Report - www.mydailywebdefender.com/c/0133283034b8621d?CLICKID={CLICKID}&CPC={CPC}&s1={s1}&s3={SUB_PERIOD}&s4={ZONE_ID}&s5={SOURCE_ID}&s6={CREATIVE_ID}&s7={CAMPAIGN

Report Overview

Submitted URL
www.mydailywebdefender.com/c/0133283034b8621d?CLICKID={CLICKID}&CPC={CPC}&s1={s1}&s3={SUB_PERIOD}&s4={ZONE_ID}&s5={SOURCE_ID}&s6={CREATIVE_ID}&s7={CAMPAIGN_ID}&s8={BROWSER}&s9={CLICKID}
IP
52.51.27.131
ASN
#16509 AMAZON-02
Submitted
2022-12-14 13:01:08
Access
Website Title
Final URL
Tags
fakeav scam
urlquery detections
Scam - Fake AntiVirus

Detections

urlquery
14
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
cdn-adef.akamaized.net	125719	2018-02-06T08:56:01Z	2023-03-08T14:00:53Z	14 kB	208 kB	95.101.10.67
translate.googleapis.com	1005	2012-05-31T09:21:21Z	2023-03-09T07:17:30Z	936 B	81 kB	142.250.74.74
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.4 kB	6.2 kB	23.36.77.32
cdn.stfilecamp.com	400667	2021-09-06T17:32:03Z	2023-03-08T06:00:53Z	1.2 kB	41 kB	205.185.216.10
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-09T05:12:20Z	418 B	807 B	216.58.211.14
www.mydailywebdefender.com	unknown	2022-12-06T08:39:12Z	2023-01-10T10:44:39Z	516 B	3.2 kB	52.51.27.131
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.7 kB	3.5 kB	142.250.74.131
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-09T06:28:40Z	853 B	4.3 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T05:09:25Z	3.2 kB	47 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T05:22:46Z	682 B	1.4 kB	93.184.220.29
stormtrk.com	289095	2019-05-17T20:09:53Z	2023-03-08T06:01:29Z	706 B	1.5 kB	104.26.5.120
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	44.240.57.100

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-14	medium	cdn.stfilecamp.com/stormtrk.js	Phishing
2022-12-14	medium	cdn.stfilecamp.com/fp.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	cdn-adef.akamaized.net/landings/211597/1665073965/js/jquery.min.js?1665073965	87 kB	2023-03-07	2024-04-25
Pretty URL cdn-adef.akamaized.net/landings/211597/1665073965/js/jquery.min.js?1665073965 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 13:52:04 Times Seen106089 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdn-adef.akamaized.net/landings/211597/1665073965/js/js.cockie.min.js?1665073965	2.2 kB	2023-03-07	2024-04-24
Pretty URL cdn-adef.akamaized.net/landings/211597/1665073965/js/js.cockie.min.js?1665073965 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-24 21:36:57 Times Seen670 Hash c9e9a54501fc6f6e8918b2c0f2a53981 3d530e6c830ccba6284e79c7245bb45d6f4f2197 491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454 Loading...

	cdn-adef.akamaized.net/landings/211597/1665073965/js/second_back_multi.js?1665073965	2.3 kB	2023-03-08	2024-03-03
Pretty URL cdn-adef.akamaized.net/landings/211597/1665073965/js/second_back_multi.js?1665073965 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:09 Last Seen2024-03-03 21:18:43 Times Seen14 Hash b2e5bcd8e92cf97cd2a0ea4f76194bfe b43711c74dc0c89fc0c01f7b86fb0eed3de521b8 623ce49c0105f8aab34bb6278fa39643b888153b703ee12e79fe6bc99b7603db Loading...

	cdn.stfilecamp.com/stormtrk.js	6.5 kB	2023-03-07	2024-03-30
Pretty URL cdn.stfilecamp.com/stormtrk.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-03-30 15:36:25 Times Seen562 Hash 469e121bb4c4fe159bbca2b4f5a88267 f0c66f226de28b324e4f1ecb766597938f984c60 4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416 Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	77 kB	2023-03-09	2023-03-09
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:37:32 Last Seen2023-03-09 08:40:10 Times Seen1 Hash 10a68bcb0dae180b94998ac0dcdb177a d1ff4414798700af693f21d400185be99db957be 2592ae04bb6248e8216c17c90624e2146e12af2c1c7d9d9a383dfeee08eb0ab8 Loading...

	cdn-adef.akamaized.net/landings/211597/1665073965/js/interactive.js?1665073965	24 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/211597/1665073965/js/interactive.js?1665073965 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:04 Last Seen2024-02-28 11:14:00 Times Seen3 Hash b5fdc304e62d8857eb9ab5587c8554ea 545120482b61a50af1490742b1c14ef98c8d64fa dd9f7f25b5b503806a6bb23e1fc4dd4717677abfc8a205f3b94a506f81e690f8 Loading...

	cdn-adef.akamaized.net/landings/211597/1665073965/js/site-protect.2.0.js?1665073965	3.1 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/211597/1665073965/js/site-protect.2.0.js?1665073965 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:44 Last Seen2024-02-28 17:41:57 Times Seen66 Hash 311a4a9bfb7699c36f9310aa8484b360 4b5773045e6d05c620cdaf3beb73e979f12185e2 bc6a799d0e1dcff39b50eb0848daca50bcad457fe4e7d55f5d04e9577cb91e8f Loading...

	cdn-adef.akamaized.net/landings/211597/1665073965/js/main.js?1665073965	1.8 kB	2023-03-07	2024-02-28
Pretty URL cdn-adef.akamaized.net/landings/211597/1665073965/js/main.js?1665073965 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:04 Last Seen2024-02-28 11:14:00 Times Seen3 Hash c7b4d178f823af798fee3e9bdb61a252 ff9cf186691150848c21c0f64f5e02901059fd4b 11706f747c2bcc3e07164cf5ed9dbaff90f377ad9e26da23cd1598201c638818 Loading...

	cdn.stfilecamp.com/multi_push.js?1665073965	1.1 kB	2023-03-07	2024-02-16
Pretty URL cdn.stfilecamp.com/multi_push.js?1665073965 IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-02-16 11:05:10 Times Seen152 Hash a50322f9d3f3fafe3fb02be02285e433 c0a894b3bfa545832c3ad1c2f145005d02e50ac4 cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 15:21:13 Times Seen37064775 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn-adef.akamaized.net/landings/211597/1665073965/js/translate.js?1665073965	1.2 kB	2023-03-07	2024-04-24
Pretty URL cdn-adef.akamaized.net/landings/211597/1665073965/js/translate.js?1665073965 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-24 21:36:57 Times Seen723 Hash fcd546809170dd574eb37b989529f69a 2e227e144e3b4bd68064354d8a7fbc61125f624c 350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920 Loading...

HTTP Transactions (68)

URL IP Response Size

www.mydailywebdefender.com/c/0133283034b8621d?CLICKID={CLICKID}&CPC={CPC}&s1={s1}&s3={SUB_PERIOD}&s4={ZONE_ID}&s5={SOURCE_ID}&s6={CREATIVE_ID}&s7={CAMPAIGN_ID}&s8={BROWSER}&s9={CLICKID}

52.51.27.131

200 OK

2.7 kB

URL HTTP/1.1
www.mydailywebdefender.com/c/0133283034b8621d?CLICKID={CLICKID}&CPC={CPC}&s1={s1}&s3={SUB_PERIOD}&s4={ZONE_ID}&s5={SOURCE_ID}&s6={CREATIVE_ID}&s7={CAMPAIGN_ID}&s8={BROWSER}&s9={CLICKID}
IP
52.51.27.131:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12457)
Size
2.7 kB (2691 bytes)
Hash
ce0eaf322956ada03310d1638c64153e
b929e54f979a49eafd6d0163e7d431261fb7263c
fe6088e364dc825010b8c742b5096827bd2186e68b54081fa80031706c29f710

HTTP Headers

GET /c/0133283034b8621d?CLICKID={CLICKID}&CPC={CPC}&s1={s1}&s3={SUB_PERIOD}&s4={ZONE_ID}&s5={SOURCE_ID}&s6={CREATIVE_ID}&s7={CAMPAIGN_ID}&s8={BROWSER}&s9={CLICKID} HTTP/1.1
Host: www.mydailywebdefender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Dec 2022 13:00:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_id=6399c90900039157; Path=/; Expires=Sun, 12 Feb 2023 13:00:57 GMT
unique_id2=6399c90900039896; Path=/; Expires=Tue, 14 Mar 2023 13:00:57 GMT
impression=; Path=/; Expires=Wed, 14 Dec 2022 13:00:57 GMT
6399c90900039896_sl=[211597]; Path=/; Expires=Wed, 28 Dec 2022 13:00:57 GMT
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Wed, 14 Dec 2022 14:09:38 GMT
Date: Wed, 14 Dec 2022 13:00:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Wed, 14 Dec 2022 14:54:02 GMT
Date: Wed, 14 Dec 2022 13:00:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 12:33:49 GMT
content-type: application/json
age: 1628
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6012
Expires: Wed, 14 Dec 2022 14:41:09 GMT
Date: Wed, 14 Dec 2022 13:00:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PMaRV5g1/RJLxsVsMkU0kAYdjBV3HEmS/JRt7eB6vdZXTuBBM2AOQ2OldzefLmFiX6FYdCQh5ZA=
x-amz-request-id: D9BRASVD069BV2AT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 12:52:22 GMT
age: 515
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 13:00:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/211597/1665073965/css/translate.css?1665073965

95.101.10.67

200 OK

655 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/css/translate.css?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
655 B (655 bytes)
Hash
64836db20736f1e7995b43489b4bf0ac
a0db33db05acb39dd01d9f19f5eed634682b0ead
d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87

HTTP Headers

GET /landings/211597/1665073965/css/translate.css?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2RXuj9JZsLNcPnVQwEfe5Wvzc+KbI0j9BSKFqeVdj3iFF5kLA1W3XWZRZKC6hjYBw0gDS5QfEMw=
x-amz-request-id: KAH8YE1N7ZAYTY3N
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "64836db20736f1e7995b43489b4bf0ac"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 655
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/css/style.css?1665073965

95.101.10.67

200 OK

2.0 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/css/style.css?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
2.0 kB (1977 bytes)
Hash
69a35b38a5d4dcde21e78bec2d60b76b
44fcd1423a238a6065b4d666f6b64ecd56124ae5
5bd7d0919459d168f605d09c7d96a1f7b4c4af47997e6b50a2477a952a50bc22

HTTP Headers

GET /landings/211597/1665073965/css/style.css?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: VQPyFOmlj8c4/f4sLOVI8GATvmdPzBw478nhgQun+4HT0lsxukq7UYdORuML8SK1Tpk5jpT2+xw=
x-amz-request-id: KAH69WG5GMS08VJ1
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "9e83822438437e28fc928ebfe6b758e3"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 1977
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/js/js.cockie.min.js?1665073965

95.101.10.67

200 OK

912 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/js/js.cockie.min.js?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
912 B (912 bytes)
Hash
96533a0859f3dfc61d7471beec7b8642
7b4f1497692f2ea0d3d1eaa44db54b22345486b8
994b8097c16e97d8b28ab498f2f4290ebd8ca0353e23e7ddd2a6edd8b648bd46

HTTP Headers

GET /landings/211597/1665073965/js/js.cockie.min.js?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 0t4wf2liSV34YjdPXl7Egkw8IuBI8KL5TQT1/5hlmxQABETklPrFXhfkrYIk8ET5G7Su/kr3gds=
x-amz-request-id: GWWV6EPCESRPB975
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "c9e9a54501fc6f6e8918b2c0f2a53981"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 912
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/js/translate.js?1665073965

95.101.10.67

200 OK

544 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/js/translate.js?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
544 B (544 bytes)
Hash
015967e055e606d62302b33ca898240c
97a3a854502409b10635b092500bfc5b244642e4
5bc3f308bb3236dbb04b2ac5d01905f9081d24827d4cd26c33ec5f716acd8427

HTTP Headers

GET /landings/211597/1665073965/js/translate.js?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Ex4i7s+fvAvLLCgNDy948raihF2hqODGbkEhWDOITtDMWW8u92ixuZOGnqE8UB4EEsxb+gKrRio=
x-amz-request-id: GWWPH6FF1FSXGCBF
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "fcd546809170dd574eb37b989529f69a"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 544
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/js/site-protect.2.0.js?1665073965

95.101.10.67

200 OK

1.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/js/site-protect.2.0.js?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
1.1 kB (1073 bytes)
Hash
85e3bd021961fdac95655a71435375f5
9d03222c7a2acb3c790270e3f07bebc485759db2
bd6d5b382238afd5ee6299972b66f4e22521fe96487dfc620be38e1743d71887

HTTP Headers

GET /landings/211597/1665073965/js/site-protect.2.0.js?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: F6unAE9emOkIBoKgD5XJ0FSgfS5fk3nSIzKRmHduCE3DmBAkLWZZAKdXDEkh+uSmp0fBnru/0KM=
x-amz-request-id: GWWZQQMFQYD6TEBK
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "311a4a9bfb7699c36f9310aa8484b360"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 1073
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/js/second_back_multi.js?1665073965

95.101.10.67

200 OK

790 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/js/second_back_multi.js?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
HTML document, ASCII text
Size
790 B (790 bytes)
Hash
5c1190b869b7ce7e7e61bb06daeef517
034dd9bab87cbe052f2ce293ce35b1bec7fe1b53
b7f6f310dab1572e7d9ed3e46a5e1fa1c87228d70b3979cbe541cddba876195a

HTTP Headers

GET /landings/211597/1665073965/js/second_back_multi.js?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Wm6hXxAn6OdCfpaHsyf0qXjitWdG3h2XGkB5NID7swqD76n7PyEwYgJf4mslecDm0cXbIOysS/8=
x-amz-request-id: KAH56D77ETBR3PG7
Last-Modified: Thu, 06 Oct 2022 16:32:48 GMT
ETag: "b2e5bcd8e92cf97cd2a0ea4f76194bfe"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 790
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/js/main.js?1665073965

95.101.10.67

200 OK

767 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/js/main.js?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (1763), with no line terminators
Size
767 B (767 bytes)
Hash
2290bf412041e4f6b4895cb47c5be90c
ecdb07540cd7f2f9b6637df1543df26d83571ee0
e5ffadfc5ba3bae7fdde38918c95000c6089653762c1312397d18dd146128373

HTTP Headers

GET /landings/211597/1665073965/js/main.js?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: IfPmoYpW512edzJMzu1Xg5WfW1TSvvn8itZuXWdWHQN5rJ1WYEW5YuIFGwTnLKoDEWvmaRHEdZo=
x-amz-request-id: GWWWQCVENRNBR34S
Last-Modified: Thu, 06 Oct 2022 16:32:48 GMT
ETag: "c7b4d178f823af798fee3e9bdb61a252"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 767
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/js/interactive.js?1665073965

95.101.10.67

200 OK

4.8 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/js/interactive.js?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (24438), with no line terminators
Size
4.8 kB (4826 bytes)
Hash
2e497e93171a48255b246783c555685b
43a1c93cf89677d7bbd2ff141b96f530f8ed7c1a
288e5ddfd42573943dd64faff4e404a26a75f835c2c6edf832ee2f50bfc904a6

HTTP Headers

GET /landings/211597/1665073965/js/interactive.js?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Pbmva6Cnn0zckSgQ4cPys9UaPIOQAEdabPGOYQiDiT8dLBAUyQ9uka0mMmmBRO/IQpazE2y6NL0=
x-amz-request-id: GWWSC5HPTAJ9WCTR
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "b5fdc304e62d8857eb9ab5587c8554ea"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 4826
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/js/jquery.min.js?1665073965

95.101.10.67

200 OK

30 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/js/jquery.min.js?1665073965
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65451)
Size
30 kB (30351 bytes)
Hash
a6b22944e852281bd6098509b0bea251
ae0671465ee9bc7354942a48a87d0e0397799bf4
042d48a6103607bdc54170ab6e118859980c1bdf47ca857cfed44af87593827a

HTTP Headers

GET /landings/211597/1665073965/js/jquery.min.js?1665073965 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: o7Chec13/IH7M1oE8HC5zE2Hv694SJX3Lvw34kAFL4+XQT2pkTkv1rYCv1x16VEiZVAZm61Ykp0=
x-amz-request-id: GWWST3A23HCY04G4
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "a09e13ee94d51c524b7e2a728c7d4039"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 13:00:58 GMT
Content-Length: 30351
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn.stfilecamp.com/multi_push.js?1665073965

205.185.216.10

200 OK

1.1 kB

URL HTTP/2
cdn.stfilecamp.com/multi_push.js?1665073965
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
1.1 kB (1072 bytes)
Hash
a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99

HTTP Headers

GET /multi_push.js?1665073965 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Dec 2022 13:00:58 GMT
cache-control: max-age=1911
content-length: 1072
content-type: text/javascript
last-modified: Thu, 07 Jul 2022 14:21:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx00000000000007f410d1a-006399c271-213dda3c-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1671022858.dop024.sk1.t,1671022858.cds264.sk1.hn,1671022858.cds244.sk1.c
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/211597/1665073965/images/ring.gif

95.101.10.67

200 OK

315 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ring.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 30 x 29\012- data
Size
315 B (315 bytes)
Hash
c3b64d6515c79193f47b3f6780840578
0edb138e48313bbea641208092d9072cee89652e
275e633fe30013ed09ab33d46f668be82c19c93ed3c66485a5bef53d74eeaa89

HTTP Headers

GET /landings/211597/1665073965/images/ring.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: XZ19+cHhvWbj8hAp878hqj37kI1GGa3bhnHKCElgGlrCgSHUXTJ4Q3xEIzG4nIX90D9+LvF6W1Q=
x-amz-request-id: AZAJRV18XMAF6D8F
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "c3b64d6515c79193f47b3f6780840578"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 315
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/win_min.png

95.101.10.67

200 OK

128 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/win_min.png
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
128 B (128 bytes)
Hash
0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/win_min.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Jc4X2YtHJ4Yj+xXdIKmpT4B83Z3vi0nYD3pKhff0btBdWD1ddzbLSBlRMaDzYbBvFhkuqkLqZRE=
x-amz-request-id: AZAW6FB77FB52AE1
Last-Modified: Thu, 06 Oct 2022 16:32:46 GMT
ETag: "0bb86caf792dd7d24731c18cd37bb68e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 128
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/cross.png

95.101.10.67

200 OK

243 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/cross.png
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
243 B (243 bytes)
Hash
2041c6b93424842ebb143360146baba9
b1f137ad099c2384f26f8b35fada411a61d9b693
3bc48b05c489b646cc761870f2e900982162ad3469d32a56aaf0cefa6dcd7e50

HTTP Headers

GET /landings/211597/1665073965/images/cross.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 6ShG6L0wcO3FwqizC6KtyBQVkovone6MBOKG+BbyvPEF/iwz0yAk2cJvS3zNOhsa1XyOlGdjKqg=
x-amz-request-id: 5R0820WWZWTWPYAP
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "2041c6b93424842ebb143360146baba9"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 243
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/corner.gif

95.101.10.67

200 OK

102 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/corner.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 24 x 9\012- data
Size
102 B (102 bytes)
Hash
ef14d57c065fdbd3c66d017a729ca91f
2e7b72d674361a9c2b41767ccfbed2486e6695dd
6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/corner.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: xTFX0xfR37Nm5H0/wysXuwoj4H/Jhpe49qYv4u6iO8xruPLIl3Y532kqsIHjAFi8GBQdF5ztDog=
x-amz-request-id: 5R00B1JYCZDXJAT6
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "ef14d57c065fdbd3c66d017a729ca91f"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 102
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_tray1.gif

95.101.10.67

200 OK

69 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_tray1.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/ico_tray1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qx2TF3wSFqEH4W/melie8lzorDQy5yLpUOxzGzcrJzgzLNVGJJP2PVuxBpn03VdFNDtIuB4nQac=
x-amz-request-id: 5R0CZB1PHKCJEWKT
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "3ae573d079dcd1d2da4086f2c0c72c45"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 69
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_bl1.gif

95.101.10.67

200 OK

511 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_bl1.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 80 x 65\012- data
Size
511 B (511 bytes)
Hash
af3aca2036675c5979fb535c5d190f15
70c4f17ef1a2afe0477c84c5d209fbe31760b657
aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa

HTTP Headers

GET /landings/211597/1665073965/images/ico_bl1.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: XdzHGhImzjkO54zHWoTYdHAJVDVeWFaUbFl83P+FcCuQc0JB1Ov0ePnxd9zsLU0CkHAiclu5XWA=
x-amz-request-id: AZASNC1ZR7BQMYCF
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "af3aca2036675c5979fb535c5d190f15"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 511
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_tray2.gif

95.101.10.67

200 OK

377 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_tray2.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/ico_tray2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: XIq7FSflYn5Ek/ofWA/JJLmBFL5eOqfeI2jeEz1L+xEesBWk7Gv4w8pF4G9/N3fQqSgH1qIPJjk=
x-amz-request-id: 753NT7GNQGMP2MHQ
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "c10bdec858cb0cf9e6cc5865d5925746"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 377
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_tray3.gif

95.101.10.67

200 OK

234 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_tray3.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 16 x 16\012- data
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/ico_tray3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: MVC4oMrEKNwXRtIxm2jNPQMiU75aOAD+IMcMc+zY7TlSirBxGEywf7XxSOLLCWBO+ZDaEIgtmgI=
x-amz-request-id: 753YYH7FH9EA8X8T
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "9ce99ec458daf212f9812a90f3fadd13"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 234
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_gray2.png

95.101.10.67

200 OK

349 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_gray2.png
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Size
349 B (349 bytes)
Hash
7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/ico_gray2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: TMDU+02SIcn4CWXGzG6f9xPMvjb7SFFwTCTQAeYoOoAumhC5SpVe3RLHdVzIRx1rKa8uBD15ib8=
x-amz-request-id: GWWT12XZHA0EW3PQ
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "7454c652e0733d92de6c920c2d646ae0"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 349
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_bl2.gif

95.101.10.67

200 OK

1.5 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_bl2.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 65 x 80\012- data
Size
1.5 kB (1547 bytes)
Hash
af52e51f42fd0c55bc3cf2c8ece71492
016f83da68ff461a5c6aebcc2a45668317b2f24c
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/ico_bl2.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Ippos3HjHey8qejOSE3uPEIXpHIAquuV3atuiELCkZJzf2zY5dzVQhjIOqBqnbXkqbpGohb+3kE=
x-amz-request-id: 5R04HWYR42N3NHBS
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "af52e51f42fd0c55bc3cf2c8ece71492"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 1547
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/umbrella_square.svg

95.101.10.67

200 OK

662 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/umbrella_square.svg
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (662), with no line terminators
Size
662 B (662 bytes)
Hash
3eea358e7a7be45ad56912f0e8a36bbf
76293f85692ef3127e7b11f3be4f6863adb3d41f
8c819dad6797568d768f5f9c1528a9a1feefa856b7e6843f2e4c30accd32a896

HTTP Headers

GET /landings/211597/1665073965/images/umbrella_square.svg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: ElvWX91ZcmDq8T5hjqWtoCaL3lLCdNYl9/c05S2MkSyuMVdrUghEvoo6hQmy3jXsbjcNWFRAjUs=
x-amz-request-id: 5R0970GYA5PV23AP
Last-Modified: Thu, 06 Oct 2022 16:32:46 GMT
ETag: "3eea358e7a7be45ad56912f0e8a36bbf"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 662
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/avira-logo-black.svg

95.101.10.67

200 OK

2.3 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/avira-logo-black.svg
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
2.3 kB (2342 bytes)
Hash
55e251736d7cc3b7224743f8d1ebee62
07765d187f5e42c6666704699f604e423a1d16d8
b06a086772e41e5c71e268946669ad339dd475cd64aa09c2cdcf0c0ad9cb1b49

HTTP Headers

GET /landings/211597/1665073965/images/avira-logo-black.svg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: OedRBevvlmf+HtfpehWuFfok9zDqwqQjTZfroYryh69+Ac75pQYo9COxOzgxf5YG47vAvR838X4=
x-amz-request-id: AZAPWWBC4JEZKR2M
Last-Modified: Thu, 06 Oct 2022 16:32:46 GMT
ETag: "55e251736d7cc3b7224743f8d1ebee62"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2342
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_bl3.gif

95.101.10.67

200 OK

949 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_bl3.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 78 x 68\012- data
Size
949 B (949 bytes)
Hash
da9d153375da51a616a7663f1504e3a5
bd81fe60fe017bfe79be8c1afed88b659ff166d9
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/ico_bl3.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: vC+RWPOmOEsV1YFsLynAv3aEmNrS2N5F42a9n4fBO3qB8/tjleVo67SCZgASyj3uP8+cbecTK+8=
x-amz-request-id: AZAY8NTJFTZADXT6
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "da9d153375da51a616a7663f1504e3a5"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 949
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/win_cls.png

95.101.10.67

200 OK

293 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/win_cls.png
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
293 B (293 bytes)
Hash
9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/win_cls.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: PX7HaFb0ytDHrTUXQ1aku4ZkAnBSCMpkUacNkAa7N0r9J487KD/aZlh7r7y8EG3xuNgHDTXa5AQ=
x-amz-request-id: 5R0A6VJV4F7DD905
Last-Modified: Thu, 06 Oct 2022 16:32:46 GMT
ETag: "9eb68d2ce05c151bda542a7a6356e22c"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 293
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/pc_green.gif

95.101.10.67

200 OK

723 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/pc_green.gif
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 120 x 97\012- data
Size
723 B (723 bytes)
Hash
ea44081971aed96fbfa38fa187b6df4a
a3ec8cd4c76f517584faef83f96e32683265bdb1
e0f52d9433540bafa2f05fc3c04839b4990c2ce5ef718975a8d4eef9866f06be

HTTP Headers

GET /landings/211597/1665073965/images/pc_green.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: OmXV+oKn0j4RANppKh1lq09CHSi9+oAJ0s2kW8IBfmuo5T1cxnpwpHmepIM8o0qvExt45WT5VRY=
x-amz-request-id: AZAV88N0CX3865DG
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "ea44081971aed96fbfa38fa187b6df4a"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 723
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_gray1.png

95.101.10.67

200 OK

364 B

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/ico_gray1.png
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /landings/211597/1665073965/images/ico_gray1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: DX8D+MIbkW+Ocn/O+APK7i3NNGqQCdEXk6TVa2f1P4d7TL7yMOcg4Wq9HJXrX2TpmXZFY/rf8K4=
x-amz-request-id: 5R07DHDAMXRP018T
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "e144c3378090087c8ce129a30cb6cb4e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 364
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/211597/1665073965/images/Avira_honeycomb.jpg

95.101.10.67

200 OK

138 kB

URL HTTP/1.1
cdn-adef.akamaized.net/landings/211597/1665073965/images/Avira_honeycomb.jpg
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x700, components 3\012- data
Size
138 kB (138243 bytes)
Hash
a0d84d7a48ba40ed81e2116df58327eb
d36810c26f92c9fe5fe3d07a322d6a1f024a1b6c
834951c528376483120dd8b3f7a73cb402c864581bdab7a0211d728ba095ed25

HTTP Headers

GET /landings/211597/1665073965/images/Avira_honeycomb.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: OtmYZVkHPbbZE8ay2ySnUOe/B6JXbwSaTYubH60KCYmuK6h1zPoXTOuw4EXblo74s61S1oWjyis=
x-amz-request-id: 5R02PFFWSSWJ1B8S
Last-Modified: Thu, 06 Oct 2022 16:32:47 GMT
ETag: "a0d84d7a48ba40ed81e2116df58327eb"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 138243
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn.stfilecamp.com/stormtrk.js

205.185.216.10

200 OK

6.5 kB

URL HTTP/2
cdn.stfilecamp.com/stormtrk.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
6.5 kB (6502 bytes)
Hash
469e121bb4c4fe159bbca2b4f5a88267
f0c66f226de28b324e4f1ecb766597938f984c60
4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Dec 2022 13:00:58 GMT
cache-control: max-age=2930
content-length: 6502
content-type: text/javascript
last-modified: Tue, 07 Sep 2021 08:59:42 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "469e121bb4c4fe159bbca2b4f5a88267"
x-amz-request-id: tx00000000000007f44545b-006399c66c-213ecff2-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1671022858.dop024.sk1.t,1671022858.cds264.sk1.hn,1671022858.cds014.sk1.c
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/images/favicon.ico

95.101.10.67

200 OK

4.1 kB

URL HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: IjvSRVcJlrA8KRtuHCIvySb7T9M4setamspkp4J4t5oLIH6qyzaHxu8PdVPZHXMCPnB1SRcSZOs=
x-amz-request-id: 9B7689322D7626CA
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/ico_bl4.png

95.101.10.67

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/ico_bl4.png
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET /ico_bl4.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5a27eaca1718b9e44fd103086431979a
1e8911e8d9cdad3a335bf44be9bceeace3939224
3618e4d667895eb9867a855979facc0579c3521b144fbf7cee14791e42a3d92f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151565
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:00:58 GMT
Etag: "63997617-117"
Expires: Fri, 16 Dec 2022 07:07:03 GMT
Last-Modified: Wed, 14 Dec 2022 07:07:03 GMT
Server: nginx
Content-Length: 279

cdn-adef.akamaized.net/404

95.101.10.67

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mydailywebdefender.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 14 Dec 2022 13:00:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 12:07:58 GMT
age: 3180
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:00:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:00:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fwww.mydailywebdefender.com%2Fc%2F0133283034b8621d%3FCLICKID%3D%7BCLICKID%7D%26CPC%3D%7BCPC%7D%26s1%3D%7Bs1%7D%26s3%3D%7BSUB_PERIOD%7D%26s4%3D%7BZONE_ID%7D%26s5%3D%7BSOURCE_ID%7D%26s6%3D%7BCREATIVE_ID%7D%26s7%3D%7BCAMPAIGN_ID%7D%26s8%3D%7BBROWSER%7D%26s9%3D%7BCLICKID%7D

104.26.5.120

200 OK

806 B

URL HTTP/2
stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Fwww.mydailywebdefender.com%2Fc%2F0133283034b8621d%3FCLICKID%3D%7BCLICKID%7D%26CPC%3D%7BCPC%7D%26s1%3D%7Bs1%7D%26s3%3D%7BSUB_PERIOD%7D%26s4%3D%7BZONE_ID%7D%26s5%3D%7BSOURCE_ID%7D%26s6%3D%7BCREATIVE_ID%7D%26s7%3D%7BCAMPAIGN_ID%7D%26s8%3D%7BBROWSER%7D%26s9%3D%7BCLICKID%7D
IP
104.26.5.120:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (405)
Size
806 B (806 bytes)
Hash
08088ba99daf65b9730c3e06714c7fe1
823462b392e585dec960c2dac1535b0569d21d76
78c8bce837a27da1fee7a2b565d4f63d4a93b503d6e154b3aedc346bd41a2f08

HTTP Headers

GET /api/1.0/ping/pong?location=http%3A%2F%2Fwww.mydailywebdefender.com%2Fc%2F0133283034b8621d%3FCLICKID%3D%7BCLICKID%7D%26CPC%3D%7BCPC%7D%26s1%3D%7Bs1%7D%26s3%3D%7BSUB_PERIOD%7D%26s4%3D%7BZONE_ID%7D%26s5%3D%7BSOURCE_ID%7D%26s6%3D%7BCREATIVE_ID%7D%26s7%3D%7BCAMPAIGN_ID%7D%26s8%3D%7BBROWSER%7D%26s9%3D%7BCLICKID%7D HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.mydailywebdefender.com
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Dec 2022 13:00:58 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhFTIKVRFx3kHVa1JCcMZr%2Bz1q1h6VLs7P1ZCOke7rGGSJEYtJbK0pQ51YGqQQxKocA%2FlTqGrXeZQtJZoYtKiThQ8P0Kker6qBG%2B2M8JOb8mLkWmr9z8pPQ9Zdouhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 779720223dcab500-OSL
content-encoding: br
X-Firefox-Spdy: h2

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.74

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 12:15:54 GMT
expires: Wed, 14 Dec 2022 13:15:54 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 2704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.stfilecamp.com/fp.min.js

205.185.216.10

200 OK

32 kB

URL HTTP/2
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
Unicode text, UTF-8 text, with very long lines (31370)
Size
32 kB (31705 bytes)
Hash
198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Dec 2022 13:00:58 GMT
cache-control: max-age=293
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx00000000000007f3ac95d-006399bc1f-213ecff2-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1671022858.dop024.sk1.t,1671022858.cds264.sk1.hn,1671022858.cds237.sk1.c
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6501
Cache-Control: max-age=165259
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:00:58 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 10:55:17 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main

142.250.74.74

200 OK

75 kB

URL HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1613)
Size
75 kB (75142 bytes)
Hash
0f0e3e9339289919d5212410d8cc4f18
0986fcb1393eae5413d06ba9bdfd59d2711473f7
eedf1aa3f15700add44120461da7e816fcd2bcea3c9f9c54e7d6cec5aff14643

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75142
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 22:10:10 GMT
content-type: text/javascript; charset=UTF-8
age: 430067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:00:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:00:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 11:13:42 GMT
expires: Thu, 14 Dec 2023 11:13:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 6436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.35

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 02:38:39 GMT
expires: Thu, 14 Dec 2023 02:38:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 37340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 13:00:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.240.57.100

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.57.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AGX29qBvYuX9loSllkQi0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZSkfFElZR/2ihiPBW75at2uMBiE=

cdn-adef.akamaized.net/

95.101.10.67

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Wed, 14 Dec 2022 13:01:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5059
Expires: Wed, 14 Dec 2022 14:25:19 GMT
Date: Wed, 14 Dec 2022 13:01:00 GMT
Connection: keep-alive

cdn-adef.akamaized.net/404

95.101.10.67

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mydailywebdefender.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 14 Dec 2022 13:01:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5059
Expires: Wed, 14 Dec 2022 14:25:19 GMT
Date: Wed, 14 Dec 2022 13:01:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5059
Expires: Wed, 14 Dec 2022 14:25:19 GMT
Date: Wed, 14 Dec 2022 13:01:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5059
Expires: Wed, 14 Dec 2022 14:25:19 GMT
Date: Wed, 14 Dec 2022 13:01:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F054e0b4b-d420-4463-a5a6-3096c010530a.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F054e0b4b-d420-4463-a5a6-3096c010530a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7467 bytes)
Hash
eb3fe83fc6c46d9953cd9a5a37846113
ee75bf121ea7418f2063aba8f9a633a4ad6d43bd
bb5cabacaedef79cc52f747b9551711435fb4e06d8130d545cbe6f750881b03e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F054e0b4b-d420-4463-a5a6-3096c010530a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7467
x-amzn-requestid: 117d50cf-86a5-4b45-aec1-e7cc651904e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-FJQFiooAMF8wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6395823b-2626bd6f1c3c97ac113992dc;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:09:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vS-hmxs1fZPvemL0HaNgscLl2G5FLcc3lmbqYQOlnRQS61Tm-gsKLA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 05:27:23 GMT
age: 27217
etag: "ee75bf121ea7418f2063aba8f9a633a4ad6d43bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13205 bytes)
Hash
9ddda117cee658be4cfe3a5d04a88c46
a167e2211732837cf07b3b9a0b33610492ab8a47
bc5fae9d44914c804f82d1e0f90a01fe14d86063da59292bf78100f539b3f7a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13205
x-amzn-requestid: 23929642-4b48-40f4-8847-854dfca772b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKoH_4oAMF_8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-19ad3c327c190b9227d232a2;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vx7sZ090BsrHPpf5WTWPKYaCNlYvuh5chiNxw2anH2Kd1WovN9Dc4w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:03 GMT
age: 54477
etag: "a167e2211732837cf07b3b9a0b33610492ab8a47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7250 bytes)
Hash
8a1cf68fc0b78db85fd7e6f08cb74233
7374f9065239670ef563fee52f973cc23dd19833
e4493b517b402d9ea4f239d2913cbd9f316ae3f1e0c5e79c62c457c060f18b27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: 8211d14a-d8fa-4f4c-a14f-60e830199a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKqHw7IAMFiwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-392d8f374cafe054471d1ff6;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYCgE-S3-r07iBLHTszhvvyRK3pxJbbQD7vve9ycPbZ54RtYrQgk4Q==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:47:13 GMT
age: 54827
etag: "7374f9065239670ef563fee52f973cc23dd19833"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4703 bytes)
Hash
d8b0477fb90d103e2155bbf7ab47d877
ab668e755bd742b165fa3ba46a4c486c616a7ff6
40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UjIRajW22SkXZZgVKDxjvkO-3g950W_McDg_fa0DeTVGbgIRFDMVMQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 05:29:49 GMT
age: 27071
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4041 bytes)
Hash
027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nZ8xLZj1nRTZnduwFxc9QP4EWyP8k3GuJV4Br3o9Q7Zt9ZlwWIudDQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:59:15 GMT
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
age: 54105
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4294 bytes)
Hash
f8501112ef886bfa0aaf2239cee2d312
f07542e9312ef0b42c96f2687766fe46f57f38cb
296c8dd5bdcb6ff49fcfebe464a7baa9c22bbe8ef6fef0798e92b10e1b3b1ac9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf99cc35-2988-4958-a87c-f7f44e2094c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4294
x-amzn-requestid: a906aaed-cfa3-453a-b872-87f906f6251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGp1ME7aoAMFWyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f021-23ddca2815a10a181549c5d8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:35:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v5C9KOhwCQKWxvPNJuUXqFckYLMQanLQ9oWzdUPaQk9GLDZ7pJrH9g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:50:24 GMT
age: 54636
etag: "f07542e9312ef0b42c96f2687766fe46f57f38cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/

95.101.10.67

302 Moved Temporarily

0 B

URL HTTP/1.1
cdn-adef.akamaized.net/
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	malware	Scam - Fake AntiVirus

HTTP Headers

GET / HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-adef.akamaized.net/404
Date: Wed, 14 Dec 2022 13:01:03 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/404

95.101.10.67

404 Not Found

134 B

URL HTTP/1.1
cdn-adef.akamaized.net/404
IP
95.101.10.67:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mydailywebdefender.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 14 Dec 2022 13:01:03 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mydailywebdefender.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 13:00:58 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+964; expires=Fri, 13-Dec-2024 13:00:58 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations