Report - www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}

Report Overview

Visited public
2023-12-03 07:37:47
Tags
fake_software scam
URL
www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Finishing URL
www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
IP / ASN
104.21.23.149
#13335 CLOUDFLARENET
Title
セキュリティセンターコード0x268d3サービス
Scam - Fake AntiVirus / Security software

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	2.8 kB	246 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	546 B	36 kB	142.250.74.74
www.page-oqicidkj.site	unknown	unknown	No data	No data	21 kB	1.5 MB	104.21.23.149

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (31)

	URL	From	Size	First Seen	Last Seen
	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	152 B	2023-10-30	2024-08-20
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-30 01:57 Last Seen2024-08-20 21:52 Times Seen64 Hash c7e4040b1f8eaddf4727c0993448f66f 45ab98979bbe2cc1d701abee5d35f5966214b083 6de38ea99d2ad5215899ef23c6a20fa263ab71ed0bb300ae4bc69f8d69e35b51 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	411 B	2023-03-07	2025-01-07
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-01-07 17:24 Times Seen550 Hash f0377b86e2049f89993a85c91de05c2b 49061b39e1dac235a40838d6e1cc4ee7d6bd493a acd76ae4519d08297507ed2928fb33f9b7a93a01f1e2ff2ddfaecd8117307eca Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	51 B	2023-10-30	2024-08-20
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-30 01:57 Last Seen2024-08-20 21:52 Times Seen64 Hash e17f8a1d8978b1c8609bf5fefe2280d4 45f453694cf9ec4ee4825ca57d6c8f45d6889609 2d05ba5b46dfe1734c32d1c465fa5bda11fbb846d9ae505ee6b3f5201b55aff4 Loading...

	www.page-oqicidkj.site/lO4817/0ba4617d42ccfd400ebdd5211823c76a.static.js	ScriptElement	1.5 kB	2023-03-09	2024-08-21
Pretty URL www.page-oqicidkj.site/lO4817/0ba4617d42ccfd400ebdd5211823c76a.static.js IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:49 Last Seen2024-08-21 05:49 Times Seen96 Hash 59c5159f91148b7342a7b1f6e3c33761 f0753b57a78149289678e563c31c037732b22789 2eab8159d68bcb5d22e364efe3bb68614867a340e6aea0d9e479790e9c8db0b7 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	466 B	2023-10-30	2024-08-20
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-30 01:57 Last Seen2024-08-20 21:52 Times Seen64 Hash 6553ee1480b185be1ee2bb53cd9bd4ec ec2415435ee420987b0b71e71bf1b5b367bf8068 9301ad423db3d0f7cc74ac5638124e4523b33d2a10dbd32891bae91eeb340f94 Loading...

	unknown	EventHandler	19 B	2023-04-10	2025-05-09
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-05-09 00:49 Times Seen7862 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	36 B	2023-03-07	2025-04-30
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-04-30 14:41 Times Seen338 Hash 98974a127dd729248b555d6976ec761a 627a4bab7f3f51ecc506131a0e74551869767289 cb75a582376bf15206582694413711066bb6fef62c60c4f8ac9d0ff78e13e843 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	350 B	2023-03-08	2024-08-21
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 21:46 Last Seen2024-08-21 05:49 Times Seen96 Hash 099bb8b91785b3673fc53a065ab66b04 b49a37831cf64eee85d7cf12f7dfe7dbffff5053 48476bddf9e6df40b23ca10b4039bc288928d15b193fe7b89978d89e1910dffa Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	21 B	2023-03-07	2025-04-30
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-30 14:41 Times Seen1187 Hash 011a84e54de113cd8bee0e17ae8aa515 e84b14b6ec396b1ab045b7e667f90536cd5c6083 13fcca4523b328c51789df37af5275739fd57abf684e5d3658e7d69210f9ec53 Loading...

	www.page-oqicidkj.site/lO4817/20c8c7fe6f006fc0d2c7ce7467772161.static.js	ScriptElement	11 kB	2023-03-07	2025-05-10
Pretty URL www.page-oqicidkj.site/lO4817/20c8c7fe6f006fc0d2c7ce7467772161.static.js IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 03:39 Times Seen2470 Hash 65f1d21d5fcc9d21da758adababd0c3c e0661d07d64c00008bc9d013d16eec0a0f156dc7 d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Loading...

	www.page-oqicidkj.site/lO4817/01e5b1c29824bd5beb5209d713a6075a.static.js	ScriptElement	360 B	2023-03-07	2024-09-19
Pretty URL www.page-oqicidkj.site/lO4817/01e5b1c29824bd5beb5209d713a6075a.static.js IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-09-19 22:04 Times Seen137 Hash 8ebbb38cf682d5f27d96161903328daf 8e29ad053a028798c1dcd0cf14383d037163591a 84dc46d971b2c1c746b96ef8e1d5a16b744f54e9a4a81a2324e3a5be2eb4788b Loading...

	www.page-oqicidkj.site/lO4817/e79389f117463e86054da2a2618c61d5.static.js	ScriptElement	483 B	2023-03-07	2025-02-04
Pretty URL www.page-oqicidkj.site/lO4817/e79389f117463e86054da2a2618c61d5.static.js IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-02-04 17:54 Times Seen1040 Hash 1254046725b03e59683adbe0fde59733 68c8cdda387b198b7f28bffe39868b476654ddae 0497656a00a2f66cfd258237bfcb20ac0367bd2bbd90a01de0466e18a56a28b4 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	16 B	2023-03-08	2024-08-21
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 21:46 Last Seen2024-08-21 06:01 Times Seen103 Hash 2b7b5b722393c27afca9ad321bc09951 e3efff4ec3a824d90191d1c97617dba10c2d1ff0 fd22e3d7d8c64d826838374359257655b1367283ab3c1d4912463af582412a9c Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	440 B	2023-03-07	2025-04-10
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-10 12:38 Times Seen603 Hash 00fadc8947f0dbbdeae061e8fd0b1921 d8969451c66ff82ad37e7cc56a9da4d63259df8e b5c7cb0438303e8d088cc38f3a241829f76813cc14e0fcfb2c797a0c62e1ca24 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	3.9 kB	2023-03-07	2025-04-17
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-17 15:44 Times Seen670 Hash 3139f7d4c337fc7ea46b9a9730008e52 4938996f8712f57facebb2d5ed622a49c0ea95f0 4c66d3873787387414ffa9fe6a26555cfcf4e8dc271f32c8291390d10bc35974 Loading...

	www.page-oqicidkj.site/lO4817/d6b687e8d37a75659e591944749dd627.static.js	ScriptElement	86 kB	2023-03-07	2025-05-10
Pretty URL www.page-oqicidkj.site/lO4817/d6b687e8d37a75659e591944749dd627.static.js IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 10:37 Times Seen173981 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	499 B	2023-03-07	2025-04-10
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-04-10 12:48 Times Seen123 Hash 0652f8a2ba8a4021ad96171ab02b7cb5 82c577c4765f626b889ba05b43e92fff99b955f2 dc5b62951dbcf2dd9abef8bfbfbf9a2b7dd1b14e674d5c40c783963919a50f53 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	146 B	2023-03-07	2025-04-30
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-30 14:41 Times Seen967 Hash 01c7c3ae0abdb0272bf7bd209dbb84b2 bf44fb29c253e6790a29c47d3aba9e316a35b8b2 b63a8c8faf6e973bdbe4b87efdaf0bdb4fac88eebd573eba529d75467e4e0a0c Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	268 B	2023-03-07	2025-04-30
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-30 14:41 Times Seen940 Hash f79dd5e30c3ffc1f47cb576925817390 f1e0088b7aaed01974807ca980dc7310bc73bee2 c091a178652a39bea6ffed82b2517edf4046b3fbf84cf1a754b29861d95af80f Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	755 B	2023-03-07	2025-04-10
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-10 12:38 Times Seen637 Hash 4e2f05b574fedaf91f2512387645cc58 ea0cf59a0337bae5fab7ef33718cb5743475b774 a72cb2c772959b2af05bb5fa7aa8c44fb1c3fb2645180874f6758b761307890a Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	86 B	2023-03-07	2025-04-10
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-10 12:38 Times Seen640 Hash c29ebcb02d59af397a5eec3b649acf42 900496a5912defe85a3a8fcf77bb4526f9bec22c 56bc284830b8a74f516c857972a0b2d2c8d288b29e9871e5df3c7fe421f3ef0d Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	123 B	2023-03-07	2025-04-10
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-04-10 12:38 Times Seen120 Hash 40efd9b9bb144163927d4cebbb652483 955b56682591b523e57580c4224c75efb0938b63 8dc7ba0961a7319845cbbeb789ecb7a43abbcd91d6a9f6c06435b9aa6563d67a Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	394 B	2023-03-07	2025-04-10
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-04-10 12:38 Times Seen120 Hash 8bb82b9303ec3b7d41e33d0dfb85a487 7d95cdc6b3af127c5a3c2e3b009df3408a3b9c0d 44ef42b30d768361bab9f38af6a828f7e368248d236e93248a0f9afa5da8519c Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	140 B	2023-03-07	2025-04-17
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-04-17 15:44 Times Seen223 Hash b61b8e3d409bb003a4b67343fec90125 57f046a023b28f873dd434928edbda24ab6642a9 929cf4f40de951d3cf3f582220c25a7eb0080ef5810adcf1a7f7e01569d1bf81 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	145 B	2023-03-07	2025-04-17
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-04-17 15:44 Times Seen223 Hash 4bebc37ed90f1ede923a6070f9d968cf c5ebfcf479b5dc0cae5d165dd3c95d6adf48e209 ac3b64e73a9d42ca79d6ebe334d8a7ba0262a7dc50774cd0ab8fc4e4533734a6 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	155 B	2023-03-07	2025-05-07
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-05-07 22:24 Times Seen237 Hash 2987190b25a4d21711ac736d3be85de3 1a2619f15cf20b29765fb21f3564a2dd6a2cfb60 ef2c1fa8c0e307244f3f62dae3cfa6a99253950cbe59b11a287b617705a173b7 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	145 B	2023-03-07	2025-05-07
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-05-07 22:24 Times Seen237 Hash a279ee8f51bd8ad54a6dfbd6d875617f 1f0910115a6c98856b6410142f9e6e5140da9f5f 410035f51da981031a422a8ff8afd624db1077a2374d876d08375f99aa5f08f2 Loading...

	www.page-oqicidkj.site/lO4817/03978e09032efb49f1114ceef72ec864.static.js	ScriptElement	84 kB	2023-03-07	2025-05-10
Pretty URL www.page-oqicidkj.site/lO4817/03978e09032efb49f1114ceef72ec864.static.js IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 00:33 Times Seen2435 Hash f81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Loading...

	www.page-oqicidkj.site/lO4817/41360fddc51bc467a4625dd0996bd68d.static.js	ScriptElement	237 B	2023-03-07	2024-09-19
Pretty URL www.page-oqicidkj.site/lO4817/41360fddc51bc467a4625dd0996bd68d.static.js IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-09-19 22:04 Times Seen128 Hash 424165d04aaac003395f964590e6cb2d 3d041931a170de8ee9981122e0ae44ed05bfc29b f04b0a0a20f05bde21b16ad9e0ea1cef1ba49eaba5bf7eed03f3a8dd115240c8 Loading...

	www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}	ScriptElement	165 B	2023-03-07	2025-04-17
Pretty URL www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} IP 104.21.23.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-17 15:44 Times Seen282 Hash 1b679d8e5015e417fba4768487a9a820 1f068e74c440ef374c2eb6d19f42ba7f237fb64e 713bce5989ca2e8043931eb733ae37b3bcd5980332b8bc09780734513cb5e654 Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	0001-01-01 00:00	2025-05-10 10:54
Pretty Observations First Seen0001-01-01 00:00 Last Seen2025-05-10 10:54 Times Seen4643058 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (37)

URL IP Response Size

www.page-oqicidkj.site/lO4817/b0ec66984049bb7a0b34be76d856e46e.static.png

104.21.23.149

200 OK

364 B

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/b0ec66984049bb7a0b34be76d856e46e.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/b0ec66984049bb7a0b34be76d856e46e.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 364
last-modified: Thu, 30 Nov 2023 10:10:25 GMT
etag: "16c-60b5bdc3f7170"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0RsdK1WICTtCZrYhdt7aS3Nqin501epR66hWw4Ik4NdMx%2BKj%2F3kR0f5DXhU8G9PL9Ymj7YKW3ddI3S3Jy9rnQPPyzy7KlG%2FIvlk8AxFGReUy22NFVOru4kaAwHSKqfv6YwiEoUhQWc3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035af2b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/c075fb51f8347d886d7adb2f41364b5c.static.png

104.21.23.149

200 OK

3.8 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/c075fb51f8347d886d7adb2f41364b5c.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3834 bytes)
Hash
77a2ffc5545f87551d74781201de9b3b
c9c3798afd2ae95aa3bba3c428335d49c8255b06
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/c075fb51f8347d886d7adb2f41364b5c.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 3834
last-modified: Thu, 30 Nov 2023 10:10:18 GMT
etag: "efa-60b5bdbd191ca"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PDcrfn4XhCq0nh6%2Bs2IUY8BsucOztF%2FzPG2IneeLPulP12wuAKydDJiTc1neQQFnWCMbLOGW3rtIZnUOPJgk41SehvtvjVqI5bYQ7XEclUF9SKq68h13Y1v1Yc7WqEgS4gSrUgm5Im2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035afab4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/eebda2f8da7e379b91780cddd7f53a7f.static.png

104.21.23.149

200 OK

349 B

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/eebda2f8da7e379b91780cddd7f53a7f.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Size
349 B (349 bytes)
Hash
7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/eebda2f8da7e379b91780cddd7f53a7f.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 349
last-modified: Thu, 30 Nov 2023 10:10:26 GMT
etag: "15d-60b5bdc4ef28f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8IVv1vPuyWCyJGj13kBO8aJ%2BOx1nx40A7aVZiwo7dGVQ4K3xJlKnMlv6PfpK9OcMn%2Byty4svZIpMdcfUmuE9edyR8kK0E03UCMetbvRoTL0aBvwSWJOrdsp4YNQ4RBx0UZTAlpXAdPf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035af3b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/3606572a3f18fc9df88989e0af2b4d55.static.png

104.21.23.149

200 OK

1.0 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/3606572a3f18fc9df88989e0af2b4d55.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
bf2b460590fbb9d8e9611a6e9006b816
561e1dab259d61e798b3ce380527b71b61074ff3
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/3606572a3f18fc9df88989e0af2b4d55.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 30 Nov 2023 10:10:22 GMT
etag: "415-60b5bdc15d02f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sInX1al40R3ZtkZ8pwaBOdLQ%2FweNpkwJMsRy0AlSkqTzUfffblECuKCJ8NyS%2BYMk6b22m3jSGsAHFsYN%2Bndff%2FAvzsVckpDJW27SlwsVc29i3S9Z%2BR6SKx3tZSvd5VVgTkPtSwnsRPUo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035af1b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/3b5475040f17103f253d6bee48f5fea2.static.png

104.21.23.149

200 OK

1.4 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/3b5475040f17103f253d6bee48f5fea2.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 148 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1443 bytes)
Hash
5bfbcd30ce3355f8de3fb0536de70715
51fd9c511bc0d2e0e3fb23955575eacd94d5b9e5
dfcc16fd49167f62d2acb07ed991fb0535f5ca863c5c15cfa20cfd76c1b1cfbe

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/3b5475040f17103f253d6bee48f5fea2.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 1443
last-modified: Thu, 30 Nov 2023 10:10:14 GMT
etag: "5a3-60b5bdba08dbc"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eQc2CqaP10Wfr5zxInVVXk90c2wbrGV5Xpgi8LugFiauCBqPvxYGD7Gcrc5jws8HUWsUr%2BjuTwNhCrWKz0O1oaOJUei5oDg2VXINcVgPdperh8gZ36%2Ff%2Bt4eeDqWs4xhX60rAXO6UFL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035af0b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/7c3fadeffb547acd782e5d7898dabdce.static.png

104.21.23.149

200 OK

8.4 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/7c3fadeffb547acd782e5d7898dabdce.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8350 bytes)
Hash
0139bc5bdf466894ec687696e2dc65cd
5c0a326bfbd3ca27e73d36d8ea3fdfd8f8c53b1b
13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/7c3fadeffb547acd782e5d7898dabdce.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 8350
last-modified: Thu, 30 Nov 2023 10:10:19 GMT
etag: "209e-60b5bdbdf4dbf"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJhpuTyZRjdeACac2cdS%2F4d9P2XFi%2BoRnfymvbBj2BOYyri%2FZCMF9XSOcee82hpVYLSsi5dCJjsLU4gIyv1VR1o0Emg%2FFUllz8SjtLf0jEkG2FIWaf5X5Yp6Wsa4FcthviRnZD6OZKuE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25036afdb4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/6b9fb912e3ca988c1f022932faa17620.static.png

104.21.23.149

200 OK

4.9 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/6b9fb912e3ca988c1f022932faa17620.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 166 x 92, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4949 bytes)
Hash
cc5132b56ba46b03dd998aa1fe220106
403e007a0b17d76a9945fa5ec46a9d01733b3040
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/6b9fb912e3ca988c1f022932faa17620.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 4949
last-modified: Thu, 30 Nov 2023 10:10:11 GMT
etag: "1355-60b5bdb6ece29"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj2qnJs9mNfrlNffeeHmGsbg8XaUBOqWrKn%2FSz1U66%2F1Pi%2BXjCCcqBQinTX3sS9ZVNyUnll%2Bfor5CpEzS%2FDn3%2FKZ5nOUpj0Qd7uSAlBSkhspo09VV3xXBVq9WGsFaVeBSK3raM1%2FOsla"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035af8b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/25701d21d098ff9e8c7c02aff64f6e60.static.png

104.21.23.149

200 OK

1.1 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/25701d21d098ff9e8c7c02aff64f6e60.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1108 bytes)
Hash
a3555871399f1f67bfacaf437974b03a
b6337de87cd7a75a73cd804774651d14c83fe76a
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/25701d21d098ff9e8c7c02aff64f6e60.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 1108
last-modified: Thu, 30 Nov 2023 10:10:23 GMT
etag: "454-60b5bdc2a52ad"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB7ag7NtQ2xxWbcIwGOY6i6imkuSqlGJY68wO9A9conpy3UJHRR3y0IYbzG0f%2BXveYjqXrsapvQrssOJI%2BfvW2eDa%2BEAM4yB%2BD30e0CVo3Axt3ciLyE3GA5CKLEiZxA46Ey0x6BUqZaJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035af7b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/8333a883500375d7869a4fc9575ae540.static.png

104.21.23.149

200 OK

18 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/8333a883500375d7869a4fc9575ae540.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17558 bytes)
Hash
6e3d6800eef9cff4b94abc025255eb2b
7d606044af2f4fb7f10cad9e88a3e0647c0f2b38
b2901f408265c7a9d8d5cfe0c8865e27289949848862945f8a3eda85898100be

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/8333a883500375d7869a4fc9575ae540.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 17558
last-modified: Thu, 30 Nov 2023 10:10:23 GMT
etag: "4496-60b5bdc23f986"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IvlBOvPCOnwIb3UyzOXrbuEPJdDkQ4BT6ALy%2BF%2BW0Q27sylXOdad09%2F32irwjAkoKPZIB1i72K4v7Vk9rjnuA8Vc4eM4u66D7xF7koNuPWPDThgxPB5oxdyY5swyIi0L5PkXFDRr%2B6u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25036afeb4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/41360fddc51bc467a4625dd0996bd68d.static.js

104.21.23.149

200 OK

789 B

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/41360fddc51bc467a4625dd0996bd68d.static.js
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text
Size
789 B (789 bytes)
Hash
424165d04aaac003395f964590e6cb2d
3d041931a170de8ee9981122e0ae44ed05bfc29b
f04b0a0a20f05bde21b16ad9e0ea1cef1ba49eaba5bf7eed03f3a8dd115240c8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/41360fddc51bc467a4625dd0996bd68d.static.js HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Nov 2023 10:10:24 GMT
etag: W/"ed-60b5bdc37dfc1-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bix3BdPxIx%2BW2%2F%2BhBx2A3kW%2FoTiL3USKyD0xFWoZAPbuJs%2BapgvWjSMh4M7N67JU0hcwAIyaYj3O615LxCd6dPIacDpuPLfO3vTe4lDUKWo2fcQrMVtuCzt%2BLK%2F5wfjUHlIK6Iki%2FIJG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25036b06b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/3d7258eeda496aa1e04d9f9552179445.static.png

104.21.23.149

200 OK

26 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/3d7258eeda496aa1e04d9f9552179445.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25871 bytes)
Hash
2c497dfff84bd8c5af9254c9d6278ce1
667e72e7ba6f00a54629e28133317022d4b59af6
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/3d7258eeda496aa1e04d9f9552179445.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 25871
last-modified: Thu, 30 Nov 2023 10:10:16 GMT
etag: "650f-60b5bdbbbe665"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FcfzHcms1lNDVcX0FMqduGNMjzkcL0bhBEm48hrazt4TAo%2Bx31LzrwR3gAEN8lN6I8DfMn539F2w7rKEu0hccnmD4SOM65Kg3kep1FrqYAInEVvU5HF2HSGYTrfhmuMUebZ3WhDiL2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035af4b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}

104.21.23.149

200 OK

39 kB

URL User Request GET HTTP/2
www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (637)
Size
39 kB (39324 bytes)
Hash
e16c858b4fab0cda54fcc2854fad6cf2
e9e53921b86dc9a40d13d886957d78b37de432f9
a36c1e3c54fd5f9fa5f1e014b0349bdb8ed3e1ad8d6e902a1904718ec5b78b30

HTTP Headers

GET /lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country} HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 07:37:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BQIwcEu8H%2FiPvkuxGF4gQaMKVsNs%2BWuRyparICDO04C8rpf2rDjzioo2w52c6iX9iH7MIwZ8jCBQq%2Be09kwwOuKiVdWHpsW7mM7s46ptwX1vQMM5oudcLkQb1DIHOleYb%2BMt09Q9Wni"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa24fe0c660b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.page-oqicidkj.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 268591
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.page-oqicidkj.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 268591
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.page-oqicidkj.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 268591
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.page-oqicidkj.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 268591
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.page-oqicidkj.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 268591
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.page-oqicidkj.site/lO4817/b4fd536b3684302c28ad28d02f1d7192.static.jpg

104.21.23.149

200 OK

367 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/b4fd536b3684302c28ad28d02f1d7192.static.jpg
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:08:26 11:44:30], baseline, precision 8, 1920x1051, components 3\012- data
Size
367 kB (366853 bytes)
Hash
dd6f5df6c78a7369fe8ceb7c0f70dd50
d664e27e8c2b8154f9b31e2dcda0b21e3e4935ba
40dd8a184408b9c6f376673ffd39c74611f4ef9ff0a1daa8b3760015d801883d

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/b4fd536b3684302c28ad28d02f1d7192.static.jpg HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/jpeg
content-length: 366853
last-modified: Thu, 30 Nov 2023 10:10:22 GMT
etag: "59905-60b5bdc0e4e21"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XiAQKaWuCiz9uIMpcW4eJdZdr7wyxpLfyVxy9HCsWc85jK870m7kCkxkCmV6tootGyp6emZoUNIVFvp7BXInT44su8lenKgkp7Mr%2FpnyJHNUG2LN6pTkXXY0rElPHTE9b39RXK8Q38%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035aefb4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/17aeeccb311e76485a4378f554287df9.static.png

104.21.23.149

200 OK

549 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/17aeeccb311e76485a4378f554287df9.static.png
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
PNG image data, 1903 x 1020, 8-bit/color RGB, non-interlaced\012- data
Size
549 kB (549442 bytes)
Hash
f3e18c4da95b83ab519a72f2876019f2
209f613fed2d2202e134e00081ad3c32ec5e6a25
466835ef2d6f0f0bfddafa405154702e36a5588f69684dd3b6642f9013eb778b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/17aeeccb311e76485a4378f554287df9.static.png HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: image/png
content-length: 549442
last-modified: Thu, 30 Nov 2023 10:10:30 GMT
etag: "86242-60b5bdc87b72d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWaPvBSgQvyu63t1eiRNObQRCM7W182aLiRMKUx%2BLx6oSa96en8LGirv%2BOkhXM6U04yJtatP%2FQLLlX1c5aTiXLb%2BDoculbTAwNbySq83sJPXo0fQyyezK%2FP6uru1qoEwfNNuMIc5Hkrj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25035aedb4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/beep.mp3

104.21.23.149

404 Not Found

17 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/beep.mp3
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17021)
Size
17 kB (17336 bytes)
Hash
13ea52e49ef4bfa21e6e04a710c3dcf2
528274cedfa52b86b6e32737078ceabfaa232bd7
32a927c99580d6ec158fc287c0174581e1315a8167be1143765828b2429ac363

HTTP Headers

GET /lO4817/beep.mp3 HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 07:37:30 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6PvDnXrp7%2FJGLANHyzk6%2FL4Gmbtbj4FBmU%2FTbfExm1Rdzz09goaSgofUUkQfoapGSSa3p1HbDKCJJtM48zG6ai1NCq5wqrAd8SGVBVvMwQ5xwv1WSg57K6gvoppPc%2FJOZrBP%2FKB73GG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa250aaf2eb4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/favicon.ico

104.21.23.149

404 Not Found

1.3 kB

URL GET HTTP/3
www.page-oqicidkj.site/favicon.ico
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.3 kB (1309 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 07:37:30 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0u9HXJZpUr10Sex%2FKM3lxngSrti2tABZYFVMd%2B5PeFerduusZRhTUY%2BM3DLf1d5xL3RaAJ7KagDbE8CJyJHl1uHp%2B0wp9K1s6qK4T93pGjqJfvWnFIWHm57vqPP4sUoM17JX9l4quuk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa250e094fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/0ba4617d42ccfd400ebdd5211823c76a.static.js

104.21.23.149

200 OK

1.2 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/0ba4617d42ccfd400ebdd5211823c76a.static.js
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text
Size
1.2 kB (1196 bytes)
Hash
59c5159f91148b7342a7b1f6e3c33761
f0753b57a78149289678e563c31c037732b22789
2eab8159d68bcb5d22e364efe3bb68614867a340e6aea0d9e479790e9c8db0b7

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/0ba4617d42ccfd400ebdd5211823c76a.static.js HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Nov 2023 10:10:17 GMT
etag: W/"5ff-60b5bdbc3e576-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbLW1N0dusbx2%2BNE6OMie9XmuLfJObYB3xm2c0iu0zAYGPMzhVDyEggJwpg%2BGjh77vy00FfhQe%2FYfcXE6fZR8mqP8BpK5aTfk%2FdUN2q1sTDFBBF5yUUa61QChKbQDDCNGKdEbquAYZJ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25036b0bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/0wa0rni0ng0.mp3

104.21.23.149

404 Not Found

2.1 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/0wa0rni0ng0.mp3
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1802)
Size
2.1 kB (2117 bytes)
Hash
d37a4a4163332c229989686da46a0ff9
58b909e6f50be9f045f0c2500f3a8ab33ff2061f
cc2c93afac58c706e9e9fc0cfb0657dc04b7a166f5b72faac86adb2d5e4028f3

HTTP Headers

GET /lO4817/0wa0rni0ng0.mp3 HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 07:37:30 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M%2BpIZ3%2FfJ5CPNF%2BJ3b0kd1VG96O5jP4r5flxilivWZ0cwhTmFXcrJsCySbC6uyDc5km0XjtkjXAEwAsZRqScgDamYPcgA%2BYnXxMUzogXID0d%2FWpOPg1QkN05wSm7X%2BbKH4RovjStvl1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25090e19b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/fonts/fontawesome-webfont.ttf?v=4.5.0

104.21.23.149

404 Not Found

315 B

URL GET HTTP/3
www.page-oqicidkj.site/fonts/fontawesome-webfont.ttf?v=4.5.0
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /fonts/fontawesome-webfont.ttf?v=4.5.0 HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/0fc9255b87fb4ad62cb4f2689a69fb49.static.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 07:37:30 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8OLO5O7%2Fr5XX%2BzKLT4uAxwDlUuPo07kjXm4Do8Ow%2FSPCWMLs1Jm2qRRcgJ%2FkhB1Wk%2Fa1EYjt3nmmmr4SZU7pdjAoI91UewTjgGpaoDxYjb3b%2BzVlQm1nnO16lm49kpz6OebbyTZLmuL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa250c3fdbb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/0fc9255b87fb4ad62cb4f2689a69fb49.static.css

104.21.23.149

200 OK

28 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/0fc9255b87fb4ad62cb4f2689a69fb49.static.css
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text, with very long lines (27303)
Size
28 kB (27466 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/0fc9255b87fb4ad62cb4f2689a69fb49.static.css HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: text/css
last-modified: Thu, 30 Nov 2023 10:10:27 GMT
etag: W/"6b4a-60b5bdc62c929-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg9QB1Fv9pSFeL4YWQcjI7zXOa%2B%2BggULjtWLtipylbxvKO6guWp6yp1EwKyfyBMqLZLsBig1Vp821eUxI%2Fi%2Fy12tzRHlEdwFJMgadjYNZHbK1R%2B6APWH4xMdTnzYcydYLtcTBzmd11NH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25033adfb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/fonts/fontawesome-webfont.woff2?v=4.5.0

104.21.23.149

404 Not Found

315 B

URL GET HTTP/3
www.page-oqicidkj.site/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/0fc9255b87fb4ad62cb4f2689a69fb49.static.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRA9DPQRfp7iye5yeKSzxbNoMBWwh%2BXB%2BOcX2rxMgyR3%2BXrAzn2agvQsDhHLKidLT7Wi5BN4C0XRuRcJ3AAHL3bRnrCCdqWYd1tgUVp2JNckjgShNUCV6EMU4Y55FFNpZm94x475zXpc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa25085da5b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/cedeb70cb80eb88a09a1af6e874093b1.static.css

104.21.23.149

200 OK

199 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/cedeb70cb80eb88a09a1af6e874093b1.static.css
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text, with very long lines (629)
Size
199 kB (199371 bytes)
Hash
fcdf75883425d0a223b82196bc9b8f08
3f0315aeb20bcf09b13ecde8c13690e9e03ea6a7
fa61f318f1857df9a04afe026589336dfaa05bcbe2c5d473a82a46610a384eb8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/cedeb70cb80eb88a09a1af6e874093b1.static.css HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: text/css
last-modified: Thu, 30 Nov 2023 10:10:23 GMT
etag: W/"30acb-60b5bdc1d811e-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrcZayCYQe7J5peaAVzpsJR1gjFO2cC33Oq605RKTt40iwNn5zDirCOT6wpVry%2Bnuy7gmE7wdUJuBxLXMW6MfWWKUHqBVpPt7FRWLzCyNjGlwnSlnB0yfBOUafRWNEmwD9LMhaSc%2FPJo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25031aceb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/73a713b3e6390919c133b3c9a52ee7d7.static.css

104.21.23.149

200 OK

20 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/73a713b3e6390919c133b3c9a52ee7d7.static.css
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text
Size
20 kB (19803 bytes)
Hash
1ab8c5ad1f5d81de3f2229c010bf22ea
04d722566c29bad33f18f5f28f3cb9377f0d5d47
54a40f41435b27bd5a6c7766fa5a5cb1e6ff18fa36db8427bda4c938464a1957

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/73a713b3e6390919c133b3c9a52ee7d7.static.css HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: text/css
last-modified: Thu, 30 Nov 2023 10:10:26 GMT
etag: W/"4d5b-60b5bdc5599d8-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6X2cz66JXlq87O2W36fsOE2ZsiJ8eXmXUVPb7AqqdsIiJ1EIxOhIvofFppGclCwopM6%2FJlWbc4xoftCG%2B3%2BA0TJcmb%2F77U%2Bj7KTIxWe00tlXHvMXGoqym8mCJPsrlTnmpZRuZLWXwrZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25031ad2b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/20c8c7fe6f006fc0d2c7ce7467772161.static.js

104.21.23.149

200 OK

11 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/20c8c7fe6f006fc0d2c7ce7467772161.static.js
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document, ASCII text, with very long lines (11084), with no line terminators
Size
11 kB (11084 bytes)
Hash
65f1d21d5fcc9d21da758adababd0c3c
e0661d07d64c00008bc9d013d16eec0a0f156dc7
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/20c8c7fe6f006fc0d2c7ce7467772161.static.js HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Nov 2023 10:10:27 GMT
etag: W/"2b4c-60b5bdc5c21e0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coIjqAnx9OY%2BEgwy%2BI7%2F0VgzhGVYYyOuA69WWufipUo90aW76WKx61dX5oArp5d0gGzeL0NG3vyjrL8zbvl%2Byj7tyNL2V3y%2BdTHN7eShgWttGA7V9fmKidNx5Wp4TYLmzL02ilgGH2dX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25036b03b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/d6b687e8d37a75659e591944749dd627.static.js

104.21.23.149

200 OK

86 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/d6b687e8d37a75659e591944749dd627.static.js
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/d6b687e8d37a75659e591944749dd627.static.js HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Nov 2023 10:10:13 GMT
etag: W/"14e4a-60b5bdb923583-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnsCA%2FviPFZV6TOv31pJ0Dkg1ZKGZzAT0p%2F1uPtVUyDYcCq5UJ3t6aWc3pcDLb%2BT%2FnZidzNR6scQw10CFcsCyh5xq7WM6E9orb%2BpUHUeYBUR3o4xER1JJKfVm5wzPqZDIqe%2FhNFdBZB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25031ad1b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/e79389f117463e86054da2a2618c61d5.static.js

104.21.23.149

200 OK

483 B

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/e79389f117463e86054da2a2618c61d5.static.js
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text, with very long lines (505), with no line terminators
Size
483 B (483 bytes)
Hash
77646cb1158954c263c293cba84c26fa
3dde3ec8e3fb0b8589037c4c8ea2db8d88f20c62
4c0946161ef3934782c2907cd2ba4b08e1d73e2553f28d3b63093d05e1f96ad6

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/e79389f117463e86054da2a2618c61d5.static.js HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Nov 2023 10:10:20 GMT
etag: W/"1e3-60b5bdbf93eff-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiPNM7xgP3QXuUTjIimPZE%2B0G0ZhTUO6lt%2B5CjtHx%2FxLSOxgy1vNkI4nEdDbrzylzgE2zzPhHFpsgvvzOEPQcsRq5%2FMcwFEUqvzuTI2cKoT2VY3j9ehxxCOY2HPRN2pLn1QMjNiQ1Njt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25037b0db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/03978e09032efb49f1114ceef72ec864.static.js

104.21.23.149

200 OK

84 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/03978e09032efb49f1114ceef72ec864.static.js
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text, with very long lines (65299)
Size
84 kB (84378 bytes)
Hash
f81d0a1705048649befc8b595e455a94
aec551e4d573463088fca7d14fb644eb389f1839
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/03978e09032efb49f1114ceef72ec864.static.js HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Nov 2023 10:10:28 GMT
etag: W/"1499a-60b5bdc6a89b9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2cxbDpgOncD9z99e9qQAnwICrO58NRes9hU5fsqVKmqDuWSEw%2BhT8%2BVHNOhcbuVg3OOvaxoBUrSih6heT8fIltnBqEghLwN9DxpnggCrEbejE9Qp6mbXUT7n16LPXGygsWbSiiW1iCI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25036b05b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/alertmicrosoft.mp3

104.21.23.149

404 Not Found

315 B

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/alertmicrosoft.mp3
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/alertmicrosoft.mp3 HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 07:37:30 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=459ZP18c2Tl31HU%2Fo5Wvxqz6BHI2GD62GWbQXWJ36v9K4cxhSvZASsY9u4ZNcujStUDyH2XCIUt2ie%2Fkit3FumW1ZXWj0qp%2FSJ7a1atiou%2FCiKg9Zjat8hQDWphMBhYdxrhVjd4%2FBrVd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa250aaf32b4f7-OSL
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/2fd60a3611305b14f8de29765608a778.static.css

104.21.23.149

200 OK

8.5 kB

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/2fd60a3611305b14f8de29765608a778.static.css
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text, with very long lines (8923), with no line terminators
Size
8.5 kB (8524 bytes)
Hash
52995fe85418c7ddb85ea645dd8c17dd
27a97aa47580f4cfbc6c67e046974337f95852af
d0d9c39568aab1b1374292874d96aa6e5ccc7917c49518572345852cd5277db4

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/2fd60a3611305b14f8de29765608a778.static.css HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: text/css
last-modified: Thu, 30 Nov 2023 10:10:10 GMT
etag: W/"214c-60b5bdb63a284-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNuJv1SyJOuddzye%2BGIvnhEkd66AnvQWtJbSlzCsEnXdEkT5vVNZnBzKr%2FfBr97GRlnNDeb5ss5njFyqoE3jxfv%2FxQwGI6PAlKhST9YeaAt5XFn9WvtygVlp6l0nxvY5RztnRvi1HJAt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25033ae0b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/lO4817/01e5b1c29824bd5beb5209d713a6075a.static.js

104.21.23.149

200 OK

360 B

URL GET HTTP/3
www.page-oqicidkj.site/lO4817/01e5b1c29824bd5beb5209d713a6075a.static.js
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
ASCII text, with very long lines (368), with no line terminators
Size
360 B (360 bytes)
Hash
9c2b57a68a0766a03ba119ce1b472af9
b9b42ea2c4bb071d7bf893df1b82f0fdc1c8fbca
418e20285e134744f60a5342f16d4e8a7162a738bd25d76f894877f416cef0a8

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /lO4817/01e5b1c29824bd5beb5209d713a6075a.static.js HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 07:37:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Nov 2023 10:10:14 GMT
etag: W/"168-60b5bdb9b5d7c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dUhv6CkejqQl8onz19aZNBRomlUu7kVLaIHzOYdRm20Lv1Z3zE6JnwSg9DQwZkPVrM%2Bul4YfeQGzKGsZOQWHSRsPjNLtp9eWslZrpvenSx8DBnVorSxZSHhO8EpUSJ3dR%2B0JCDbWcL1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fa25036b0ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.page-oqicidkj.site/fonts/fontawesome-webfont.woff?v=4.5.0

104.21.23.149

404 Not Found

315 B

URL GET HTTP/3
www.page-oqicidkj.site/fonts/fontawesome-webfont.woff?v=4.5.0
IP
104.21.23.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerLet's Encrypt
Subjectpage-oqicidkj.site
Fingerprint26:DC:FE:B0:84:CA:C7:0B:23:4C:BB:C1:E6:95:F8:E9:04:82:85:44
ValiditySun, 03 Dec 2023 01:13:16 GMT - Sat, 02 Mar 2024 01:13:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /fonts/fontawesome-webfont.woff?v=4.5.0 HTTP/1.1
Host: www.page-oqicidkj.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/lO4817/0fc9255b87fb4ad62cb4f2689a69fb49.static.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 07:37:30 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmC0EpP8wmTRPwGFF3GGX1zMF%2FYY%2B%2BJ07naEQz5hgzI0DpyAnsQB9rJVh7Wr8boQVQnOcLO7GMO6dOwQ9KKb701B4dyd5KvrIHnAH6khP74XGkqfHWPzMoHI5LJy6IUvr6OM9Ru%2FeHR9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fa250adf41b4f7-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

142.250.74.74

200 OK

35 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.page-oqicidkj.site/lO4817/index.php?ip={ip}&device_brand={brand}&device_model={model}&browser_name={browser}&os_name={os}&os_version={osversion}&lang={language}&domain={trackingdomain}&clickid={clickid}&country={country}
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
35 kB (35274 bytes)
Hash
19602f1f4d84cdb858d234032329d0c2
adce58e161aacccaa48b83bfbefed021f60dd8b3
fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.page-oqicidkj.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 07:37:28 GMT
date: Sun, 03 Dec 2023 07:37:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash