Overview

URL https://elite-hackers.com/files/sub7.exe
IP104.31.79.55
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-07-15 15:15:12 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-15 2 elite-hackers.com/files/sub7.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.31.79.55

Date UQ / IDS / BL URL IP
2018-08-18 16:41:24 +0200
0 - 0 - 0 taffidelity.gq/Hardcore/Good-donate-american- (...) 104.31.79.55
2018-08-18 01:15:45 +0200
0 - 2 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-17 23:15:40 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-17 16:15:26 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-17 15:16:35 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-14 07:15:51 +0200
0 - 2 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-13 14:21:04 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-13 09:25:05 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-07 14:18:36 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-07-25 12:15:56 +0200
0 - 2 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2018-08-18 16:46:52 +0200
0 - 0 - 0 https://www.israeliamerican.org/community-eve (...) 104.27.149.240
2018-08-18 16:46:27 +0200
0 - 0 - 0 prosto-roditeli.ru 104.27.147.67
2018-08-18 16:44:22 +0200
0 - 0 - 0 https://www.israeliamerican.org/community-eve (...) 104.27.149.240
2018-08-18 16:42:48 +0200
0 - 0 - 0 https://www.israeliamerican.org/community-eve (...) 104.27.148.240
2018-08-18 16:41:24 +0200
0 - 0 - 0 taffidelity.gq/Hardcore/Good-donate-american- (...) 104.31.79.55
2018-08-18 16:41:17 +0200
0 - 0 - 0 https://www.israeliamerican.org/community-eve (...) 104.27.149.240
2018-08-18 16:40:04 +0200
0 - 0 - 0 https://p.hgc.host/338943 104.27.135.23
2018-08-18 16:39:31 +0200
0 - 0 - 0 https://pasteio.com/xxEfUe3gC7pI 104.27.130.230
2018-08-18 16:39:07 +0200
0 - 0 - 0 https://www.israeliamerican.org/community-eve (...) 104.27.148.240
2018-08-18 16:37:27 +0200
0 - 1 - 0 ropmsgroup.com/ 104.27.161.240

Last 10 reports on domain: elite-hackers.com

Date UQ / IDS / BL URL IP
2018-08-18 02:15:43 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.78.55
2018-08-18 01:15:45 +0200
0 - 2 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-17 23:15:40 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-17 16:15:26 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-17 15:16:35 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-14 13:15:54 +0200
0 - 2 - 0 www.elite-hackers.com/files/sub7.exe 104.31.78.55
2018-08-14 07:15:51 +0200
0 - 2 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-13 14:21:04 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-13 09:25:05 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-08-07 14:18:36 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (37)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 11 Jul 2018 20:58:45 GMT
Etag: 9715C34D168A98DE0BBC8D5D5D3AE990214C726E
X-OCSP-Responder-ID: rmdccaocsp32
Content-Length: 281
Cache-Control: public, no-transform, must-revalidate, max-age=286401
Expires: Wed, 18 Jul 2018 20:48:00 GMT
Date: Sun, 15 Jul 2018 13:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   281
Md5:    c47c9c308dbb2e8bce61f9df52096dd6
Sha1:   9715c34d168a98de0bbc8d5d5d3ae990214c726e
Sha256: 03c290b7bdbab564b5e0f9309969235acd55d34a6ea69d3455900329d3bb1571
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 12 Jul 2018 10:51:21 GMT
Etag: CCD117F2D2BB294E4D38D6C4DBEB28C2ADDD1A66
X-OCSP-Responder-ID: rmdccaocsp18
Content-Length: 313
Cache-Control: public, no-transform, must-revalidate, max-age=336353
Expires: Thu, 19 Jul 2018 10:40:32 GMT
Date: Sun, 15 Jul 2018 13:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   313
Md5:    4d8ed2bd5b1693e9cc8a2009de9ac839
Sha1:   ccd117f2d2bb294e4d38d6c4dbeb28c2addd1a66
Sha256: d871d690cf108330e530b19573db81d3cbd763afa0e0016e1052a454f0dee318
                                        
                                            GET /files/sub7.exe HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.31.79.55
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sun, 15 Jul 2018 13:14:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479; expires=Mon, 15-Jul-19 13:14:39 GMT; path=/; domain=.elite-hackers.com; HttpOnly
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1518320538/atime:1518320499/md5:f24b47be1cb3ad6cb92178ce91177c18/ctime:1518320538
Last-Modified: Sun, 11 Feb 2018 03:46:27 GMT
x-amz-error-code: NoSuchKey
x-amz-error-message: The specified key does not exist.
x-amz-error-detail-Key: files/sub7.exe
x-amz-request-id: F51AA1414E3DDCB9
x-amz-id-2: gbXrBS1r1OL0uVTzhsBDSV5x1QU09aUBS5r1UpWaQvxVy6zIo5Rg1X7AouL5DUXem/+D6RmY8Fo=
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:39 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e4b7c4b4267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2349
Md5:    75bdaf3501eae889d80318de5da7a0fc
Sha1:   5674d9c08068dab9c87c8c2212fbb7b7fdaf28b6
Sha256: 65a3ec215b1503a7086a08ba58baa1648fd6de871019f63b72bca24076c63aa3

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 10 Jul 2018 10:25:59 GMT
Etag: 6633358E31486B016E0A8632B2F2A96F812313CF
X-OCSP-Responder-ID: rmdccaocsp4
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=162118
Expires: Tue, 17 Jul 2018 10:16:37 GMT
Date: Sun, 15 Jul 2018 13:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e8ff4c4cbd64c6155ff6ad054f69a055
Sha1:   6633358e31486b016e0a8632b2f2a96f812313cf
Sha256: 19acca4f4c29fe3cf2bdce364365c79ceb30d0f9bec09bf85ac3739d72dce9c7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 12 Jul 2018 10:51:21 GMT
Etag: AF8576934BEB6715211CD8F9B2C8D7020F7C010A
X-OCSP-Responder-ID: rmdccaocsp30
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=336396
Expires: Thu, 19 Jul 2018 10:41:15 GMT
Date: Sun, 15 Jul 2018 13:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    40c64300cfea21aa0f8fe24600a0997b
Sha1:   af8576934beb6715211cd8f9b2c8d7020f7c010a
Sha256: 56a71c807ca21f0cd347e105c84793283205fd2383b5a841f5d5af31d70256e7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 12 Jul 2018 10:51:21 GMT
Etag: 27551B28C14CBF2EDAEA7D6E156CE69A4E57C1CE
X-OCSP-Responder-ID: rmdccaocsp10
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=336346
Expires: Thu, 19 Jul 2018 10:40:25 GMT
Date: Sun, 15 Jul 2018 13:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c6d72d52d0f84e80bc73598e312d4d36
Sha1:   27551b28c14cbf2edaea7d6e156ce69a4e57c1ce
Sha256: 48f5ddfbcbf0ef2ebd8421768e29378a59ad43ccec5986e6b57a1ad75024078a
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 15 Jul 2018 13:14:39 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    47679d53d7844e3a80291ea034e2521c
Sha1:   b13fed56b435bae5172d73989e69c2e929592c9f
Sha256: 00e67267b3306a753f3a78aa12d9b7a07484830b298fa0ce8ea41a7058a6662b
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 15 Jul 2018 13:14:39 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /ajax/libs/pure/0.6.0/pure-min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 15 Jul 2018 13:14:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:46:32 GMT
Expires: Fri, 05 Jul 2019 13:14:39 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e4f88a542b5-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4100
Md5:    33d3355f11693387ab8f901711d0bfdf
Sha1:   7558ca14f8b7a1517c5709f09ac58988f447b669
Sha256: ac5cb33cfd3e2e2e828347eefe7c14f16334a7e9ee1522fdb90cd00fed3a17df
                                        
                                            GET /ajax/libs/pure/0.6.0/grids-responsive-min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 15 Jul 2018 13:14:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:46:32 GMT
Expires: Fri, 05 Jul 2019 13:14:39 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e4f891a42a3-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1497
Md5:    a633325a76de2355604c1a7a36dc0cd5
Sha1:   718bf1e95f51acf51e690401fdc16584fdad5712
Sha256: b49ad8f5917ef4055acfd7fa378bff6f246e9dbed7662364b55e88b966b4d9cd
                                        
                                            GET /ajax/libs/featherlight/1.4.1/featherlight.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 15 Jul 2018 13:14:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2017 00:29:16 GMT
Expires: Fri, 05 Jul 2019 13:14:39 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e4f9ff54285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   654
Md5:    ca177896526726a041a3ad47763bfc5a
Sha1:   844e50ba5b45d198a2d236441484bb30137b5729
Sha256: f267d489b06ffe28878af988f275aaf822de2519a031f73b7d26ed46cffcd037
                                        
                                            GET /gtm.js?id=GTM-K8WRNF6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.211.8
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 15 Jul 2018 13:14:39 GMT
Server: Google Tag Manager (scaffolding)
Content-Length: 1582
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1582
Md5:    e1f9a537e98cfea67c1135220d22d265
Sha1:   074ae9bc55a640f4991eb7deb0efaa3c4d2c1dea
Sha256: 885323b0091788294952ef417a320127293e93d757db587256deadc542059d72
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.107
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "B29DFB16DF600C75897C3C98F1722EEF7BB11E266E646F0E509E797C30C559F1"
Last-Modified: Thu, 12 Jul 2018 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sun, 15 Jul 2018 14:34:35 GMT
Date: Sun, 15 Jul 2018 13:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    0ea4035788dd85a70e0dd778a7c6af16
Sha1:   35fd415d422705c79a9e2c51c841fb7f0c3ce06b
Sha256: b29dfb16df600c75897c3c98f1722eef7bb11e266e646f0e509e797c30c559f1
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.122
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 12 Jul 2018 00:18:26 GMT
Etag: "21b3919d84293f53edc6972d25db8c8325210463"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=38963
Expires: Mon, 16 Jul 2018 00:04:02 GMT
Date: Sun, 15 Jul 2018 13:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    1ee6e215e1d709d92da192e414d56320
Sha1:   21b3919d84293f53edc6972d25db8c8325210463
Sha256: 717b2be13671d60d1fe168cbced10f1a725f7fe196fd555953eab94635ee1646
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    00c0bdfe6df3814ce3202e3da3ca7627
Sha1:   3d55bfef2b7ba0095caaeea6dc192a14fe4c6996
Sha256: 8f42f7fdd81c9a40209199c905201613d80f623ec72aba3ef22d78ec7e24837f
                                        
                                            GET /ajax/libs/featherlight/1.4.1/featherlight.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:41:57 GMT
Expires: Fri, 05 Jul 2019 13:14:40 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e504f244267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3104
Md5:    eb14a95c893a174c95a0bc50d1efb0f4
Sha1:   d6591e7e310ac2a6bd2397ce3017f547c4e0a71f
Sha256: b36cd1c27c5aa4fa71f463c81960b5c1e55c63e33fb1b5ad65fd7bae0d74e784
                                        
                                            GET /jquery-2.2.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         205.185.208.52
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 34834
Last-Modified: Fri, 20 May 2016 17:24:41 GMT
Server: nginx
Vary: Accept-Encoding
Etag: W/"573f4859-14e4a"
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
X-HW: 1531660479.dop010.sk1.t,1531660480.cds060.sk1.shn,1531660480.dop010.sk1.t,1531660480.cds033.sk1.c


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   34834
Md5:    84f004985e432d8590679042e1192ee1
Sha1:   a8e59ab8de94140bac44b3c5d690e7e53698fab5
Sha256: ceded7040a0498e4660f67cd3463e40f4f9569e92e568cd65c62097cb1c41a0d
                                        
                                            GET /gtm.js?id=GTM-K8WRNF6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.211.8
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Server: Google Tag Manager (scaffolding)
Content-Length: 1582
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1582
Md5:    e1f9a537e98cfea67c1135220d22d265
Sha1:   074ae9bc55a640f4991eb7deb0efaa3c4d2c1dea
Sha256: 885323b0091788294952ef417a320127293e93d757db587256deadc542059d72
                                        
                                            GET /css?family=Lekton:400,400italic,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sun, 15 Jul 2018 13:14:40 GMT
Date: Sun, 15 Jul 2018 13:14:40 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   246
Md5:    708f6acbc821df3c64ad5d206cf47e05
Sha1:   daf5504d2a4d1cfaf4395693ceb589fac481c495
Sha256: 50a69535b5373ad7413710b133b9373a1e9f647d6d481d64c8dab49e2c1887b7
                                        
                                            GET /favicon.gif HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Content-Length: 91
Connection: keep-alive
x-amz-id-2: YJRlmNSYosVb15Gd5VESBuwEoEo2SR5mW+PpfzZXLgk7I4tP+ldHhRe/66/j8/LAFkZKWZoFclM=
x-amz-request-id: 75079C0D245913E7
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1464065054/atime:1465275141/md5:7b58a43c14cdf60157a4d7cb4283e22a/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:52 GMT
Etag: "7b58a43c14cdf60157a4d7cb4283e22a"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:40 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e503e8c429d-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16
Size:   91
Md5:    7b58a43c14cdf60157a4d7cb4283e22a
Sha1:   6725992c24aac7dd60f3987c7d997c0face238f1
Sha256: 8f1ca80b707f97f584777df4e83b9aba6a422191306eadb41cbf916f498bd5ef
                                        
                                            GET /css/main.css HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=6073
Etag: W/"bc1ca08cb9edb3df3bb3b53e958117e9"
Last-Modified: Fri, 13 Oct 2017 14:02:38 GMT
x-amz-id-2: X7PmgnDkTD+IdYi7PoX8xixecE5aRRU7FT35djuOlFLnVoEO3hyvHMtX7SbZy7Z7Asm4oHvfY4M=
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1507903340/atime:1507903174/md5:bc1ca08cb9edb3df3bb3b53e958117e9/ctime:1507903340
x-amz-request-id: 65386B7766AA1F66
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:40 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e4e7df34267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1271
Md5:    95d88032392bb322eedc5ceb3c197b2c
Sha1:   d28456e80dd237be9be5bf2f1140a5482ed05271
Sha256: 072bca5fab67a6c461a5c1ed3b271b8baf045264251d8e0f4ef1e7cc08b22221
                                        
                                            GET /js/book.js HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=1716
Etag: W/"60847fdb5300a6c92271c55400e7debf"
Last-Modified: Wed, 08 Jun 2016 05:28:19 GMT
x-amz-id-2: jS9tUzEF3SFF0fY1MgIwlx/0r4Y8go9ky2EZYLXufgabwU0hVJMQVJrnSE5x7S2KpkwNR1ktuVU=
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1465359432/atime:1465363684/md5:60847fdb5300a6c92271c55400e7debf/ctime:1465359858
x-amz-request-id: 705C732E59D161F7
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:40 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e4fb93742a3-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   511
Md5:    11ffe51a049bb3c5c64508ae7d3e4d25
Sha1:   305a5430c19ed856452c89adc22fb387ef75e411
Sha256: 21914919e10c09d8545bf4f9b90e7e79f9ca732b02ba62a83ebbf70f676b8e4c
                                        
                                            GET /assets/fonts/fontello/css/fontello.css HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=1791
Etag: W/"4ba49dc7af5d11b9196068b06fd3bb6e"
Last-Modified: Tue, 07 Jun 2016 04:52:48 GMT
x-amz-id-2: /18lH652X4TI7MKLOsmZEJFk3NzUvU/DX1DhlOLmHkY/ocRSI09LJcl73xsQar2dsNqYBz7AuGM=
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33261/mtime:1464699924/atime:1465275141/md5:4ba49dc7af5d11b9196068b06fd3bb6e/ctime:1465206296
x-amz-request-id: D8A758540603F348
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:40 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e4f88604255-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   359
Md5:    b41164b4f2fdc758fd5dbb12d0ae2162
Sha1:   4bc7aa708b4148e3d7b995d1e2f6c98b11ec8a86
Sha256: 63ba86300ebfada318e2eb5a813b11ea35afe00938f9eb431456689a7325781d
                                        
                                            GET /img/sx.png HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Content-Length: 69657
Connection: keep-alive
x-amz-id-2: EKu+STEE4c7hHJhLTlengZhpbM7cA24+HUdbuZiaO2LjuhRLmf2Sn71fdtfg3YBgHGqTKw4aoFg=
x-amz-request-id: C2B11AFAB8908B67
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1466159799/atime:1466161224/md5:3a9c3027c8fd488a23d47d0d5ac655e3/ctime:1466159943
Last-Modified: Fri, 17 Jun 2016 11:10:16 GMT
Etag: "3a9c3027c8fd488a23d47d0d5ac655e3"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:40 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e5049a7427f-OSL


--- Additional Info ---
Magic:  PNG image, 200 x 200, 8-bit/color RGBA, non-interlaced
Size:   69657
Md5:    3a9c3027c8fd488a23d47d0d5ac655e3
Sha1:   f39a661c32efe95818286ff18f60db92343b7cad
Sha256: b14c96fdef6dd2978169508097ce8e6a54054677ca54f1a1349660d449ebb50f
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    fed9ace760070cc00e0452f5aa386cf5
Sha1:   1ee88b4f49e85b69f9f4cb285a147da1b29360c0
Sha256: 8bb648e6940f02db8303356b47189788cb593ad73e65c8f5773a1b4d877a4e9e
                                        
                                            GET /img/rotateskull.gif HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Content-Length: 14683
Connection: keep-alive
x-amz-id-2: fPEg3Pf7Du/0G4TrfPD5yNsQ1HCzLQAD9fYJnaMmyaCYjkgf69TNJIkwoSqGex7we8NeU1IkieQ=
x-amz-request-id: 400F8331194A2B4F
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1464509084/atime:1465275141/md5:f0a4ec6c0b15558c1a2935f12628da24/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:54 GMT
Etag: "f0a4ec6c0b15558c1a2935f12628da24"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:40 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e503e8e429d-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 38
Size:   14683
Md5:    f0a4ec6c0b15558c1a2935f12628da24
Sha1:   4ea7025e5c7a8c9eb47193b9537192814730f786
Sha256: ce9c0bc9325abe68cbff8196b818bfc3f337e69443f5c38657d891937578d407
                                        
                                            GET /s/lekton/v8/SZc43FDmLaWmWpBuWB3v.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Lekton:400,400italic,700
Origin: https://elite-hackers.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 12604
Date: Fri, 13 Jul 2018 20:07:09 GMT
Expires: Sat, 13 Jul 2019 20:07:09 GMT
Last-Modified: Tue, 10 Oct 2017 20:53:42 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 148051
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   12604
Md5:    83af272c659255d073110a8bc6ddc655
Sha1:   8c07006b56789cf5b538a4c11a6eedf7eca9b6ab
Sha256: a83d88e6e610186338d2b7a1a2246b2549683490fec39bf88c63f7aecf8cc651
                                        
                                            GET /img/bg/1920x1400.jpg HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/css/main.css
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 15 Jul 2018 13:14:40 GMT
Content-Length: 79181
Connection: keep-alive
x-amz-id-2: W8s54iVK3iNxWxEx/99S8wzqP7CscjZU7Ab7y9w+DeSQydr7QxA9wQeIcg3A+IHobTZ81+zGi4g=
x-amz-request-id: C6E67B192A3EB48C
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1508004483/atime:1508004483/md5:1d66bb21775fa8819b01e0455f3c88b7/ctime:1508004484
Last-Modified: Sat, 14 Oct 2017 18:08:29 GMT
Etag: "1d66bb21775fa8819b01e0455f3c88b7"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:40 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e526835429d-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   79181
Md5:    1d66bb21775fa8819b01e0455f3c88b7
Sha1:   79aacb7bc4aa542ac68bc4d858809c64ecc8754e
Sha256: 4562386071739a5a06558c420713dc155afd774a81c407c67d9d5e94e1998597
                                        
                                            GET /s/lekton/v8/SZc63FDmLaWmWpBuXS3rtUE.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Lekton:400,400italic,700
Origin: https://elite-hackers.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 9888
Date: Thu, 12 Jul 2018 23:59:30 GMT
Expires: Fri, 12 Jul 2019 23:59:30 GMT
Last-Modified: Tue, 10 Oct 2017 20:53:02 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 220510
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   9888
Md5:    f3611423fde85eaf588a3d8483676ec0
Sha1:   7dec2e11d1e462f33f1406e9a07d4979b5b703e6
Sha256: 7fa64d4747482f7502ddbfd76a862e54136f379c1e302361b768b942e8fb6b9a
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Sun, 15 Jul 2018 11:22:10 GMT
Expires: Sun, 15 Jul 2018 13:22:10 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14386
Cache-Control: public, max-age=7200
Age: 6750
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14386
Md5:    b3de885583a477d4e31568948d6bebd7
Sha1:   2ce8d853244dde551c41d5207d6f71c567bde8c6
Sha256: e1bb5aa555a0d875e2a67884ceaa0629e08994a8aabadc2fac5b6915793dbf75
                                        
                                            GET /assets/fonts/audimat-mono-webfont/audiml__-webfont.woff HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/css/main.css
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Date: Sun, 15 Jul 2018 13:14:41 GMT
Content-Length: 17172
Connection: keep-alive
x-amz-id-2: rqV22kTvGg4hvNYPRK6hBr3Vl4rGKQXRGtYtX/tyXlOau7eZzCeeRO8/Kv3P5ztjpXl5CjhfIUM=
x-amz-request-id: B4615F9714AA540B
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1464511415/atime:1465275141/md5:c37b4eebf18912e684d621a4a47e5bbd/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:39 GMT
Etag: "c37b4eebf18912e684d621a4a47e5bbd"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:41 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e5589d04267-OSL


--- Additional Info ---
Magic:  data
Size:   17172
Md5:    c37b4eebf18912e684d621a4a47e5bbd
Sha1:   1f43146e2db50f209b81312746603305b3f67b77
Sha256: 63b592e833915096b56d01a60b5dacddfa5c5575c905fa01ef193f1547a33582
                                        
                                            GET /assets/fonts/fontello/font/fontello.woff?58835024 HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/assets/fonts/fontello/css/fontello.css
Cookie: __cfduid=dbdcba5f8e32525f8c8154e50f611c3081531660479

                                         
                                         104.31.79.55
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Date: Sun, 15 Jul 2018 13:14:41 GMT
Content-Length: 2720
Connection: keep-alive
x-amz-id-2: wXXqACTwDDIjw0+rO76YRpn1goF102TTHZjBcuKTkPzfCl+COXHIPkmbv4mdBrYFSzJabumcD7A=
x-amz-request-id: 38631A39BFFACDD3
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33261/mtime:1464699924/atime:1465275141/md5:b9bdeea3df960262b026285fc846d2e4/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:48 GMT
Etag: "b9bdeea3df960262b026285fc846d2e4"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 15 Jul 2018 17:14:41 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 43ac7e54bbb742a3-OSL


--- Additional Info ---
Magic:  data
Size:   2720
Md5:    b9bdeea3df960262b026285fc846d2e4
Sha1:   f491f3ce04d3e99aa3dc7f5f453a38b56d74f99b
Sha256: 3837e8ecee21f15d8b3960af92901906d8bf96ad4b50dbdf834c6d9f2befeaca
                                        
                                            GET /s/lekton/v8/SZc73FDmLaWmWpBm4zj8kmLQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Lekton:400,400italic,700
Origin: https://elite-hackers.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 12652
Date: Thu, 12 Jul 2018 10:34:26 GMT
Expires: Fri, 12 Jul 2019 10:34:26 GMT
Last-Modified: Tue, 10 Oct 2017 20:53:28 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 268816
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   12652
Md5:    ea50c9a0cc6ca3f1569dbf23d5a1dc47
Sha1:   c288d42067380b591f1c29f68bdfacc9986cb16e
Sha256: 8659bb7242fbd747a2434ef874f139396017c545a6744745d5a6ef15c448565f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=163913
Date: Sun, 15 Jul 2018 13:14:42 GMT
Etag: "5b4b0d38-1d7"
Expires: Tue, 17 Jul 2018 10:29:28 GMT
Last-Modified: Sun, 15 Jul 2018 09:00:40 GMT
Server: ECS (arn/4694)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    817e06436f5a204fb02952a12ed06654
Sha1:   61749360d50801c7ea86754153bc7acb497fa54c
Sha256: dc1984e107284f11d36cd186d73e5f50fcee1c23133f794387680aeaabbaf3d8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=152230
Date: Sun, 15 Jul 2018 13:14:42 GMT
Etag: "5b4ad048-1d7"
Expires: Tue, 17 Jul 2018 07:21:53 GMT
Last-Modified: Sun, 15 Jul 2018 04:40:40 GMT
Server: ECS (arn/46BA)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4960eae414deed089a31f99498c1db03
Sha1:   7d9c062d880132d32485ebad1b58fd4e72fd57fd
Sha256: e701392a2c400cd5f82d023b9e20a51574fa9d32f355735af9c5ac7c9a660811
                                        
                                            GET /r/collect?v=1&_v=j68&a=1335108168&t=pageview&_s=1&dl=https%3A%2F%2Felite-hackers.com%2Ffiles%2Fsub7.exe&ul=en-us&de=UTF-8&dt=404%3A%20Page%20Not%20Found&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAEQ~&jid=2061077580&gjid=379203979&cid=1929383642.1531660482&tid=UA-4046771-1&_gid=1887634066.1531660482&_r=1&z=1802267992 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sun, 15 Jul 2018 13:14:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-Frame-Options: DENY
Cache-Control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Pragma: public
X-XSS-Protection: 0
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: xUs7mtw7g5jL6I/bJmTM6lFNKB/xZBSu0KVPRN8Z8IBNfVrh+GbAWZywAn++oWMNxvmRt+RhDv8zjox2dsEgeg==
Date: Sun, 15 Jul 2018 13:14:42 GMT
Connection: keep-alive
Content-Length: 13399


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13399
Md5:    e544ebec2554f0965fef1e4a2b6d646c
Sha1:   1ec0aa5bae4ba8fcf075c279e0fe97c81811eec5
Sha256: 93eff932cd9e7938dd082e2bf44978843e4d6ccf0ff1e42d11fdb7fc0f9513e8