Report - llam.yourpcdefenderplus.site/c/4e5d922b8a829ab6?bid=0.0081&s1=ph4-sft-at&s3=duy&s4=&s5=trx0etqzts2wlgp&s6=&s7=881848&s8=pyno1jcpbhm&clickid=zaprn6ehkwh

Report Overview

Submitted URL
llam.yourpcdefenderplus.site/c/4e5d922b8a829ab6?bid=0.0081&s1=ph4-sft-at&s3=duy&s4=&s5=trx0etqzts2wlgp&s6=&s7=881848&s8=pyno1jcpbhm&clickid=zaprn6ehkwh
IP
52.51.27.131
ASN
#16509 AMAZON-02
Submitted
2023-01-18 09:44:15
Access
Website Title
Final URL
Tags
fake_software fraud
urlquery detections
Fraud - Fake AntiVirus / Security software

Detections

urlquery
13
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	28 kB	142.250.74.46
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	65 kB	34.120.237.76
stormtrk.com	289095	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	632 B	701 B	104.26.4.120
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdn.stfilecamp.com	400667	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	42 kB	205.185.216.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.237.81
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	4.6 kB	142.250.74.42
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	855 B	4.3 kB	216.58.211.3
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
cdnjs.claudflare.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	90 kB	192.241.132.237
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	216.58.207.195
llam.yourpcdefenderplus.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	3.5 kB	52.51.27.131
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
cdn-adef.akamaized.net	125719	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	436 kB	23.36.76.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-18	medium	cdn.stfilecamp.com/stormtrk.js	Phishing
2023-01-18	medium	cdn.stfilecamp.com/fp.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-18	medium	claudflare.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499	90 kB	2023-03-07	2024-04-24
Pretty URL cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499 IP 192.241.132.237 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2024-04-24 17:52:42 Times Seen4223 Hash 7c14a783dfeb3d238ccd3edd840d82ee ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b 80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0 Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499	769 B	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:39 Last Seen2024-02-28 09:24:22 Times Seen19 Hash a22a1a0161c2da8eab4d825d701e0d30 17a279b59fa2371f8661d5558662df7abdcf5442 4d7d84af0a913c75c83eda10419b18fd30ec7f481bf627fa89d8ff450df53580 Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499	2.2 kB	2023-03-08	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:27 Last Seen2024-02-28 09:24:22 Times Seen19 Hash f428fe6667efbbe5781d64826256609b a22fa069217b69eaf17ff01598c767d024276714 1f42bf468de596cc87ad4afc995cdd28f893b143ba096774404997fcacd9c5ef Loading...

	cdn.stfilecamp.com/multi_push.js?1672139499	1.1 kB	2023-03-07	2024-02-16
Pretty URL cdn.stfilecamp.com/multi_push.js?1672139499 IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-02-16 11:05:10 Times Seen152 Hash a50322f9d3f3fafe3fb02be02285e433 c0a894b3bfa545832c3ad1c2f145005d02e50ac4 cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99 Loading...

	cdn.stfilecamp.com/stormtrk.js	6.8 kB	2023-03-12	2024-03-03
Pretty URL cdn.stfilecamp.com/stormtrk.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:32:38 Last Seen2024-03-03 21:18:43 Times Seen307 Hash 39e5f8ad757fe438c784e8d883e47ab0 6b2905489485100c83605f43186c5843031e1f3b e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main	212 kB	2023-03-08	2023-12-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:09 Last Seen2023-12-02 15:44:19 Times Seen21 Hash 8bf322278cc4d5349d9f216543dad348 836605271acad0b93010bf2a97c2b4d2cdab6527 dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816 Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499	25 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:39 Last Seen2024-02-28 09:24:22 Times Seen19 Hash 7f1b8cc7b3f5bae928d07c8605d0c0d8 51b5a4a877f16d74b6ffc21caba71f976bf5b573 ea22c4c2f6384d1828eb9a62c4d4ecbab3f570d9e4003b9ff6df406ceab70ef9 Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499	1.6 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:41 Last Seen2024-02-28 17:41:57 Times Seen75 Hash aeb03440821eecd362780d1d1f8f4751 9a8590f4ade02e37499f5d41e1797170f6abf016 21bde0ff3710d3310fcdfd34a1beaa5aa12da96f55305c82e223e0f1a3feabae Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499	1.4 kB	2023-03-07	2024-04-06
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-06 19:00:00 Times Seen122 Hash ec54980cfed635492cef5628111560d2 a5dbc3628701447711d16decd4409070c9967714 b402b988b04cea3b1ba157a14aa973998a6f5cad4d079dfc81622d77c3ba7558 Loading...

	cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499	3.1 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:44 Last Seen2024-02-28 17:41:57 Times Seen66 Hash 311a4a9bfb7699c36f9310aa8484b360 4b5773045e6d05c620cdaf3beb73e979f12185e2 bc6a799d0e1dcff39b50eb0848daca50bcad457fe4e7d55f5d04e9577cb91e8f Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	77 kB	2023-03-13	2023-03-13
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:05:46 Last Seen2023-03-13 02:06:02 Times Seen1 Hash f623d205a889ab2828170ba12f6f30eb 1e45317e36bf3a544732ea41df25c1b52f62f140 b9a5f27ba556afe0e0e6c3d6dc966ff5180b51b5a40124ab3700d865e88fe61a Loading...

HTTP Transactions (70)

URL IP Response Size

llam.yourpcdefenderplus.site/c/4e5d922b8a829ab6?bid=0.0081&s1=ph4-sft-at&s3=duy&s4=&s5=trx0etqzts2wlgp&s6=&s7=881848&s8=pyno1jcpbhm&clickid=zaprn6ehkwh

52.51.27.131

200 OK

3.0 kB

URL HTTP/1.1
llam.yourpcdefenderplus.site/c/4e5d922b8a829ab6?bid=0.0081&s1=ph4-sft-at&s3=duy&s4=&s5=trx0etqzts2wlgp&s6=&s7=881848&s8=pyno1jcpbhm&clickid=zaprn6ehkwh
IP
52.51.27.131:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19975)
Size
3.0 kB (2992 bytes)
Hash
a2b9fbdfd70d68bcd5e19c7381c34618
071b8ce5d1311cd6afccefcaabdcd7636d30c9d4
0afe32aa6ae748b06c35a18cdf8b0be87a5b333c4d902cd1f930375a537a84c1

HTTP Headers

GET /c/4e5d922b8a829ab6?bid=0.0081&s1=ph4-sft-at&s3=duy&s4=&s5=trx0etqzts2wlgp&s6=&s7=881848&s8=pyno1jcpbhm&clickid=zaprn6ehkwh HTTP/1.1
Host: llam.yourpcdefenderplus.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 09:44:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=63c7bf64000c2e0f; Path=/; Expires=Sun, 19 Mar 2023 09:44:04 GMT
unique_id2=63c7bf64000c36ed; Path=/; Expires=Tue, 18 Apr 2023 09:44:04 GMT
impression=; Path=/; Expires=Wed, 18 Jan 2023 09:44:04 GMT
63c7bf64000c36ed_sl=[269163]; Path=/; Expires=Wed, 01 Feb 2023 09:44:04 GMT
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4b8b051d555b46b1e9e64faebf91b4ab
bdab7f1f4146f0e7c16665692e4f1edd83c10a24
e069730519f658e767ec8edb57edd8e2b1ccb18d4f0ade0920654eac18f83456

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E069730519F658E767EC8EDB57EDD8E2B1CCB18D4F0ADE0920654EAC18F83456"
Last-Modified: Tue, 17 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15603
Expires: Wed, 18 Jan 2023 14:04:07 GMT
Date: Wed, 18 Jan 2023 09:44:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16697
Expires: Wed, 18 Jan 2023 14:22:21 GMT
Date: Wed, 18 Jan 2023 09:44:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15436
Expires: Wed, 18 Jan 2023 14:01:20 GMT
Date: Wed, 18 Jan 2023 09:44:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 09:34:23 GMT
content-type: application/json
age: 581
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RDqieWyRP1FwWjxhOAzNtSOzl6CBaeFX0HBix1CfLze8w34egAea5m1hrBEv4Au76PACY9mvEWk=
x-amz-request-id: R6YE0XTVPV907F02
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 08:56:37 GMT
age: 2847
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 09:44:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499

23.36.76.96

200 OK

655 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
655 B (655 bytes)
Hash
64836db20736f1e7995b43489b4bf0ac
a0db33db05acb39dd01d9f19f5eed634682b0ead
d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/css/translate.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: lhcifVWg8gYIiT8Rf76hcHbyOlIRmimK37Wr1infQMoPoj6bMNhZ6VnvLBH9X+shV2QmB1jHe8A=
x-amz-request-id: X72MGA21V27PNWE5
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 655
Date: Wed, 18 Jan 2023 09:44:04 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499

23.36.76.96

200 OK

5.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (24988), with no line terminators
Size
5.1 kB (5095 bytes)
Hash
4f6795f72fdbcb15309fd2aaba55302d
d613bd45610ff3a3e0a581d360847f01de563368
787035c2e2a9154a7ab7805185cf09b73f252b86221c975244259db327db8193

HTTP Headers

GET /landings/269163/1672139499/js/interactive.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: T2tZi3dAK8MbPb1TaMbQuq/GIufj6jXkIdgKLktA0cspaP7b8n6VvPF5F4UzDIWV9ufwHM+nnTQ=
x-amz-request-id: W283XN0576Z26XH5
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "7f1b8cc7b3f5bae928d07c8605d0c0d8"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 09:44:04 GMT
Content-Length: 5095
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499

23.36.76.96

200 OK

559 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
559 B (559 bytes)
Hash
7a2813dd2f72e952a133e5d6f13a808a
7472ee61fbd566913fd48f40f76e63edb9ea1faf
ea14a153c8c32aecd506eeb112e67542e62ea7e312dc77de3149df90c8a9336d

HTTP Headers

GET /landings/269163/1672139499/js/translete.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 5SgJ3pTlMQcjUbhEAF36n0L9CnXlMK0GFf7EItDRicOyjpMGy5pq8vIi2cdAm/xxszR3wY6grYI=
x-amz-request-id: J8MB8TRZ9B3KJ0GN
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "ec54980cfed635492cef5628111560d2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 09:44:04 GMT
Content-Length: 559
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499

23.36.76.96

200 OK

769 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
769 B (769 bytes)
Hash
a22a1a0161c2da8eab4d825d701e0d30
17a279b59fa2371f8661d5558662df7abdcf5442
4d7d84af0a913c75c83eda10419b18fd30ec7f481bf627fa89d8ff450df53580

HTTP Headers

GET /landings/269163/1672139499/js/main.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 5C0a3PdxgjpVDn+c74yPxxc1ZoAClrJlOQ8yVPzDbxOR0Ul0umL1ZZdRTn/Kguw72TtTOWMRHTI=
x-amz-request-id: W284DFSWT3SW3D3F
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "a22a1a0161c2da8eab4d825d701e0d30"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 769
Date: Wed, 18 Jan 2023 09:44:04 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499

23.36.76.96

200 OK

826 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (1619), with no line terminators
Size
826 B (826 bytes)
Hash
80f159394b22e099038b584495222009
49a38d579533fb963f8f0f94687b40f65713b8dd
2d1575e9baafcb2f70a5d4ff82e829c3722535c3b9921c0d1baf5b54a384b109

HTTP Headers

GET /landings/269163/1672139499/js/js.cockie.min.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: +gaeW8JMiZ7bWIpZYTYZ5JqdkWRnOmeneDRWPNH5REt4VghQGGrGPgEdkbDPDVDdF8YPvFiTJWk=
x-amz-request-id: W28F5FV1MDABMMY7
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "aeb03440821eecd362780d1d1f8f4751"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 09:44:04 GMT
Content-Length: 826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499

23.36.76.96

200 OK

2.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
2.9 kB (2856 bytes)
Hash
9e6e17753fd08ccffdaab4bc97d7af50
f4a6f23df54e760b305134eb5587ccd0b0c6ad49
01f65c67d47ef19588c9c3e19fc6e2e123ff3f0e2f1cfdf9ad61a655efe23cf8

HTTP Headers

GET /landings/269163/1672139499/css/style.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qufEYPc9y6KgRXvEchyW55rLl82tjAJ8o+Go6G0b+8dVIbBU7W5Q7CnjX1kvR8/C09G/xxeh6iE=
x-amz-request-id: P1751PTDJH8W116R
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "790ea33cbfafd3311bd7083f70a179c6"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 09:44:04 GMT
Content-Length: 2856
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499

23.36.76.96

200 OK

1.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
1.1 kB (1073 bytes)
Hash
85e3bd021961fdac95655a71435375f5
9d03222c7a2acb3c790270e3f07bebc485759db2
bd6d5b382238afd5ee6299972b66f4e22521fe96487dfc620be38e1743d71887

HTTP Headers

GET /landings/269163/1672139499/js/site-protect.2.0.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2SJiDeh2mxH/X/uSnoXhgOLVIgX4QROvjXrd3Z92ZRDaYBHTq07FswU9qCbKOmmpipI28A+/SgA=
x-amz-request-id: P17AHXQX68W2MEFA
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "311a4a9bfb7699c36f9310aa8484b360"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 09:44:04 GMT
Content-Length: 1073
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499

23.36.76.96

200 OK

728 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
728 B (728 bytes)
Hash
cf00d833782706194b8c8d7a10222c7e
eb5fcbf9e53b3e2882d671cea6a73210effff810
b1d0dec6c93c760e5890b5f36ce72d46f4d9be7650d8eda017ef0bb640080b05

HTTP Headers

GET /landings/269163/1672139499/js/second_back_multi.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: OwUXHrKbmKcspp75L+RoEPyTSjsEp0CnyBgTH42w3Udlt4rsSSq/Sbz2jqDtFJP4su36Srie0Gw=
x-amz-request-id: W2852RADPYP02GH6
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "f428fe6667efbbe5781d64826256609b"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 18 Jan 2023 09:44:04 GMT
Content-Length: 728
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
503edbd4a69fe12e5ef8cca4fede2d59
031646bb8fa2ca4a8bb85bcd2bbe05faefb94fbf
35e984de8b42abbaaaf17d6a0fc58170c96282195a54e72df1f4f829f8a2cb4c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35E984DE8B42ABBAAAF17D6A0FC58170C96282195A54E72DF1F4F829F8A2CB4C"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15806
Expires: Wed, 18 Jan 2023 14:07:30 GMT
Date: Wed, 18 Jan 2023 09:44:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 08:48:57 GMT
age: 3308
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499

192.241.132.237

200 OK

90 kB

URL HTTP/1.1
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499
IP
192.241.132.237:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (65447)
Size
90 kB (89500 bytes)
Hash
7c14a783dfeb3d238ccd3edd840d82ee
ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 18 Jan 2023 09:44:05 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 89500
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Wed, 18 Jan 2023 21:44:05 GMT

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 09:44:05 GMT
Last-Modified: Wed, 18 Jan 2023 09:04:32 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

cdn.stfilecamp.com/multi_push.js?1672139499

205.185.216.10

200 OK

1.1 kB

URL HTTP/2
cdn.stfilecamp.com/multi_push.js?1672139499
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
1.1 kB (1072 bytes)
Hash
a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /multi_push.js?1672139499 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 18 Jan 2023 09:44:05 GMT
cache-control: max-age=3600
content-length: 1072
content-type: text/javascript
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx000000000000022ca9bb5-0063c7bf65-2bd116bf-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-sp-metadata: HS256.CPWan54GEoYBCiQ1ZWI3YTUzYi1lMDU4LTQzZTYtYWIxNy03ZWQ1YjgwYjNkNDUQgMPq7NjG+wIaBgjk/p6eBiIMOTEuOTAuNDIuMTU0KOs4MAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKRIkOGJjZmEzOWQtZjcyOS00NmZkLTlmNWItZDIwMWUyYjk0ZDE4GLAIIhoIAhIUY2RzMjMxLnNrMS5od2Nkbi5uZXQYCQ==.HRzFzgiYc0peTiCOiu+l8/dlxAAaBS56Fw4+oHbCAcM=
x-hw: 1674035044.dop225.sk1.t,1674035044.cds071.sk1.hn,1674035045.cds231.sk1.pr
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png

23.36.76.96

200 OK

293 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_cls.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
293 B (293 bytes)
Hash
9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/win_cls.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Ti06l/C/pXBrKdEKY1xxLnUyU6skHEflbKPVytNXB8fOBlxP4WvQ3Qui3jrNsBQ2+1rZfzj31ss=
x-amz-request-id: BPCRVG49F3YQVZ1Q
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9eb68d2ce05c151bda542a7a6356e22c"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 293
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif

23.36.76.96

200 OK

69 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray1.gif
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/ico_tray1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: /6o4ihTAzGUKNPIbCqLxiqVcUzJ0FrDarMNsYjDyifUanCuyAFw9rxXW5/1UM//dHYo1t6UOR7U=
x-amz-request-id: P17B956SYGQYW73A
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "3ae573d079dcd1d2da4086f2c0c72c45"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 69
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif

23.36.76.96

200 OK

377 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray2.gif
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/ico_tray2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: pP/f5iHre0PLI+cWjFdc8VZmg3H4US47PtJOJsolMlJqqgkgdXI3yLv61OVAr1qp+OItQtjcPZs=
x-amz-request-id: 38ZXYY487KY1C1D0
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "c10bdec858cb0cf9e6cc5865d5925746"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 377
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png

23.36.76.96

200 OK

5.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 137 x 131, 8-bit/color RGB, non-interlaced\012- data
Size
5.9 kB (5904 bytes)
Hash
8a07f71c9d0642e8b94bd2b9687c768f
fb2f6f1a6a421101a4b10c315f340d0565709abf
e77edd6c132664f48fb66468de2e1b5068d61e9f04e03d6a51668b14d00af0ed

HTTP Headers

GET /landings/269163/1672139499/images/icon3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: nz4U36ZUhMHYLmfL1KhQDqlkZZvgD2IaGZljTbn3HCV36LrTpZOuzqfoKpLZzwZ68yQZ1ShUYhU=
x-amz-request-id: 38ZRY322MF5FMF00
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "8a07f71c9d0642e8b94bd2b9687c768f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5904
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif

23.36.76.96

200 OK

234 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/ico_tray3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: FQUpoI2ZK0f9QQxm//NI4DOVXDf1mANQrICdpHtKKfv3PiWXWWi+qYwMHsS8eyPWQFxyTRathqQ=
x-amz-request-id: NCS4F6G2SS5C2Q96
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 234
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png

23.36.76.96

200 OK

128 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
128 B (128 bytes)
Hash
0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/win_min.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: TOmzOy5y95ydZgXJJhL+Wm1Gv8wBUoLvTKCcIebxqx0oRfA0uSkLzNHoSndDulf9XVvOoEAZOlk=
x-amz-request-id: NCS92251ERNEHK02
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 128
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg

23.36.76.96

200 OK

7.7 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Size
7.7 kB (7653 bytes)
Hash
04cafbd162493b66a25988eb1cb58d07
fc780a93ddbacd25467c56bfb6bd46e8bc94503e
7aeb8ef4156327a8bb0c98b0f6ecc8409ab462a64c61df589c7e2477bd761628

HTTP Headers

GET /landings/269163/1672139499/images/logo.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: erkjjnRb4j8t7awj4tT1iGaegO5GXqxkoekw23A6fpavNFr0c6iEWwx/kX0sJxya1zjClYdc4cI=
x-amz-request-id: XS4XJDFMFST8RZHE
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "04cafbd162493b66a25988eb1cb58d07"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7653
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png

23.36.76.96

200 OK

1.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 124 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1932 bytes)
Hash
32fded5a952e60a48a879e414c590f24
834e44460475c20ce9f4c801a4ccf53130749af3
d712d6bf38edf55c605c2a568ce2de1caae95d26b00c02c4f9a1eed6f370d76e

HTTP Headers

GET /landings/269163/1672139499/images/icons.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: SCCwr5Sic/SOFsy2tf4ylD+9VznB3M9OIQ7lU9yVHoBhYTH07oR5udNv5BupdnviEde0Em/hfN8=
x-amz-request-id: P17FS9ZG516JT4J3
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "32fded5a952e60a48a879e414c590f24"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1932
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png

23.36.76.96

200 OK

59 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (59078 bytes)
Hash
15cac20be8d4fdd074e21a4a52604d2f
fd4c43583bec2c7bfae3cb9feb2699abbc50c578
d4ad291dfcf93d75db62260b5ba53ddda1f2a9c855a3019cf7ae52c3cd936739

HTTP Headers

GET /landings/269163/1672139499/images/avira-white.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: pDyJD5TJ+Qxe3AzlMKUviaBz58qUoWjmntXBizLjYFbBPOj6hLQ267IcBP7RLtKMJL+rkillhfA=
x-amz-request-id: P177JW2KQ90SBK03
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "15cac20be8d4fdd074e21a4a52604d2f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 59078
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png

23.36.76.96

200 OK

1.8 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.8 kB (1812 bytes)
Hash
7af58322b67083908a8519d74471f47d
256a9119feb235759cf98f211bc6398f58c4ee43
bfab83c5a6c9c62450668ba960527fc9b17ed316a52436f0f63fd1eedcd45a3d

HTTP Headers

GET /landings/269163/1672139499/images/menu4.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: rBQ5gY5gGP0yNi9l8wHQwAXrHn4JH/BmtajbyS2RxPEI3ORcA1JISjkrKhXvjIuTvTAKCzR30EA=
x-amz-request-id: 73BYRYTD8Z77JHVE
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7af58322b67083908a8519d74471f47d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1812
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png

23.36.76.96

200 OK

1.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1920 bytes)
Hash
b2b98941a9fe6bbcb6745989b3289b1e
5fb8fce5934af6d3426a37eb58b9846fa80ead39
d9efcb7b0f632cb3d2650c0c676b3c758f00c52f5d1cc5e7963dd456aaa03833

HTTP Headers

GET /landings/269163/1672139499/images/menu1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: oPkHa66YOuoPnk4E+bhZnSf+xKsyYVX5bSKiNce4AFd6EaJYoHNlh0RYgXy+dcpXFWiI4+Zj9Wg=
x-amz-request-id: P172HBHE22FE02NB
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "b2b98941a9fe6bbcb6745989b3289b1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1920
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png

23.36.76.96

200 OK

1.5 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1483 bytes)
Hash
860d945f4bba4b150b4c6300bdd87527
4c3f11a2902bf437bb578871f7e27625f0ae6504
bdca8ddc4aaf7200e8c215c5eedeae489626d9df23313578ac0cfe45854ea0c8

HTTP Headers

GET /landings/269163/1672139499/images/menu3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: mQcrMSno4SzfmSBuTwYUwFkgKyeE49fS683rgb/Upw787DVOOLUY6Plmds8XQoE59XNikEJMlzY=
x-amz-request-id: X72H7S1G9K2NQANW
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "860d945f4bba4b150b4c6300bdd87527"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1483
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png

23.36.76.96

200 OK

1.7 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1665 bytes)
Hash
bc32798c28d2145f979848809ba5f858
7bc0276cd56bf6463113a9c5d33ea9aacbdb5f51
7319ffc0fdb40740b07f1a286348fa0f29676127996481b6310f3dd7f322d4ee

HTTP Headers

GET /landings/269163/1672139499/images/menu2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: +uVGbsGU27Y1CvJCaiz8iem11ON7WGo2H+Z9yjI2CEiEtQLuMILy3uI/sY2vjZPpFbUTS61mFv4=
x-amz-request-id: P1766DSF0DCE8ZR9
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "bc32798c28d2145f979848809ba5f858"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1665
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png

23.36.76.96

200 OK

1.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 35 x 34, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1946 bytes)
Hash
1eab4e4fb7a147352b0027c0e4df1fe6
99e621180265541383f5c081cd6f7c77b7d21e0d
a66a5ce08b112086075a336e9f18d5cea683143b552a50641971ef00d3895207

HTTP Headers

GET /landings/269163/1672139499/images/check.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: EV+V7ssRDNm+XsgD++yR3rCCzuer8Lmfca4FYcu/c8tGlOzBIYUD7vFX22Tjyxwg88J+ciMZ3ok=
x-amz-request-id: X72QVEY9AYPJN5Y0
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "1eab4e4fb7a147352b0027c0e4df1fe6"
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1946
Server: AmazonS3
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png

23.36.76.96

200 OK

303 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 1440 x 700, 8-bit gray+alpha, non-interlaced\012- data
Size
303 kB (302963 bytes)
Hash
bc336a3a0c484d7c65299b9c4af45596
36cb2608b4fef19277220dab7e0cb0a623eee289
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b

HTTP Headers

GET /landings/269163/1672139499/images/globe-alpha.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
x-amz-id-2: TMdIsRGIpPb5q6SvAyHSvQiEpWMz+r1vxMtHubrCrN7EcOiqpH+kBd8Mt6bLTV1W5IDdP43DKqE=
x-amz-request-id: 73BWQPB35D32K7KT
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "bc336a3a0c484d7c65299b9c4af45596"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 302963
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png

23.36.76.96

200 OK

4.2 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4226 bytes)
Hash
2dd0fb3f8327cbd8ae041f7fdb1eb8bf
35cbcecbf827dbf814f249ff6f3124d671afd1a3
98035853429a64f9c5e3a1eb3dacd1592b1eda2f5ec5e54b02fe427e117f0f26

HTTP Headers

GET /landings/269163/1672139499/images/avira-logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: dGqdHI4PyAkktX2xFivuAphJBvovNsu8gZV2xORU0fmmFabNrTwOGXI2UquZIxTc8diinwc+Sd8=
x-amz-request-id: P17DK2K5ES0PCVRN
Last-Modified: Tue, 27 Dec 2022 11:11:40 GMT
ETag: "2dd0fb3f8327cbd8ae041f7fdb1eb8bf"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4226
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png

23.36.76.96

200 OK

4.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon2.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 152 x 121, 8-bit/color RGB, non-interlaced\012- data
Size
4.9 kB (4856 bytes)
Hash
a0f86853c68b824dd5c15b0fae66fdfe
0c8ba75f1370ba3c10a309be4c1c96a5067c6098
f58fdb3b3ba6dc0943458179df29efb7201b84ff2edbf03d9ad5cb26c4e52917

HTTP Headers

GET /landings/269163/1672139499/images/icon2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: W0Ru4qPVZM3D18KZGoe8e3RZLeGsYCoB2vCK50lwDPLuy3rik6G8M9Q1TvD8F8i8zNH5KkkWiuw=
x-amz-request-id: BPCGDHFYZMS21DQA
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "a0f86853c68b824dd5c15b0fae66fdfe"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4856
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png

23.36.76.96

200 OK

1.5 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 23 x 20, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1545 bytes)
Hash
7f7b44979afb15dfdc18e7d754c6d0f5
7426889578a3a6f20f620611f7ea8d4dadaf3b87
cb2eff4a1cf5f187eda87e71d6039f24af63844617a7f890070b9afd5c965a33

HTTP Headers

GET /landings/269163/1672139499/images/info.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qhS84vMnfChWPTXjeIv7iv3BMydv2KBv5pNkNwKRCKMq6tUJIgtJlbeadrmosIAh09SP5dg9sTw=
x-amz-request-id: BPCHNV7GH91H7DWD
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7f7b44979afb15dfdc18e7d754c6d0f5"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1545
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png

23.36.76.96

200 OK

5.9 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 139 x 130, 8-bit/color RGB, non-interlaced\012- data
Size
5.9 kB (5928 bytes)
Hash
fa6582524d715994e9d9036eca9b034b
06cce1b23faba93959df12a9eccaa3d6f51341ce
cf05a371ab1261c3e1f2785e26c95cc5869b37de15c9d48206e78a58894a0cdc

HTTP Headers

GET /landings/269163/1672139499/images/icon1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 5I1ie0D95MGvFfsw9aWPUCxMDZDidn3KREhJhNfdrHk8gkTJ0dW37/u1g++mIFbK8ZwG3aPjxZ4=
x-amz-request-id: BPCGG2NRKWJGE7Y6
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "fa6582524d715994e9d9036eca9b034b"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5928
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/cross.gif

23.36.76.96

200 OK

211 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/269163/1672139499/images/cross.gif
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 29 x 29\012- data
Size
211 B (211 bytes)
Hash
45b0c8a1e52d91e8cf84eaf75ebca9a9
0e358b8571f9062dedfacd0c31d54179270153cd
4e635bdab7a300d0ccb5aac26b4610a07ee1b33643578c1a4308e677d7eb595d

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /landings/269163/1672139499/images/cross.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: rgNhOWO4aEHEhclZ1t/+UWDQLxxv7P/n3lGvTQOtGyCSs6CobP/rcxSoBAi2zcIl7DBZuvvt8+4=
x-amz-request-id: P177385EBGPBB1CW
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "45b0c8a1e52d91e8cf84eaf75ebca9a9"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 211
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.96

200 OK

4.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

push.services.mozilla.com/

35.165.237.81

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.237.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vz13FtqZsQLJoVASqGZlxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pMZQy4jPwHaEpcln35DWFLU/kBI=

ocsp.pki.goog/gts1c3

216.58.207.195

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
43904744042cec16f81766250b8ebf49
8393568a2e9c86dafc36563c76703704c7cd86c6
d2359c7cce5176a68cd627ba7e39dfceff78036c6840cd468994df8519f1fb27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.stfilecamp.com/stormtrk.js

205.185.216.10

200 OK

6.8 kB

URL HTTP/2
cdn.stfilecamp.com/stormtrk.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
6.8 kB (6807 bytes)
Hash
39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 18 Jan 2023 09:44:05 GMT
cache-control: max-age=1144
content-length: 6807
content-type: text/javascript
last-modified: Sat, 24 Dec 2022 08:48:24 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx000000000000007a268e8-0063c7b5cd-2d8da7eb-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-sp-metadata: HS256.CPWan54GEoYBCiQ3Yzc3NzVjMy1jZTdlLTRjMmEtYjA0Ni0wZGJmMzE4YWNiMmMQgMPq7NjG+wIaBgjl/p6eBiIMOTEuOTAuNDIuMTU0KOs4MAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQyZTk3YmQ0YS0wYjc4LTQ1YTQtYTgyYi0wN2Y5NWZlYTczZWUYlzUiGAgCEhRjZHMwMTQuc2sxLmh3Y2RuLm5ldA==.TyC7dJj92gicECjZwx1DVHI1b8Ik7ptBk9xPbAuCBmk=
x-hw: 1674035045.dop225.sk1.t,1674035045.cds071.sk1.hn,1674035045.cds014.sk1.c
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.46

200 OK

27 kB

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
data
Size
27 kB (26823 bytes)
Hash
0e5f518bdefce3a427b3502ce3869066
e07ffb0c159525e0e55f279017ff75bc14adf61b
097c292f9b9ba884e7734b2f5c2b0ed64a2bc4ef0ec7998a4bb068e6eb2233cb

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jan 2023 09:44:05 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+703; expires=Fri, 17-Jan-2025 09:44:05 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.207.195

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.42

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (22967)
Size
3.6 kB (3632 bytes)
Hash
f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 09:12:48 GMT
expires: Wed, 18 Jan 2023 10:12:48 GMT
cache-control: public, max-age=3600
age: 1877
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.207.195

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-adef.akamaized.net/beep.mp3

23.36.76.96

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/beep.mp3
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET /beep.mp3 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

23.36.76.96

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: http://llam.yourpcdefenderplus.site/
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 18 Jan 2023 09:44:05 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

216.58.207.195

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 09:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.207.195

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 09:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/1x/translate_24dp.png

216.58.211.3

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 12:53:47 GMT
expires: Tue, 16 Jan 2024 12:53:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 161419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

216.58.211.3

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 16:07:41 GMT
expires: Tue, 16 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 149785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.stfilecamp.com/fp.min.js

205.185.216.10

200 OK

32 kB

URL HTTP/2
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
Unicode text, UTF-8 text, with very long lines (31370)
Size
32 kB (31705 bytes)
Hash
198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
fortinet	Phishing

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 18 Jan 2023 09:44:06 GMT
cache-control: max-age=1186
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000000000000023f7ed27-0063c7b5f8-2b8f3340-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-sp-metadata: HS256.CPaan54GEoYBCiRmNzIyOGE3ZS0yYjBiLTQ1YmYtOWI2My05OGY1ZTY4M2E2MGYQgMPq7NjG+wIaBgjm/p6eBiIMOTEuOTAuNDIuMTU0KOs4MAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiRjYWI3ZDAyNi1kMzM1LTQ5ZGUtYTYzMy02MjY2ODE0MzI2NGIY2fcBIhgIAhIUY2RzMjM3LnNrMS5od2Nkbi5uZXQ=.x+4kDOQf9Ho3BvTLBvDvBMpRmUGZFdzZm2gv1+zZFVE=
x-hw: 1674035046.dop225.sk1.t,1674035046.cds071.sk1.hn,1674035046.cds237.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.207.195

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 09:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4990
Expires: Wed, 18 Jan 2023 11:07:16 GMT
Date: Wed, 18 Jan 2023 09:44:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4990
Expires: Wed, 18 Jan 2023 11:07:16 GMT
Date: Wed, 18 Jan 2023 09:44:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4990
Expires: Wed, 18 Jan 2023 11:07:16 GMT
Date: Wed, 18 Jan 2023 09:44:06 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11028 bytes)
Hash
402bdd90bc2557de4f317d4d0ec892ed
b205b0bb74fabcf1612f22db53c197b63ae4ce0c
2fa402a38832c3efe15d5fee9116b36aeea5a0012ba4e8d6477b4fa9a0368598

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11028
x-amzn-requestid: 2b2b0030-a54b-42d1-a680-69e23c4320bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AteE7uIAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-5abf38ea140446ec294cdf6c;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ApT3FVNNohshR3ZepIle34K_XJYUoJz7Ucm1JYfrlVuaQgAYrl-ESA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 07:16:18 GMT
age: 8868
etag: "b205b0bb74fabcf1612f22db53c197b63ae4ce0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5663 bytes)
Hash
4ec6c49f056e786896d54fe22c242391
cc6b64ff3f09853843b62e555456a1ad9f0909fb
42f0571efba18630c8deee17e98c6939a7050b04f613ad10515caf503e496b4d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5663
x-amzn-requestid: 9a1c75a4-1c8d-4bd2-b6ca-7fccb8b43c12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gF5goAMFveA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-1d274e8074771db651e80979;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sAxuQECVKx0dfc2UM_E_70nKN8za1SBN4opMWr_74gT5ScurgZGVLw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:46:36 GMT
age: 43050
etag: "cc6b64ff3f09853843b62e555456a1ad9f0909fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff787bd82-2d8d-4bec-acc1-41aaf9447696.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7560 bytes)
Hash
b31599f58472f3dad80798d36e5e1fa2
877be61cdea3bf743e69c716135829bf59e23d90
7cab652e997afe30417eef7d79a277147306f4ced65a8d7eaefcb83c1218c99d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff787bd82-2d8d-4bec-acc1-41aaf9447696.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7560
x-amzn-requestid: 4060d084-eecd-45c3-9299-a34dd8a56f00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1HELioAMFRSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ed-6b58cbc5370ea60e62d06e44;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-952nupr74Dim3dhuSacp4Q7oGpEoYs8bSutdfdD6APFi3o8TdHdA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:45:16 GMT
age: 39530
etag: "877be61cdea3bf743e69c716135829bf59e23d90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5040d384-c89f-4aa4-8652-aea8a1600738.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9819 bytes)
Hash
18d44fef1be0f8ba8ae6e29788478e47
a881d39e5e2aea041f30b476f1e3d7d135ca691b
a7bd1b6e2615f6fa898d55cdd6370330b89aba74348cc3b020df81a3ee51b9d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5040d384-c89f-4aa4-8652-aea8a1600738.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9819
x-amzn-requestid: ed88b40e-5e06-41f9-a1ba-a3bef07eb12a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LT4G5qoAMFwFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf4b-513cb0eb6ec4f22f23a26da7;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:06:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x6xEfCqpXziyWiy0ZxXVp8yRH_munH9cmIGQa7oB8Qf-0wLOjyPo-g==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:17:27 GMT
age: 23199
etag: "a881d39e5e2aea041f30b476f1e3d7d135ca691b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F053123e4-9914-4404-b1e9-cb5f3e38b7a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11781 bytes)
Hash
5caa7df39f82600c651046957ab6b62d
d6d6fbd676b74e487ee06248c48da87e178223e7
df3090d2e7c7c6e970fe498609d74c63e04aa80d55a26c956d1e3be5bebfafbc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F053123e4-9914-4404-b1e9-cb5f3e38b7a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11781
x-amzn-requestid: 522a0799-2025-43cd-9d7e-08cdaa5acf11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0vQMGZRIAMFfjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f8cd-697804fd5b8b3cff7d2d5a7e;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:12:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MGfNpq5RCQifmDzeCJl4-1DPyd63DRE89n_BlQwQanwYyYquvaBkBw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 07:21:45 GMT
age: 8541
etag: "d6d6fbd676b74e487ee06248c48da87e178223e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13111 bytes)
Hash
d134f7ac9a5ca8ab7a9461bd20706bb7
aa47af3e7517390d10e89f0f18237cfdcc63cbed
3431c8027f09bb284fe48ef8e4458fd43d8cc961250601b3028b83a7ba19f6ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13111
x-amzn-requestid: 7a9bb405-c68d-496f-b608-e9d295c44c50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0MStGBBIAMFXag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4c0dd-75d87c0d763744951f13febd;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:13:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkIL919Q7OFO6bACXTrDan0f9D9rgrN0DJMQv1DYPLeWqT1CywCAEg==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:46 GMT
age: 20600
etag: "aa47af3e7517390d10e89f0f18237cfdcc63cbed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/

23.36.76.96

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Wed, 18 Jan 2023 09:44:07 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

23.36.76.96

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://llam.yourpcdefenderplus.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 18 Jan 2023 09:44:07 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/

23.36.76.96

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Wed, 18 Jan 2023 09:44:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

23.36.76.96

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
23.36.76.96:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://llam.yourpcdefenderplus.site/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 18 Jan 2023 09:44:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fllam.yourpcdefenderplus.site%2Fc%2F4e5d922b8a829ab6%3Fbid%3D0.0081%26s1%3Dph4-sft-at%26s3%3Dduy%26s4%3D%26s5%3Dtrx0etqzts2wlgp%26s6%3D%26s7%3D881848%26s8%3Dpyno1jcpbhm%26clickid%3Dzaprn6ehkwh

104.26.4.120

200 OK

0 B

URL HTTP/2
stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fllam.yourpcdefenderplus.site%2Fc%2F4e5d922b8a829ab6%3Fbid%3D0.0081%26s1%3Dph4-sft-at%26s3%3Dduy%26s4%3D%26s5%3Dtrx0etqzts2wlgp%26s6%3D%26s7%3D881848%26s8%3Dpyno1jcpbhm%26clickid%3Dzaprn6ehkwh
IP
104.26.4.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/1.0/ping/pong?location=http%3A%2F%2Fllam.yourpcdefenderplus.site%2Fc%2F4e5d922b8a829ab6%3Fbid%3D0.0081%26s1%3Dph4-sft-at%26s3%3Dduy%26s4%3D%26s5%3Dtrx0etqzts2wlgp%26s6%3D%26s7%3D881848%26s8%3Dpyno1jcpbhm%26clickid%3Dzaprn6ehkwh HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://llam.yourpcdefenderplus.site
Connection: keep-alive
Referer: http://llam.yourpcdefenderplus.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 18 Jan 2023 09:44:06 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcCN9A%2ByP%2Fd9gn2NePe9BkjV2%2BhYMmPnVc9lWnPqtgDt1qg1tUfD8AvIpESHPRlD77MwgWl5Gl%2FO5dBuQ1ebSzLQKABxmkU6eXQIhF4ieAcknpu6skXhE36XMzjnqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b663dbbe3ab511-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML