Report - dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click

Report Overview

URL

dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1}
IP

52.51.27.131

ASN

#16509 AMAZON-02
Submitted

2023-03-06T23:00:59Z

Access

public
Tags

fake_software fraud
urlquery detections

Fraud - Fake AntiVirus / Security software

Detections

urlquery

13
Network Intrusion Detection

0
Threat Detection Systems

3

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.stfilecamp.com (3)	400667	2021-09-06T17:32:03Z	2023-03-19T09:00:39Z	1170	41348	205.185.216.42
ocsp.digicert.com (1)	86	2012-05-21T09:02:23Z	2023-03-23T05:17:58Z	341	571	192.229.221.95
translate.google.com (1)	1156	2012-05-30T03:30:32Z	2023-03-23T05:10:37Z	420	691	142.250.74.174
stormtrk.com (1)	289095	2019-05-17T20:09:53Z	2023-03-19T09:00:50Z	750	693	172.67.69.203
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-23T05:09:05Z	782	2374	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-23T05:09:17Z	413	5882	34.160.144.191
r3.o.lencr.org (8)	344	2020-12-02T09:52:13Z	2023-03-23T05:09:13Z	2704	7091	23.36.77.32
cdnjs.claudflare.io (1)	unknown	2021-08-12T10:01:46Z	2023-03-19T13:00:33Z	416	92269	206.189.196.86
www.gstatic.com (1)	unknown	2016-07-26T11:37:06Z	2023-03-23T05:26:05Z	493	5111	216.58.211.3
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-23T05:12:28Z	333	391	34.117.237.239
ocsp.pki.goog (8)	175	2018-07-01T08:43:07Z	2023-03-23T05:09:54Z	2772	5624	142.250.74.131
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-23T05:10:49Z	606	127	54.190.133.153
route.frest.pro (1)	unknown	2023-01-02T14:11:29Z	2023-03-19T13:00:34Z	485	778	172.67.211.109
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-23T05:09:42Z	3246	49877	34.120.237.76
translate.googleapis.com (1)	1005	2012-05-31T09:21:21Z	2023-03-23T07:07:49Z	499	76011	142.250.74.170
dlnl.newrequireddefence.site (1)	unknown	2023-02-01T18:31:24Z	2023-03-18T06:00:40Z	548	3510	52.51.27.131
cdn-adef.akamaized.net (35)	125719	2018-02-06T08:56:01Z	2023-03-22T11:52:49Z	15086	435920	23.36.76.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-06	medium	cdn.stfilecamp.com/stormtrk.js	Phishing
2023-03-06	medium	cdn.stfilecamp.com/fp.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-06	medium	claudflare.io	Sinkholed

ThreatFox

No alerts detected

HTTP Transactions (73)

URL IP Response Size

dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1}

52.51.27.131

200 OK

3028

URL HTTP/1.1

dlnl.newrequireddefence.site/c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1}
IP

52.51.27.131:0
ASN

#16509 AMAZON-02

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20195)

Size

3028
Hash

b1b87098fbb7301e96881fda83508105

f4e279ed4278a47d4b1c5c546e813e28511850ec

dcce6167e68e4b11282da14a060af7b259c4892040b8e19fe7b7f361901cf560

HTTP Headers

                                        GET /c/a4510ff39c33bdb3?clickid={click_uuid}&bid={bid_cpc}&s1={s1}&s3={s3}&s4={subscriber_age_days}&s5={subid_uuid}&s6={zone_uid}&s7={platform_name}&s8={campaign_id}&s9={click_uuid}&sub1={sub1} HTTP/1.1
Host: dlnl.newrequireddefence.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Mar 2023 23:00:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=640670a0000cc2db; Path=/; Expires=Fri, 05 May 2023 23:00:48 GMT
unique_id2=640670a0000ccc9b; Path=/; Expires=Sun, 04 Jun 2023 23:00:48 GMT
impression=; Path=/; Expires=Mon, 06 Mar 2023 23:00:48 GMT
640670a0000ccc9b_sl=[269163]; Path=/; Expires=Mon, 20 Mar 2023 23:00:48 GMT
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cf14baed0842431a08367ed54f2346ca

d943be8835b7e4470e3d6fbe09ac39c5464be434

a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14869
Expires: Tue, 07 Mar 2023 03:08:37 GMT
Date: Mon, 06 Mar 2023 23:00:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

c8d3b63b0ab9c679c7a50df2ba42b497

7133ccb414f7d8040d0f4a1b1df359485a76c377

4652b9b479b50208073dbff5a0b434fe6e8a1a2c5caa6365a8c5de2ff7fd9865

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4652B9B479B50208073DBFF5A0B434FE6E8A1A2C5CAA6365A8C5DE2FF7FD9865"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6379
Expires: Tue, 07 Mar 2023 00:47:07 GMT
Date: Mon, 06 Mar 2023 23:00:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

bc86ef2a0cee04915bc360f5821adc8f

3658f9028cce204d38f7f48fcfaa2a8e4f54383a

aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Mar 2023 22:13:27 GMT
content-type: application/json
age: 2841
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6681493f94022a7df736f92e03badd12

31bc327734b19fbf70290dcc2d19222564a3a396

f9fe24479b86404d7884409068517cc6f57b988b35be92e4f58cb4634fcb2218

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9FE24479B86404D7884409068517CC6F57B988B35BE92E4F58CB4634FCB2218"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14283
Expires: Tue, 07 Mar 2023 02:58:51 GMT
Date: Mon, 06 Mar 2023 23:00:48 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

b5ba6334e73496995e3e3a9ecd0eb323

ad80d3b7718c28364e8c2004fb38a13a1747e462

aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: nzJ4fMSSOu0Uckd/A1qqebr8/5GUjHOGl/vmJLngEYH4NVKSc2J4FOvmrTdkV1UQdCtjU4dlISM=
x-amz-request-id: ASZJCJ3J1WFQM3QV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Mar 2023 22:17:19 GMT
age: 2609
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 23:00:49 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499

23.36.76.96

200 OK

2856

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text

Size

2856
Hash

9e6e17753fd08ccffdaab4bc97d7af50

f4a6f23df54e760b305134eb5587ccd0b0c6ad49

01f65c67d47ef19588c9c3e19fc6e2e123ff3f0e2f1cfdf9ad61a655efe23cf8

HTTP Headers

                                        GET /landings/269163/1672139499/css/style.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: qufEYPc9y6KgRXvEchyW55rLl82tjAJ8o+Go6G0b+8dVIbBU7W5Q7CnjX1kvR8/C09G/xxeh6iE=
x-amz-request-id: P1751PTDJH8W116R
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "790ea33cbfafd3311bd7083f70a179c6"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 06 Mar 2023 23:00:49 GMT
Content-Length: 2856
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499

23.36.76.96

200 OK

769

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/js/main.js?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text

Size

769
Hash

a22a1a0161c2da8eab4d825d701e0d30

17a279b59fa2371f8661d5558662df7abdcf5442

4d7d84af0a913c75c83eda10419b18fd30ec7f481bf627fa89d8ff450df53580

HTTP Headers

                                        GET /landings/269163/1672139499/js/main.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: 5C0a3PdxgjpVDn+c74yPxxc1ZoAClrJlOQ8yVPzDbxOR0Ul0umL1ZZdRTn/Kguw72TtTOWMRHTI=
x-amz-request-id: W284DFSWT3SW3D3F
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "a22a1a0161c2da8eab4d825d701e0d30"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 769
Date: Mon, 06 Mar 2023 23:00:49 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6c9b4ffa93486d7b1901e2a7802dcd45

3d7cbba9aea9251d4838b5efa3944e2668a7738c

a252428083698b78077bd40490c24d6f2e03056bc13157b6e13202e5c49a6781

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A252428083698B78077BD40490C24D6F2E03056BC13157B6E13202E5C49A6781"
Last-Modified: Sat, 04 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15789
Expires: Tue, 07 Mar 2023 03:23:58 GMT
Date: Mon, 06 Mar 2023 23:00:49 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Mar 2023 22:12:30 GMT
age: 2899
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499

23.36.76.96

200 OK

559

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/js/translete.js?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text

Size

559
Hash

7a2813dd2f72e952a133e5d6f13a808a

7472ee61fbd566913fd48f40f76e63edb9ea1faf

ea14a153c8c32aecd506eeb112e67542e62ea7e312dc77de3149df90c8a9336d

HTTP Headers

                                        GET /landings/269163/1672139499/js/translete.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: 5SgJ3pTlMQcjUbhEAF36n0L9CnXlMK0GFf7EItDRicOyjpMGy5pq8vIi2cdAm/xxszR3wY6grYI=
x-amz-request-id: J8MB8TRZ9B3KJ0GN
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "ec54980cfed635492cef5628111560d2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 06 Mar 2023 23:00:49 GMT
Content-Length: 559
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499

23.36.76.96

200 OK

655

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/css/translate.css?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text

Size

655
Hash

64836db20736f1e7995b43489b4bf0ac

a0db33db05acb39dd01d9f19f5eed634682b0ead

d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

                                        GET /landings/269163/1672139499/css/translate.css?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: lhcifVWg8gYIiT8Rf76hcHbyOlIRmimK37Wr1infQMoPoj6bMNhZ6VnvLBH9X+shV2QmB1jHe8A=
x-amz-request-id: X72MGA21V27PNWE5
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 655
Date: Mon, 06 Mar 2023 23:00:49 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499

23.36.76.96

200 OK

826

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/js/js.cockie.min.js?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text, with very long lines (1619), with no line terminators

Size

826
Hash

80f159394b22e099038b584495222009

49a38d579533fb963f8f0f94687b40f65713b8dd

2d1575e9baafcb2f70a5d4ff82e829c3722535c3b9921c0d1baf5b54a384b109

HTTP Headers

                                        GET /landings/269163/1672139499/js/js.cockie.min.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: +gaeW8JMiZ7bWIpZYTYZ5JqdkWRnOmeneDRWPNH5REt4VghQGGrGPgEdkbDPDVDdF8YPvFiTJWk=
x-amz-request-id: W28F5FV1MDABMMY7
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "aeb03440821eecd362780d1d1f8f4751"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 06 Mar 2023 23:00:49 GMT
Content-Length: 826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499

23.36.76.96

200 OK

5095

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/js/interactive.js?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text, with very long lines (24988), with no line terminators

Size

5095
Hash

4f6795f72fdbcb15309fd2aaba55302d

d613bd45610ff3a3e0a581d360847f01de563368

787035c2e2a9154a7ab7805185cf09b73f252b86221c975244259db327db8193

HTTP Headers

                                        GET /landings/269163/1672139499/js/interactive.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: T2tZi3dAK8MbPb1TaMbQuq/GIufj6jXkIdgKLktA0cspaP7b8n6VvPF5F4UzDIWV9ufwHM+nnTQ=
x-amz-request-id: W283XN0576Z26XH5
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "7f1b8cc7b3f5bae928d07c8605d0c0d8"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 06 Mar 2023 23:00:49 GMT
Content-Length: 5095
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499

23.36.76.96

200 OK

1073

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/js/site-protect.2.0.js?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text

Size

1073
Hash

85e3bd021961fdac95655a71435375f5

9d03222c7a2acb3c790270e3f07bebc485759db2

bd6d5b382238afd5ee6299972b66f4e22521fe96487dfc620be38e1743d71887

HTTP Headers

                                        GET /landings/269163/1672139499/js/site-protect.2.0.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: 2SJiDeh2mxH/X/uSnoXhgOLVIgX4QROvjXrd3Z92ZRDaYBHTq07FswU9qCbKOmmpipI28A+/SgA=
x-amz-request-id: P17AHXQX68W2MEFA
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "311a4a9bfb7699c36f9310aa8484b360"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 06 Mar 2023 23:00:49 GMT
Content-Length: 1073
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

1dfdbbe528416d7653788c31a945540d

ce7e4b0cc913dcf90dcb43ca51706e2ff0677eaf

872f2081ef126a0358e196338a21f095c376652feaa7cb9b2bfd6f3149838f60

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "872F2081EF126A0358E196338A21F095C376652FEAA7CB9B2BFD6F3149838F60"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7567
Expires: Tue, 07 Mar 2023 01:06:56 GMT
Date: Mon, 06 Mar 2023 23:00:49 GMT
Connection: keep-alive

cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499

23.36.76.96

200 OK

728

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/js/second_back_multi.js?1672139499
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

ASCII text

Size

728
Hash

cf00d833782706194b8c8d7a10222c7e

eb5fcbf9e53b3e2882d671cea6a73210effff810

b1d0dec6c93c760e5890b5f36ce72d46f4d9be7650d8eda017ef0bb640080b05

HTTP Headers

                                        GET /landings/269163/1672139499/js/second_back_multi.js?1672139499 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: OwUXHrKbmKcspp75L+RoEPyTSjsEp0CnyBgTH42w3Udlt4rsSSq/Sbz2jqDtFJP4su36Srie0Gw=
x-amz-request-id: W2852RADPYP02GH6
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "f428fe6667efbbe5781d64826256609b"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 06 Mar 2023 23:00:49 GMT
Content-Length: 728
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn.stfilecamp.com/multi_push.js?1672139499

205.185.216.42

200 OK

1072

URL HTTP/2

cdn.stfilecamp.com/multi_push.js?1672139499
IP

205.185.216.42:0
ASN

#20446 STACKPATH-CDN

Magic

ASCII text

Size

1072
Hash

a50322f9d3f3fafe3fb02be02285e433

c0a894b3bfa545832c3ad1c2f145005d02e50ac4

cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

                                        GET /multi_push.js?1672139499 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Mon, 06 Mar 2023 23:00:49 GMT
cache-control: max-age=3600
content-length: 1072
content-type: text/javascript
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx0000000000000155407a8-00640670a1-2fbb7a95-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1678143649.dop224.sk1.t,1678143649.cds021.sk1.hn,1678143649.cds231.sk1.pr
X-Firefox-Spdy: h2

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499

206.189.196.86

200 OK

92013

URL HTTP/1.1

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499
IP

206.189.196.86:0
ASN

#14061 DIGITALOCEAN-ASN

Magic

ASCII text, with very long lines (65447)

Size

92013
Hash

0dd85f14c26ab969e3821b1242e990dc

93fab83252b745e1c443d3e2f9aade1ac24f20ba

b6e8a194a1a400ed9f2ce3155e243ccd3a0740066a3d39bc06a7a56193290995

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /ajax/libs/jquery/3.6.0/b/jquery.min.js?1672139499 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 06 Mar 2023 23:00:49 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92013
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Tue, 07 Mar 2023 11:00:49 GMT

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif

23.36.76.96

200 OK

234

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/ico_tray3.gif
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

GIF image data, version 89a, 16 x 16\012- data

Size

234
Hash

9ce99ec458daf212f9812a90f3fadd13

9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1

b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

                                        GET /landings/269163/1672139499/images/ico_tray3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: FQUpoI2ZK0f9QQxm//NI4DOVXDf1mANQrICdpHtKKfv3PiWXWWi+qYwMHsS8eyPWQFxyTRathqQ=
x-amz-request-id: NCS4F6G2SS5C2Q96
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 234
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

push.services.mozilla.com/

54.190.133.153

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

54.190.133.153:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 28AsGdpbCslWAs6TDyQmSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: y1m9qaAv47ScU+PTIqPk6F62nlM=

cdn.stfilecamp.com/stormtrk.js

205.185.216.42

200 OK

6807

URL HTTP/2

cdn.stfilecamp.com/stormtrk.js
IP

205.185.216.42:0
ASN

#20446 STACKPATH-CDN

Magic

ASCII text

Size

6807
Hash

39e5f8ad757fe438c784e8d883e47ab0

6b2905489485100c83605f43186c5843031e1f3b

e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
date: Mon, 06 Mar 2023 23:00:50 GMT
cache-control: max-age=66
content-length: 6807
content-type: text/javascript
last-modified: Sat, 24 Dec 2022 08:48:24 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx000000000000015489004-00640662d4-2fbb7a95-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1678143650.dop224.sk1.t,1678143650.cds021.sk1.hn,1678143650.cds014.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

54cfe1ca54a8a2535e7e5be05f711fd5

215dec9674931cdaa880b9ac6035ec4a64397192

cb4d5b5e1dff22bd21a23243c127ae3cf3972a5de7baa5ff521302e4b4d669bd

HTTP Headers

                                        POST /s/gts1p5/K65h7ENLtOQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 23:00:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png

23.36.76.96

200 OK

1946

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/check.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 35 x 34, 8-bit/color RGB, non-interlaced\012- data

Size

1946
Hash

1eab4e4fb7a147352b0027c0e4df1fe6

99e621180265541383f5c081cd6f7c77b7d21e0d

a66a5ce08b112086075a336e9f18d5cea683143b552a50641971ef00d3895207

HTTP Headers

                                        GET /landings/269163/1672139499/images/check.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: EV+V7ssRDNm+XsgD++yR3rCCzuer8Lmfca4FYcu/c8tGlOzBIYUD7vFX22Tjyxwg88J+ciMZ3ok=
x-amz-request-id: X72QVEY9AYPJN5Y0
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "1eab4e4fb7a147352b0027c0e4df1fe6"
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1946
Server: AmazonS3
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png

23.36.76.96

200 OK

1665

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu2.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data

Size

1665
Hash

bc32798c28d2145f979848809ba5f858

7bc0276cd56bf6463113a9c5d33ea9aacbdb5f51

7319ffc0fdb40740b07f1a286348fa0f29676127996481b6310f3dd7f322d4ee

HTTP Headers

                                        GET /landings/269163/1672139499/images/menu2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: +uVGbsGU27Y1CvJCaiz8iem11ON7WGo2H+Z9yjI2CEiEtQLuMILy3uI/sY2vjZPpFbUTS61mFv4=
x-amz-request-id: P1766DSF0DCE8ZR9
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "bc32798c28d2145f979848809ba5f858"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1665
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.digicert.com/

192.229.221.95

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

192.229.221.95:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

2530e1178696e75c236572f91c170c0b

34b278e651eed3ce35751dfd89ac0b27c3b5077f

dd008d559d77caf73779332a634744457b512c3dd512fc6bb0c72279f4c0b24b

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=115572
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 23:00:50 GMT
Etag: "64059116-117"
Expires: Wed, 08 Mar 2023 07:07:02 GMT
Last-Modified: Mon, 06 Mar 2023 07:07:02 GMT
Server: nginx
Content-Length: 279

cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png

23.36.76.96

200 OK

59078

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-white.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data

Size

59078
Hash

15cac20be8d4fdd074e21a4a52604d2f

fd4c43583bec2c7bfae3cb9feb2699abbc50c578

d4ad291dfcf93d75db62260b5ba53ddda1f2a9c855a3019cf7ae52c3cd936739

HTTP Headers

                                        GET /landings/269163/1672139499/images/avira-white.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: pDyJD5TJ+Qxe3AzlMKUviaBz58qUoWjmntXBizLjYFbBPOj6hLQ267IcBP7RLtKMJL+rkillhfA=
x-amz-request-id: P177JW2KQ90SBK03
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "15cac20be8d4fdd074e21a4a52604d2f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 59078
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png

23.36.76.96

200 OK

128

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/win_min.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data

Size

128
Hash

0bb86caf792dd7d24731c18cd37bb68e

dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25

2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

                                        GET /landings/269163/1672139499/images/win_min.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: TOmzOy5y95ydZgXJJhL+Wm1Gv8wBUoLvTKCcIebxqx0oRfA0uSkLzNHoSndDulf9XVvOoEAZOlk=
x-amz-request-id: NCS92251ERNEHK02
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 128
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png

23.36.76.96

200 OK

1483

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu3.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data

Size

1483
Hash

860d945f4bba4b150b4c6300bdd87527

4c3f11a2902bf437bb578871f7e27625f0ae6504

bdca8ddc4aaf7200e8c215c5eedeae489626d9df23313578ac0cfe45854ea0c8

HTTP Headers

                                        GET /landings/269163/1672139499/images/menu3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: mQcrMSno4SzfmSBuTwYUwFkgKyeE49fS683rgb/Upw787DVOOLUY6Plmds8XQoE59XNikEJMlzY=
x-amz-request-id: X72H7S1G9K2NQANW
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "860d945f4bba4b150b4c6300bdd87527"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1483
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png

23.36.76.96

200 OK

1812

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu4.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data

Size

1812
Hash

7af58322b67083908a8519d74471f47d

256a9119feb235759cf98f211bc6398f58c4ee43

bfab83c5a6c9c62450668ba960527fc9b17ed316a52436f0f63fd1eedcd45a3d

HTTP Headers

                                        GET /landings/269163/1672139499/images/menu4.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: rBQ5gY5gGP0yNi9l8wHQwAXrHn4JH/BmtajbyS2RxPEI3ORcA1JISjkrKhXvjIuTvTAKCzR30EA=
x-amz-request-id: 73BYRYTD8Z77JHVE
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7af58322b67083908a8519d74471f47d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1812
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png

23.36.76.96

200 OK

5928

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon1.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 139 x 130, 8-bit/color RGB, non-interlaced\012- data

Size

5928
Hash

fa6582524d715994e9d9036eca9b034b

06cce1b23faba93959df12a9eccaa3d6f51341ce

cf05a371ab1261c3e1f2785e26c95cc5869b37de15c9d48206e78a58894a0cdc

HTTP Headers

                                        GET /landings/269163/1672139499/images/icon1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: 5I1ie0D95MGvFfsw9aWPUCxMDZDidn3KREhJhNfdrHk8gkTJ0dW37/u1g++mIFbK8ZwG3aPjxZ4=
x-amz-request-id: BPCGG2NRKWJGE7Y6
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "fa6582524d715994e9d9036eca9b034b"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5928
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg

23.36.76.96

200 OK

7653

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/logo.jpg
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 200x200, components 3\012- data

Size

7653
Hash

04cafbd162493b66a25988eb1cb58d07

fc780a93ddbacd25467c56bfb6bd46e8bc94503e

7aeb8ef4156327a8bb0c98b0f6ecc8409ab462a64c61df589c7e2477bd761628

HTTP Headers

                                        GET /landings/269163/1672139499/images/logo.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: erkjjnRb4j8t7awj4tT1iGaegO5GXqxkoekw23A6fpavNFr0c6iEWwx/kX0sJxya1zjClYdc4cI=
x-amz-request-id: XS4XJDFMFST8RZHE
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "04cafbd162493b66a25988eb1cb58d07"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7653
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png

23.36.76.96

200 OK

1932

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/icons.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 124 x 22, 8-bit/color RGB, non-interlaced\012- data

Size

1932
Hash

32fded5a952e60a48a879e414c590f24

834e44460475c20ce9f4c801a4ccf53130749af3

d712d6bf38edf55c605c2a568ce2de1caae95d26b00c02c4f9a1eed6f370d76e

HTTP Headers

                                        GET /landings/269163/1672139499/images/icons.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: SCCwr5Sic/SOFsy2tf4ylD+9VznB3M9OIQ7lU9yVHoBhYTH07oR5udNv5BupdnviEde0Em/hfN8=
x-amz-request-id: P17FS9ZG516JT4J3
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "32fded5a952e60a48a879e414c590f24"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1932
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/beep.mp3

23.36.76.96

302 Moved Temporarily

URL HTTP/1.1

cdn-adef.akamaized.net/beep.mp3
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software

HTTP Headers

                                        GET /beep.mp3 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

route.frest.pro/is_redirect

172.67.211.109

200 OK

URL HTTP/2

route.frest.pro/is_redirect
IP

172.67.211.109:0
ASN

#13335 CLOUDFLARENET

Magic

JSON data\012- , ASCII text

Size

17
Hash

6dec798efb56f56f33660938f6249ff6

e889219883cef38754dc1e5df7ca5277b3b314c8

b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

HTTP Headers

                                        POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 10
Origin: http://dlnl.newrequireddefence.site
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Mon, 06 Mar 2023 23:00:50 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34Co%2Ffe%2FSnV7MXDP%2FniZj7UAY6WE8dv4CeyiuxWoaF1ZMmwkXrzUqX7YYuYLIasl6I%2BpOLWwzolK%2BB%2Bp3s4MOL7SkTObCExPOzQuKFvcmxZi%2Bed4KbIJkGI54JPTymEmb1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a3e379648d40b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png

23.36.76.96

200 OK

302963

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/globe-alpha.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 1440 x 700, 8-bit gray+alpha, non-interlaced\012- data

Size

302963
Hash

bc336a3a0c484d7c65299b9c4af45596

36cb2608b4fef19277220dab7e0cb0a623eee289

af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b

HTTP Headers

                                        GET /landings/269163/1672139499/images/globe-alpha.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/269163/1672139499/css/style.css?1672139499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
x-amz-id-2: TMdIsRGIpPb5q6SvAyHSvQiEpWMz+r1vxMtHubrCrN7EcOiqpH+kBd8Mt6bLTV1W5IDdP43DKqE=
x-amz-request-id: 73BWQPB35D32K7KT
Last-Modified: Tue, 27 Dec 2022 11:11:42 GMT
ETag: "bc336a3a0c484d7c65299b9c4af45596"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 302963
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

23.36.76.96

404 Not Found

134

URL HTTP/1.1

cdn-adef.akamaized.net/404
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

134
Hash

9c7c01b7650d428a3540bd1d22390a2f

1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0

08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

                                        GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: http://dlnl.newrequireddefence.site/
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png

23.36.76.96

200 OK

5904

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/icon3.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 137 x 131, 8-bit/color RGB, non-interlaced\012- data

Size

5904
Hash

8a07f71c9d0642e8b94bd2b9687c768f

fb2f6f1a6a421101a4b10c315f340d0565709abf

e77edd6c132664f48fb66468de2e1b5068d61e9f04e03d6a51668b14d00af0ed

HTTP Headers

                                        GET /landings/269163/1672139499/images/icon3.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: nz4U36ZUhMHYLmfL1KhQDqlkZZvgD2IaGZljTbn3HCV36LrTpZOuzqfoKpLZzwZ68yQZ1ShUYhU=
x-amz-request-id: 38ZRY322MF5FMF00
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "8a07f71c9d0642e8b94bd2b9687c768f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5904
Date: Mon, 06 Mar 2023 23:00:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/K65h7ENLtOQ
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

54cfe1ca54a8a2535e7e5be05f711fd5

215dec9674931cdaa880b9ac6035ec4a64397192

cb4d5b5e1dff22bd21a23243c127ae3cf3972a5de7baa5ff521302e4b4d669bd

HTTP Headers

                                        POST /s/gts1p5/K65h7ENLtOQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 23:00:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.stfilecamp.com/fp.min.js

205.185.216.42

200 OK

31705

URL HTTP/2

cdn.stfilecamp.com/fp.min.js
IP

205.185.216.42:0
ASN

#20446 STACKPATH-CDN

Magic

Unicode text, UTF-8 text, with very long lines (31370)

Size

31705
Hash

198f2f5b0a649f41fe890c59d37319aa

f24629687612889bb59f610df3879afcd766fb80

d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
fortinet	Phishing

HTTP Headers

                                        GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
date: Mon, 06 Mar 2023 23:00:50 GMT
cache-control: max-age=1162
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx00000000000000ff6a6ba-006406671c-3048037b-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1678143650.dop224.sk1.t,1678143650.cds021.sk1.hn,1678143650.cds237.sk1.c
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png

23.36.76.96

200 OK

1920

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/menu1.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data

Size

1920
Hash

b2b98941a9fe6bbcb6745989b3289b1e

5fb8fce5934af6d3426a37eb58b9846fa80ead39

d9efcb7b0f632cb3d2650c0c676b3c758f00c52f5d1cc5e7963dd456aaa03833

HTTP Headers

                                        GET /landings/269163/1672139499/images/menu1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: oPkHa66YOuoPnk4E+bhZnSf+xKsyYVX5bSKiNce4AFd6EaJYoHNlh0RYgXy+dcpXFWiI4+Zj9Wg=
x-amz-request-id: P172HBHE22FE02NB
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "b2b98941a9fe6bbcb6745989b3289b1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1920
Date: Mon, 06 Mar 2023 23:00:51 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png

23.36.76.96

200 OK

1545

URL HTTP/1.1

cdn-adef.akamaized.net/landings/269163/1672139499/images/info.png
IP

23.36.76.96:0
ASN

#20940 Akamai International B.V.

Magic

PNG image data, 23 x 20, 8-bit/color RGB, non-interlaced\012- data

Size

1545
Hash

7f7b44979afb15dfdc18e7d754c6d0f5

7426889578a3a6f20f620611f7ea8d4dadaf3b87

cb2eff4a1cf5f187eda87e71d6039f24af63844617a7f890070b9afd5c965a33

HTTP Headers

                                        GET /landings/269163/1672139499/images/info.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dlnl.newrequireddefence.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: qhS84vMnfChWPTXjeIv7iv3BMydv2KBv5pNkNwKRCKMq6tUJIgtJlbeadrmosIAh09SP5dg9sTw=
x-amz-request-id: BPCHNV7GH91H7DWD
Last-Modified: Tue, 27 Dec 2022 11:11:41 GMT
ETag: "7f7b44979afb15dfdc18e7d754c6d0f5"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1545
Date: Mon, 06 Mar 2023 23:00:51 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/269163/1672139499/images/avira-logo.png

23.36.76.96

200 OK

4226

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

#1 JS:Script (size: 79531)

#2 JS:Script (size: 16550)

#3 JS:Script (size: 3133)

#4 JS:Script (size: 212128)

#5 JS:Script (size: 24988)

#6 JS:Script (size: 1619)

#7 JS:Script (size: 1362)

#8 JS:Script (size: 1072)

#9 JS:Script (size: 6807)

#10 JS:Script (size: 92013)

#11 JS:Script (size: 769)

#12 JS:Script (size: 2188)

#13 JS:Script (size: 1174)

HTTP Transactions (73)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers