247f30ffaba46a97ad10f10683f5ed81515d33d46

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/js/platform.js HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: application/javascript
last-modified: Fri, 16 Jun 2023 13:32:32 GMT
etag: W/"b090-5fe3f379739ba-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ76D5m7v6S4%2FYdn7GhMYW594Df6S%2Fm009k3gKNWKsqfusqHO00HrHHrukLil38UtyvECzS8r99q1%2FmspzSNufN8cn39nRRwQ0J8OEz%2BO63U2WZxcQad%2FyRROoH8Jkm%2Fnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb72eb8b0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/favicon-16x16.png

104.26.2.16

404 Not Found

7.7 kB

URL GET HTTP/2
www.fortect.com/favicon-16x16.png
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8124), with no line terminators
Size
7.7 kB (7660 bytes)
Hash
d8dbb5271f13f1824bc64ad4e6004e6d
cefc79a19208bf4e0127d20757c0fe3c8944071d
5c865df2d8423992f179afc3c0121684330d8339a8ebaa93b37a028c31ffd511

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXOJMJcMFTfd8to1Aii5BX1U3K4g4hZjKeBOGF9sKMPXK4FW5wvWUR0QXlTTpQWE4whFK9j7%2FXmCKnjGWU0TMHiNihub6lHi%2F8P5AQ6atiLc%2FVBqhElqWKemxkQ5041WHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1fb722b2a0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-VF1NM4E7T8

142.250.74.168

200 OK

274 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-VF1NM4E7T8
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
274 kB (273727 bytes)
Hash
4d2c5334be58bcdd23cb60029131e06f
bda44d9c2660a8a96b88c685c9386517fd4a181f
3b4c9a454d7162ab0c14243352c250961224e9911feb60ce84cf1b08833ed7d0

HTTP Headers

GET /gtag/js?id=G-VF1NM4E7T8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 09:14:48 GMT
expires: Thu, 30 Nov 2023 09:14:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/Manrope-VariableFont_wght.ttf

104.26.2.16

200 OK

165 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/Manrope-VariableFont_wght.ttf
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
TrueType Font data, 19 tables, 1st "GDEF", 31 names, Microsoft, language 0x409\012- data
Size
165 kB (164936 bytes)
Hash
cf98436d65175c509540014c3189fbc6
1b4df48059f89147cf4f2e29d2d6a22ce1b6e7fe
42814a407491bfe54e4bfbc51ff6500d39445e49cc3feedea984cb5a768b04aa

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/Manrope-VariableFont_wght.ttf HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/css/style.css
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu; _ga_VF1NM4E7T8=GS1.1.1701335692.1.0.1701335692.0.0.0; _ga=GA1.1.1989531229.1701335693; _ga_E4ZHLMS972=GS1.1.1701335692.1.0.1701335692.60.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:49 GMT
content-type: font/ttf
last-modified: Fri, 16 Jun 2023 13:35:56 GMT
etag: W/"28448-5fe3f43c09e66"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nm3UfrCfc2ZRZBou9quakgENCRD9Yeq%2FpB0kpnt5uwL2AHJnTYi7VrQXojpiaez6Im3vpjHLWcj9VDe6JYqQOJbS0kpYGWiCqbKf8SFv8Q%2B4Kx4SN9s5VrtG4NW8U48OLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb763d270afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/Roboto-Regular.ttf

104.26.2.16

200 OK

168 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/Roboto-Regular.ttf
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size
168 kB (168260 bytes)
Hash
8a36205bd9b83e03af0591a004bc97f4
56c5c0d38bde4c1f1549dda43db37b09c608aad3
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/Roboto-Regular.ttf HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/css/style.css
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu; _ga_VF1NM4E7T8=GS1.1.1701335692.1.0.1701335692.0.0.0; _ga=GA1.1.1989531229.1701335693; _ga_E4ZHLMS972=GS1.1.1701335692.1.0.1701335692.60.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:49 GMT
content-type: font/ttf
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: W/"29144-5fe3f434a57a6"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GO%2FPoWBRODiJfUhyyKd6AGIq37HqupLWgWikVwZ9HmsQUCKNsyNr7Kpg2scOzlqrRDZK47FGol9c2BjVZfgPXO1Apb8c%2B8auXnVEDBjEH4VDAZZs%2B%2BTUaKutLNm26q3MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb763d290afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/logo.svg

104.26.2.16

200 OK

9.1 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/logo.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (9297), with no line terminators
Size
9.1 kB (9144 bytes)
Hash
c4e03a8bd3748372047e237832babc81
fc9708298567b28e864df1ff1a7a174c1a155a92
b191e99b7968f53b77fa9d73e1e4da3c90c36ab2ffff9faa21bebdbfe5433b96

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/logo.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: W/"23b8-5fe3f434a6746"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr0W5CXhybSMcruC53BwY4CAtNWiCmSRfuN1zru2jfNeqiCLIGhxbeKgId04WuylUr2np8iCz%2F%2FyIDUmbFO%2BQH95BB1LQ9b%2FM%2FIMXic0jKhn2Vov4Iu6ISjTOaO4NnnaYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb728b550afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/trustpilot-star.svg

104.26.2.16

200 OK

384 B

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/trustpilot-star.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
ASCII text, with very long lines (407), with no line terminators
Size
384 B (384 bytes)
Hash
fbde4e3417d5f3bc5ace05744a8ca2d9
8c1b87ff6de8442da203e469543826be2505662f
2852a17a9acb98bd2f0150b8f33ae53dde27dd1055dc1ea228f8fcd4eb850115

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/trustpilot-star.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:56 GMT
etag: W/"180-5fe3f43c0ae06"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcTbK5vwcOe2Sc3nGjymFZw3AOlJHryXxhxORO1Y1qjkBdl9cCUIKC%2B%2F44BkRIBss2DkqwkIlWpwKmTrJSv2OVqBzIVAuISP7mafEkbloMdn3IMRahqJgDuo50Hbj0tTpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb728b590afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/trustpilot-half-star.svg

104.26.2.16

200 OK

501 B

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/trustpilot-half-star.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
ASCII text, with very long lines (529), with no line terminators
Size
501 B (501 bytes)
Hash
4d4254ff601de03651565fe8d6e11967
a04ec323aa2415748e7e0175d592d62a26439be2
1ac4ad180650a6431008eed052ffeb47dd2e2d3ab1a37f0039047bc6ce584e69

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/trustpilot-half-star.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: W/"1f5-5fe3f434a6746"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVb%2FnZQkXd0AD2CjwjbwXRZSXrCoYqRvXJIkxxbsjs6TNeu4YUqk%2Fc99IoGviwW0kU0D8VkYDyvX86msuDU1%2FxsbifQA5vrjIPAYtc%2B4pkJ44BPgAe%2FdAT3JPi3c0Yk%2B%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb729b5f0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/trustpilot-logo.svg

104.26.2.16

200 OK

8.7 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/trustpilot-logo.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8699), with no line terminators
Size
8.7 kB (8677 bytes)
Hash
bd21a6091e4f58a0dd511437fcee9133
15f4dfb60c4f172cf72eb873956e65184682035a
584388817fbe6bd7e4a2769817a703f545f1c8c4fa71eeed419c9429bfb7ccdd

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/trustpilot-logo.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:56 GMT
etag: W/"21e5-5fe3f43c0ae06"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eYoRamAkYkKjgLLiog50b2%2BUcqzAIQV10wlPpjEYqtesALKa59OBVPMqpd4FLrh59tWEjUNh4yuqPgeWXYgLt2JeCcjCQt1%2BoxP2j19i9xa3CuQjUXg7r7%2FIOEBYdHoKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb729b630afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/about-img-2.svg

104.26.2.16

200 OK

14 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/about-img-2.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1333)
Size
14 kB (14236 bytes)
Hash
ad33ed0d9d5400cdb73d0137d5c8912e
a15047f933d40d6bf1dd6f3774e625fc1341911a
e348041d0d4b714a184bef297568d8d7beb803eb63d8ead19c8a9b3442834296

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/about-img-2.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: W/"379c-5fe3f434a6746"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4Lbowcba%2B6US7BrrbrA%2FQu7B0DxNnPPtGTyLtJlQsypUgas%2FoCGYoYoPlR6Fnk%2FC6OcxJDiRb6wAyPukekT%2BYdQKmenuQSMiyHSsTqfKLQ2W1Ynms7wLbnzES8Z%2B3flOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb72bb770afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E4ZHLMS972&cid=1989531229.1701335693&gtm=45je3b60v874595246&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1435237822

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E4ZHLMS972&cid=1989531229.1701335693&gtm=45je3b60v874595246&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1435237822
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E4ZHLMS972&cid=1989531229.1701335693&gtm=45je3b60v874595246&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1435237822 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 09:14:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/about-img-3.svg

104.26.2.16

200 OK

88 kB

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/about-img-3.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12022)
Size
88 kB (87848 bytes)
Hash
c006d9dd4fe3842f117fef099656ac8e
373b3b74862c83b5c13de0d25388ec1b8f1e67fb
c6bcc1a2f34362fec58d6ef64fb7da9d3b904cef96aadeaf920f162fd4ca8378

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/about-img-3.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:56 GMT
etag: W/"15728-5fe3f43c0ae06"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ms62Wt6xHEvdrTyxPquatml9%2BI7gLT10sfEDpt4tkZvzj%2Fvdy2spGmmcuyBb9Wb3ECUUIduFewU3KVv96cc77uvtuUd7UyuoZTjtKokLA76owKQKMw9T10YuujGOmvrFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb729b690afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.fortect.com/creative/fix-pc-issues/src/select-arrow.svg

104.26.2.16

200 OK

439 B

URL GET HTTP/2
www.fortect.com/creative/fix-pc-issues/src/select-arrow.svg
IP
104.26.2.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.fortect.com/creative/fix-pc-issues/index_src.php?channel=website&banner=direct&adgroup=direct&ads_name=direct&keyword=direct&lpx=lwdu
Certificate
IssuerGoogle Trust Services LLC
Subjectfortect.com
FingerprintF7:E7:28:BD:54:FF:FC:BC:69:D6:F8:9C:2F:6C:42:A7:72:51:A4:12
ValidityThu, 16 Nov 2023 12:52:50 GMT - Wed, 14 Feb 2024 12:52:49 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (473), with no line terminators
Size
439 B (439 bytes)
Hash
7a64d54dc9cdb2832298aea62abc93f5
86fe5914b2031ab378e1197b99f929f8a2e48410
d34cd2768e8fbc73f3c73b659f9683bc6cef129993395479b8759a48a0dfab6a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed

HTTP Headers

GET /creative/fix-pc-issues/src/select-arrow.svg HTTP/1.1
Host: www.fortect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.fortect.com/creative/fix-pc-issues/css/style.css
Cookie: _source=%2Fgo%2Froute-website.php%3Fchannel%3Dwebsite%26lpx%3Dlwdu; _testcookie=test; PHPSESSID=ii3tdn2a4dsnhf07qbop5mpbvm; _refcook=https%3A%2F%2Fwww.fortect.com%2Fcreative%2Ffix-pc-issues%2Findex.php%3Fchannel%3Dwebsite%26banner%3Ddirect%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26lpx%3Dlwdu; _ga_VF1NM4E7T8=GS1.1.1701335692.1.0.1701335692.0.0.0; _ga=GA1.1.1989531229.1701335693; _ga_E4ZHLMS972=GS1.1.1701335692.1.0.1701335692.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 09:14:48 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Jun 2023 13:35:48 GMT
etag: W/"1b7-5fe3f434a6746"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgX5F52vanSOygfIjHj3kL9PfSqeKvDMo7julAVmhtuUmyTEXhBAsfnrjpjMEGwbVONoldiytVR3e4n%2FEL7ElWXC1PadMkUGHCBhmZhtbAZ944NlJH3PMiDgJnXohEKF%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1fb763d260afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by