| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ | 78.47.114.255 | 200 OK | 1.5 kB |
URL User Request GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashba41c329d99f0eb8187e552d179b23cd 69f0a6dae53b10fad4ab0db6d183400c8581ae09 8a8245a3c199f1f625311f28f051225b693ed14af0e06e1f1fd51abb46f7808b
GET /blocker/47514/cleaner-update_p1/ HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/css/style.css | 78.47.114.255 | 200 OK | 1.1 kB |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/css/style.css IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typeASCII text, with CRLF line terminators Hashbeef0c0ce13f25f65a84019bebe6378b 2f95dd2d3ba5e1c848487a4e28199d3ad32037df 1f3ad9786b942cf941cdbdb71e8fedaef63dbef237ce767e61229c838b46cb14
GET /blocker/47514/cleaner-update_p1/css/style.css HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: text/css
Last-Modified: Wed, 22 Nov 2023 16:59:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655e338c-1077"
Content-Encoding: gzip
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/scripts/bbms.js | 78.47.114.255 | 200 OK | 170 B |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/scripts/bbms.js IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
Hash7d28b6cbe87e8f21c3f3b924ad2fce84 a0fcb29b5007430efcedea382a71414b19a5700c 1fe518c0a3dc387ca3984382c6ed29c0c2c1018b40547523a619666040b3e760
GET /blocker/47514/cleaner-update_p1/scripts/bbms.js HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Nov 2023 16:59:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655e338c-ed"
Content-Encoding: gzip
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/js/main.js | 78.47.114.255 | 200 OK | 405 B |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/js/main.js IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashc3ed5ac7dda566870186c4c8e6cf0dcd 116f6823fde2478b194b03cc9c160e8c1a175d45 ee975a46a04968de8e8cc99c8a7784e05be0d2347245f6cefe4bd9072d319e7d
GET /blocker/47514/cleaner-update_p1/js/main.js HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Nov 2023 16:59:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655e338c-346"
Content-Encoding: gzip
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/images/close_icon.png | 78.47.114.255 | 200 OK | 248 B |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/images/close_icon.png IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typePNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced Hasheaf98c5e61ff92dcfd5568474e1f8d09 bb5a1dae13cf4c1de3111642d9132a89c453727a dc02cbd81ea7799f019a1687f57a2e0b2941a5c1d28bcd8b3aa2f89fb77e07a8
GET /blocker/47514/cleaner-update_p1/images/close_icon.png HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: image/png
Content-Length: 248
Last-Modified: Wed, 22 Nov 2023 16:59:56 GMT
Connection: keep-alive
ETag: "655e338c-f8"
Accept-Ranges: bytes
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/images/warning_icon.png | 78.47.114.255 | 200 OK | 1.5 kB |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/images/warning_icon.png IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typePNG image data, 107 x 94, 8-bit/color RGBA, non-interlaced Hash3b9478bb5dc9a8fb3c5b80df7bcb8200 e553d00e0d91f52ae972549227f94a87c6b60947 2f09f151cb4af02177af559872b142d1898830598fe5866012189c2c616b06dd
GET /blocker/47514/cleaner-update_p1/images/warning_icon.png HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: image/png
Content-Length: 1457
Last-Modified: Wed, 22 Nov 2023 16:59:56 GMT
Connection: keep-alive
ETag: "655e338c-5b1"
Accept-Ranges: bytes
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/js/jquery.min.js | 78.47.114.255 | 200 OK | 32 kB |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/js/jquery.min.js IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typeJavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators Hash4a49f85f5a02fa6fe11126720da50874 22d7cc863dff0e664cee95c7b42b2f2066114788 9efc83acac2e60262a78810abf089aed8e5a2832d64b0977ab0e2922fd01021f
GET /blocker/47514/cleaner-update_p1/js/jquery.min.js HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Nov 2023 16:59:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655e338c-167ce"
Content-Encoding: gzip
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/images/android.png | 78.47.114.255 | 200 OK | 29 kB |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/images/android.png IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typePNG image data, 144 x 148, 8-bit/color RGBA, non-interlaced Hashf75de32d9451cc905a7b3a6c34a72914 2044c1233cfbecbe1606349f3ad218186d540134 d94f23d6bd7b27a0e2923b621132bf2d30cc8ec9e59d36d542b59709579a2c1f
GET /blocker/47514/cleaner-update_p1/images/android.png HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: image/png
Content-Length: 28700
Last-Modified: Wed, 22 Nov 2023 16:59:56 GMT
Connection: keep-alive
ETag: "655e338c-701c"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.99:443
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coh49hesk0es73fcl84g.security-updater-now.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:32:53 GMT
expires: Fri, 18 Apr 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 114333
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coh49hesk0es73fcl84g.security-updater-now.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 114085
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:443
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coh49hesk0es73fcl84g.security-updater-now.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 257514
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| coh49hesk0es73fcl84g.security-updater-now.com/favicon.ico | 78.47.114.255 | 404 Not Found | 106 B |
URL GET HTTP/1.1coh49hesk0es73fcl84g.security-updater-now.com/favicon.ico IP78.47.114.255:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subject*.security-updater-now.com FingerprintE8:A4:56:E9:2B:13:D8:5D:4F:B6:85:6A:20:EE:8E:23:8D:FD:53:BB ValiditySat, 13 Apr 2024 22:51:16 GMT - Fri, 12 Jul 2024 22:51:15 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: coh49hesk0es73fcl84g.security-updater-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 10:18:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| notix.io/settings?appId=1005f183164df77b0d72a2d487bc69b&ver=0.16.4 | 139.45.197.253 | 200 OK | 318 B |
URL GET HTTP/2notix.io/settings?appId=1005f183164df77b0d72a2d487bc69b&ver=0.16.4 IP139.45.197.253:443
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
Hash82b0c0f76512e60ea030da09ee18febf 2c4b11e5713c2f7e6a3da2ef87a1c0c78c3da195 a8ca49249ca90a131bba14405671cb243da2849145a3d8074b0b5c232c2b57d1
GET /settings?appId=1005f183164df77b0d72a2d487bc69b&ver=0.16.4 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/
Origin: https://coh49hesk0es73fcl84g.security-updater-now.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:18:26 GMT
content-type: application/json; charset=utf-8
content-length: 318
access-control-allow-origin: https://coh49hesk0es73fcl84g.security-updater-now.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| notix.io/ent/current/enot.min.js | 139.45.197.253 | 200 OK | 145 kB |
URL GET HTTP/2notix.io/ent/current/enot.min.js IP139.45.197.253:443
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145421 bytes) Hash9a3ae56c31a58c28e606e1e069a21059 ea3cdfcda002044373d2090e1745f83a15b82d17 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:18:26 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:38 GMT
etag: W/"65f18b52-2380d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://coh49hesk0es73fcl84g.security-updater-now.com/blocker/47514/cleaner-update_p1/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash79cd7cd1cadc1ca5448ecf2a39abb598 207c2428f747b5b92bb58fbcee9e4a346049cb82 b61c6fd07676b7d995377646f3b437dadf319ec707e935b3d287da3ac2b848c6
GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coh49hesk0es73fcl84g.security-updater-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 10:18:26 GMT
date: Fri, 19 Apr 2024 10:18:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|