Overview

URL www.elite-hackers.com/files/sub7.exe
IP104.31.79.55
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-10-02 17:16:33 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-10-02 17:15:28 CEST 2 Client IP  104.31.78.55 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.31.79.55

Date UQ / IDS / BL URL IP
2018-10-24 22:46:24 +0200
0 - 1 - 0 www.mopseoutlet.top/ 104.31.79.55
2018-10-12 19:16:10 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-12 11:15:18 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-12 01:15:22 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-08 20:11:57 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-05 22:18:35 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-05 14:15:17 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-05 00:16:21 +0200
0 - 2 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-03 21:15:09 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55
2018-10-02 09:15:15 +0200
0 - 1 - 0 www.elite-hackers.com/files/sub7.exe 104.31.79.55

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2019-07-04 10:47:28 +0200
0 - 0 - 0 https://www.bitchute.com/video/nGjzUqQzi423/ 104.24.23.87
2019-07-02 09:55:24 +0200
0 - 0 - 0 Finddreamjobs.com 104.17.47.14
2019-07-02 09:51:03 +0200
0 - 0 - 0 https://www.bitchute.com/video/ix3LoPLzjS8a/ 104.24.23.87
2019-07-02 09:50:01 +0200
0 - 0 - 0 https://www.bitchute.com/video/RNGAJQK1s8Qx/ 104.24.22.87
2019-07-02 09:49:59 +0200
0 - 0 - 0 https://www.bitchute.com/video/HUEWirPZXMOI/ 104.24.23.87
2019-07-02 09:49:58 +0200
0 - 0 - 0 https://www.bitchute.com/video/GRkaogicSTRt/ 104.24.23.87
2019-07-02 09:49:56 +0200
0 - 0 - 0 https://www.bitchute.com/video/0vPgxEoFvLs8/ 104.24.23.87
2019-07-02 09:49:34 +0200
0 - 0 - 0 https://www.bitchute.com/video/rhOuRaIOHJdb/ 104.24.22.87
2019-07-02 09:49:31 +0200
0 - 0 - 0 https://www.bitchute.com/video/0gdUIrC1FwTV/ 104.24.23.87
2019-07-02 09:49:30 +0200
0 - 0 - 0 https://www.bitchute.com/video/9TSaSoV97QZI/ 104.24.22.87

No other reports on domain: elite-hackers.com



JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (39)


Request Response
                                        
                                            GET /files/sub7.exe HTTP/1.1 
Host: www.elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.31.78.55
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 02 Oct 2018 15:15:28 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327; expires=Wed, 02-Oct-19 15:15:27 GMT; path=/; domain=.elite-hackers.com; HttpOnly
x-amz-id-2: 1xIGm32I/xhB+uJfPTVhal6lIeduBKs7WyRkxPZbG2oowTOtUWbaPoYwKN3FDcOYpAYd7h5c67s=
x-amz-request-id: C88C56B005D7B599
Location: http://elite-hackers.com/files/sub7.exe
Server: cloudflare
CF-RAY: 46381fe372a14273-OSL


--- Additional Info ---

Alerts:
  IDS:
    - ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile
                                        
                                            GET /files/sub7.exe HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 02 Oct 2018 15:15:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 02 Oct 2018 16:15:28 GMT
Location: https://elite-hackers.com/files/sub7.exe
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fe6f7074267-OSL


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 01 Oct 2018 03:37:16 GMT
Etag: D74761FF2A72550EABC2663AA59CBC8FD4042B37
X-OCSP-Responder-ID: rmdccaocsp23
Content-Length: 279
Cache-Control: public, no-transform, must-revalidate, max-age=475907
Expires: Mon, 08 Oct 2018 03:27:15 GMT
Date: Tue, 02 Oct 2018 15:15:28 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   279
Md5:    0b0c679b60dded434a19e16278001ec5
Sha1:   d74761ff2a72550eabc2663aa59cbc8fd4042b37
Sha256: 0243c0b414e55297e875fe0dae9c217e4cc68f5a7730f6c4e2d9a924bd821e2f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 27 Sep 2018 21:27:34 GMT
Etag: 3677E423E37EA49252B6CCC985D0FF59BF4D6990
X-OCSP-Responder-ID: rmdccaocsp23
Content-Length: 314
Cache-Control: public, no-transform, must-revalidate, max-age=194505
Expires: Thu, 04 Oct 2018 21:17:13 GMT
Date: Tue, 02 Oct 2018 15:15:28 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   314
Md5:    d50f7d13b4217ba21dfab5943f1daf00
Sha1:   3677e423e37ea49252b6ccc985d0ff59bf4d6990
Sha256: 19e4bdaa110a88643debff8f2309da875be4964a9294f29654c76b709cc4a70f
                                        
                                            GET /files/sub7.exe HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1518320538/atime:1518320499/md5:f24b47be1cb3ad6cb92178ce91177c18/ctime:1518320538
Last-Modified: Sun, 11 Feb 2018 03:46:27 GMT
x-amz-error-code: NoSuchKey
x-amz-error-message: The specified key does not exist.
x-amz-error-detail-Key: files/sub7.exe
x-amz-request-id: 59022B01CCE95D0B
x-amz-id-2: Qot9MZkdp8K0gpjAObbIEDkxTh0ZSgIuM27h+250VmsBosNsZGviuOL24W2RiF+KBV0S/Inh9nI=
CF-Cache-Status: EXPIRED
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fe90ce94267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2349
Md5:    75bdaf3501eae889d80318de5da7a0fc
Sha1:   5674d9c08068dab9c87c8c2212fbb7b7fdaf28b6
Sha256: 65a3ec215b1503a7086a08ba58baa1648fd6de871019f63b72bca24076c63aa3
                                        
                                            GET /css/main.css HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=6073
Etag: W/"bc1ca08cb9edb3df3bb3b53e958117e9"
Last-Modified: Fri, 13 Oct 2017 14:02:38 GMT
x-amz-id-2: 6n+qsYLoU7CkZkMJpLze8fEEWrNJp9nNhcu/0y7y7A89IHQOplPvzaYXoxUHoVSwX1/rpSuw8uc=
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1507903340/atime:1507903174/md5:bc1ca08cb9edb3df3bb3b53e958117e9/ctime:1507903340
x-amz-request-id: A9569CB18F77D97F
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fec3f5f4267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1270
Md5:    7212ca745462651f107f826e6ab0995c
Sha1:   e073be67ff6c298756a54fba028ddff6972305b9
Sha256: ad6f1a726c47d4c4e67a469b09410ad0aa92675a0124bf601662b3f63ff1d86d
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ba967bbf9d7945387afbf04c8671f0c2
Sha1:   7dae6913cdb1a51e837440ab366d8c0c910f04a4
Sha256: c5e9f725c0b53e890428159a2188f200f7ce04db6ba1c0f2b81ab985d5b0fd85
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /assets/fonts/fontello/css/fontello.css HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=1791
Etag: W/"4ba49dc7af5d11b9196068b06fd3bb6e"
Last-Modified: Tue, 07 Jun 2016 04:52:48 GMT
x-amz-id-2: o7UrRX75AkfOo05vHg33TQ2inasDqE4YxdtiN8QYh1mfEcO+NtpwlRyJlWckyK2yNXB6KnGEBAI=
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33261/mtime:1464699924/atime:1465275141/md5:4ba49dc7af5d11b9196068b06fd3bb6e/ctime:1465206296
x-amz-request-id: E35EF85102AA3809
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fec7b944285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   359
Md5:    b41164b4f2fdc758fd5dbb12d0ae2162
Sha1:   4bc7aa708b4148e3d7b995d1e2f6c98b11ec8a86
Sha256: 63ba86300ebfada318e2eb5a813b11ea35afe00938f9eb431456689a7325781d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 27 Sep 2018 02:24:17 GMT
Etag: B4BBBF9FBC8907FADBC7DCB6E45C4AF77B228422
X-OCSP-Responder-ID: rmdccaocsp13
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=125973
Expires: Thu, 04 Oct 2018 02:15:02 GMT
Date: Tue, 02 Oct 2018 15:15:29 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    9786f95c938ad64d280dfd9149b6ebdb
Sha1:   b4bbbf9fbc8907fadbc7dcb6e45c4af77b228422
Sha256: 47e23eff7600cf406cb42c5b3100d80628cde33b7a97a056d5d4ddf3e82c352d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 27 Sep 2018 21:27:34 GMT
Etag: 161723E8ED37A98813B1D1F32879DEEE6A48545C
X-OCSP-Responder-ID: rmdccaocsp23
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=194507
Expires: Thu, 04 Oct 2018 21:17:16 GMT
Date: Tue, 02 Oct 2018 15:15:29 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    348c9effa0a0cf12f8072b7392298eed
Sha1:   161723e8ed37a98813b1d1f32879deee6a48545c
Sha256: 36f475da10f101d1001eee3965783423abe25de40ae334af6cc2ce99603f7947
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 27 Sep 2018 21:27:34 GMT
Etag: AD615918C72B563D82CE144318ED6E69C364F176
X-OCSP-Responder-ID: rmdccaocsp21
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=194558
Expires: Thu, 04 Oct 2018 21:18:07 GMT
Date: Tue, 02 Oct 2018 15:15:29 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    fd09333a83600e03a0fe2dc697ca0a91
Sha1:   ad615918c72b563d82ce144318ed6e69c364f176
Sha256: 8249062819af4dbfd7f46e8a62541e95cb8ca5c2e5064a0c35809c52e1e0e42d
                                        
                                            GET /gtm.js?id=GTM-K8WRNF6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.211.136
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Server: Google Tag Manager (scaffolding)
Content-Length: 1582
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1582
Md5:    e1f9a537e98cfea67c1135220d22d265
Sha1:   074ae9bc55a640f4991eb7deb0efaa3c4d2c1dea
Sha256: 885323b0091788294952ef417a320127293e93d757db587256deadc542059d72
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "FDE237FC8F487CAE304A4DC44B3A7B6ED9657F579AC4EB6187346077EBA2B663"
Last-Modified: Mon, 01 Oct 2018 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Tue, 02 Oct 2018 16:37:12 GMT
Date: Tue, 02 Oct 2018 15:15:29 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    48fb8683cae30143ec1517ef7005aafe
Sha1:   b5c8d9b09647ee112f78cd4f0b28a9c785dbad67
Sha256: fde237fc8f487cae304a4dc44b3a7b6ed9657f579ac4eb6187346077eba2b663
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Fri, 28 Sep 2018 20:38:02 GMT
Etag: "405a2cbf6c0b73623cfe0ffc93f2380c4c9627b1"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=9032
Expires: Tue, 02 Oct 2018 17:46:01 GMT
Date: Tue, 02 Oct 2018 15:15:29 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    9f70d21306087c2426ab525eb4be1d0c
Sha1:   405a2cbf6c0b73623cfe0ffc93f2380c4c9627b1
Sha256: cac4f379d7a4464e89959a0d47beb0a043023f4df5e7e71e9fe19603fe8a9bc2
                                        
                                            GET /favicon.gif HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Content-Length: 91
Connection: keep-alive
x-amz-id-2: f7J+6Slwmj3a+FbpNfwsE5PhFtOPyypbrkDf0VEb5MsbXmRDZ9jQ9j+hrFHo6906K6DTQ9FcV60=
x-amz-request-id: DA0169B560263C98
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1464065054/atime:1465275141/md5:7b58a43c14cdf60157a4d7cb4283e22a/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:52 GMT
Etag: "7b58a43c14cdf60157a4d7cb4283e22a"
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fecf84d4267-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16
Size:   91
Md5:    7b58a43c14cdf60157a4d7cb4283e22a
Sha1:   6725992c24aac7dd60f3987c7d997c0face238f1
Sha256: 8f1ca80b707f97f584777df4e83b9aba6a422191306eadb41cbf916f498bd5ef
                                        
                                            GET /ajax/libs/featherlight/1.4.1/featherlight.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2017 00:29:16 GMT
Expires: Sun, 22 Sep 2019 15:15:29 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fedf8c042a3-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3104
Md5:    eb14a95c893a174c95a0bc50d1efb0f4
Sha1:   d6591e7e310ac2a6bd2397ce3017f547c4e0a71f
Sha256: b36cd1c27c5aa4fa71f463c81960b5c1e55c63e33fb1b5ad65fd7bae0d74e784
                                        
                                            GET /js/book.js HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=1716
Etag: W/"60847fdb5300a6c92271c55400e7debf"
Last-Modified: Wed, 08 Jun 2016 05:28:19 GMT
x-amz-id-2: 3KrZIY+WZGVi0yx1Y3zZIxtBsRqhILLKaIPVeblQTasNumeTmvmqPKOz6Og487Xe4y53aQyu0+M=
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1465359432/atime:1465363684/md5:60847fdb5300a6c92271c55400e7debf/ctime:1465359858
x-amz-request-id: 7B2BE67D63341591
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fecf94f4297-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   511
Md5:    11ffe51a049bb3c5c64508ae7d3e4d25
Sha1:   305a5430c19ed856452c89adc22fb387ef75e411
Sha256: 21914919e10c09d8545bf4f9b90e7e79f9ca732b02ba62a83ebbf70f676b8e4c
                                        
                                            GET /gtm.js?id=GTM-K8WRNF6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.211.136
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Server: Google Tag Manager (scaffolding)
Content-Length: 1582
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1582
Md5:    e1f9a537e98cfea67c1135220d22d265
Sha1:   074ae9bc55a640f4991eb7deb0efaa3c4d2c1dea
Sha256: 885323b0091788294952ef417a320127293e93d757db587256deadc542059d72
                                        
                                            GET /ajax/libs/pure/0.6.0/pure-min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2017 00:34:44 GMT
Expires: Sun, 22 Sep 2019 15:15:29 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fedfad542a9-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4100
Md5:    33d3355f11693387ab8f901711d0bfdf
Sha1:   7558ca14f8b7a1517c5709f09ac58988f447b669
Sha256: ac5cb33cfd3e2e2e828347eefe7c14f16334a7e9ee1522fdb90cd00fed3a17df
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    6766b3e23ac6d594a670067d45f271aa
Sha1:   07910afd996b544231d5bf74ed3f1144b8cc7578
Sha256: fb269c50e2ea0305d426ca053d2e658163c3824ad0184f1f565dbfc32bd99772
                                        
                                            GET /jquery-2.2.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         205.185.208.52
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 29811
Last-Modified: Fri, 20 May 2016 17:24:41 GMT
Server: nginx
Etag: W/"573f4859-14e4a"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1538493329.dop005.sk1.t,1538493329.cds003.sk1.shn,1538493329.cds003.sk1.c


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   29811
Md5:    82885772205f23cd59e25a221521b059
Sha1:   96ed36f45544295f28df1ab251e7e38faceeff0e
Sha256: 8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
                                        
                                            GET /ajax/libs/pure/0.6.0/grids-responsive-min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2017 00:34:44 GMT
Expires: Sun, 22 Sep 2019 15:15:29 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381feeac964279-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1497
Md5:    a633325a76de2355604c1a7a36dc0cd5
Sha1:   718bf1e95f51acf51e690401fdc16584fdad5712
Sha256: b49ad8f5917ef4055acfd7fa378bff6f246e9dbed7662364b55e88b966b4d9cd
                                        
                                            GET /ajax/libs/featherlight/1.4.1/featherlight.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 May 2018 09:19:48 GMT
Etag: W/"5afd4934-5a1"
Expires: Sun, 22 Sep 2019 15:15:29 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Served-In-Seconds: 0.003
CF-Cache-Status: HIT
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381feead4e4291-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   654
Md5:    ca177896526726a041a3ad47763bfc5a
Sha1:   844e50ba5b45d198a2d236441484bb30137b5729
Sha256: f267d489b06ffe28878af988f275aaf822de2519a031f73b7d26ed46cffcd037
                                        
                                            GET /css?family=Lekton:400,400italic,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 02 Oct 2018 15:15:29 GMT
Date: Tue, 02 Oct 2018 15:15:29 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   246
Md5:    708f6acbc821df3c64ad5d206cf47e05
Sha1:   daf5504d2a4d1cfaf4395693ceb589fac481c495
Sha256: 50a69535b5373ad7413710b133b9373a1e9f647d6d481d64c8dab49e2c1887b7
                                        
                                            GET /img/bg/1920x1400.jpg HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/css/main.css
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Content-Length: 79181
Connection: keep-alive
x-amz-id-2: aJtopX0nuEgZyvjoTMU/rBKdlUf4TyE8ax08uvBIF7FUCFiWvpeMEHxJyxYksj/DUm+mRswqCBQ=
x-amz-request-id: AF6CCA3DCA55E4CF
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1508004483/atime:1508004483/md5:1d66bb21775fa8819b01e0455f3c88b7/ctime:1508004484
Last-Modified: Sat, 14 Oct 2017 18:08:29 GMT
Etag: "1d66bb21775fa8819b01e0455f3c88b7"
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381feecdf34285-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   79181
Md5:    1d66bb21775fa8819b01e0455f3c88b7
Sha1:   79aacb7bc4aa542ac68bc4d858809c64ecc8754e
Sha256: 4562386071739a5a06558c420713dc155afd774a81c407c67d9d5e94e1998597
                                        
                                            GET /img/sx.png HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Content-Length: 69657
Connection: keep-alive
x-amz-id-2: VBvbE+rj4FnAIt75VvRKaiXf3HF2qfqUub5DNS6fR8rXrXsTXQTeqHysHxAtHa8LjaDab2IVlR8=
x-amz-request-id: F48657B1F9E5749D
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1466159799/atime:1466161224/md5:3a9c3027c8fd488a23d47d0d5ac655e3/ctime:1466159943
Last-Modified: Fri, 17 Jun 2016 11:10:16 GMT
Etag: "3a9c3027c8fd488a23d47d0d5ac655e3"
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fee1b0642a9-OSL


--- Additional Info ---
Magic:  PNG image, 200 x 200, 8-bit/color RGBA, non-interlaced
Size:   69657
Md5:    3a9c3027c8fd488a23d47d0d5ac655e3
Sha1:   f39a661c32efe95818286ff18f60db92343b7cad
Sha256: b14c96fdef6dd2978169508097ce8e6a54054677ca54f1a1349660d449ebb50f
                                        
                                            GET /img/rotateskull.gif HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 02 Oct 2018 15:15:29 GMT
Content-Length: 14683
Connection: keep-alive
x-amz-id-2: 6GZDoKOSIFempoUpXCJg6Db1VAezGMwpWfljViPKITwPOjDff2+uNZ8WRV31BMZXltXL85uGOCs=
x-amz-request-id: 6F534E509412F023
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1464509084/atime:1465275141/md5:f0a4ec6c0b15558c1a2935f12628da24/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:54 GMT
Etag: "f0a4ec6c0b15558c1a2935f12628da24"
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:29 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381fee1c03427f-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 38
Size:   14683
Md5:    f0a4ec6c0b15558c1a2935f12628da24
Sha1:   4ea7025e5c7a8c9eb47193b9537192814730f786
Sha256: ce9c0bc9325abe68cbff8196b818bfc3f337e69443f5c38657d891937578d407
                                        
                                            GET /assets/fonts/audimat-mono-webfont/audiml__-webfont.woff HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/css/main.css
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Date: Tue, 02 Oct 2018 15:15:30 GMT
Content-Length: 17172
Connection: keep-alive
x-amz-id-2: /3c+/k+ShPV6w2WaL1AjA45b7/SFifk1SWoenAaKsRAt4dWqN7wqjyTiKipfNwZUWlQ5EO7S2Vg=
x-amz-request-id: 025D323640C55DF1
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33188/mtime:1464511415/atime:1465275141/md5:c37b4eebf18912e684d621a4a47e5bbd/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:39 GMT
Etag: "c37b4eebf18912e684d621a4a47e5bbd"
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:30 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381ff1cc954267-OSL


--- Additional Info ---
Magic:  data
Size:   17172
Md5:    c37b4eebf18912e684d621a4a47e5bbd
Sha1:   1f43146e2db50f209b81312746603305b3f67b77
Sha256: 63b592e833915096b56d01a60b5dacddfa5c5575c905fa01ef193f1547a33582
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=157973
Date: Tue, 02 Oct 2018 15:15:30 GMT
Etag: "5bb333a6-1d7"
Expires: Thu, 04 Oct 2018 11:08:23 GMT
Last-Modified: Tue, 02 Oct 2018 09:00:22 GMT
Server: ECS (arn/45C7)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8b9bf74dfefc35f2f94b00e1042af488
Sha1:   d82ad09884b348c1cbce2ce727b4a766c589a024
Sha256: d8857d3904b0d72ff2f822bc3be289c2eb4d88c7dcb8e753d66cedbc15938751
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=157580
Date: Tue, 02 Oct 2018 15:15:30 GMT
Etag: "5bb348fd-1d7"
Expires: Thu, 04 Oct 2018 11:01:50 GMT
Last-Modified: Tue, 02 Oct 2018 10:31:25 GMT
Server: ECS (arn/4599)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    faf8b91f5a2c548103efc1733b9d206c
Sha1:   73094d8ea54c79785b4ce31c73c3250facc50f65
Sha256: 87d055a60b04fb7f32ba1b9585199f63fbf7efcacda14f34d7cafcac12b5b31c
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 02 Oct 2018 15:15:30 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ca9a4a491370a3f1f6d72d3b2f0ce9d5
Sha1:   21c8ae5979489b73ebfeb32bbf8f8cbbdec08a4c
Sha256: dedc17a7aaef482207f5548f3c0564d949463a76bc2a5707f42ecc09c2240ed7
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Frame-Options: DENY
X-XSS-Protection: 0
Access-Control-Allow-Origin: https://connect.facebook.net
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Pragma: public
Vary: Origin, Accept-Encoding
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS
X-Content-Type-Options: nosniff
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Cache-Control: public, max-age=1200
Content-Encoding: gzip
X-FB-Debug: 1dGt9JRBvg617mb4H526GMRNyqCBy9E6z26F+3RWnTj1iRD57ia4zmxLUrArYBQafQo+/zabPEuimjPM6r1SAA==
Date: Tue, 02 Oct 2018 15:15:30 GMT
Connection: keep-alive
Content-Length: 14117


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   14117
Md5:    7517ed70d877141b264da76a37056761
Sha1:   1b3176dfe7905d2cd560b483788278f7cc14d46f
Sha256: 744f321ec430c43fc949306860f83982d6f83dd82526a6659f9b6dac7624ebb5
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 02 Oct 2018 14:02:41 GMT
Expires: Tue, 02 Oct 2018 16:02:41 GMT
Last-Modified: Mon, 01 Oct 2018 17:56:18 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17285
Cache-Control: public, max-age=7200
Age: 4369
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17285
Md5:    d805ae550cdc9aaa4bae83d67232e6ae
Sha1:   9537cd6a02c7a1ec9e0ac02b31a00b8dbd4230d3
Sha256: 232775139b1bd39d9966db28c8195b1ca5fbf6bcbfb80cc9e72edc45a4409dd3
                                        
                                            GET /assets/fonts/fontello/font/fontello.woff?58835024 HTTP/1.1 
Host: elite-hackers.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/assets/fonts/fontello/css/fontello.css
Cookie: __cfduid=d93976b045c99c4d4d13449cda3c1b3cd1538493327

                                         
                                         104.31.78.55
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Date: Tue, 02 Oct 2018 15:15:30 GMT
Content-Length: 2720
Connection: keep-alive
x-amz-id-2: BKLUbRjhpt/laE+s6BYgjfmUBpvbtUZbZm8dTpgAJ1sIWWhhg+voVfcH/7zIeVtNz5aALy7f9SY=
x-amz-request-id: 05AB729F0E7A6491
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:richardrobinson/gid:20/mode:33261/mtime:1464699924/atime:1465275141/md5:b9bdeea3df960262b026285fc846d2e4/ctime:1465206296
Last-Modified: Tue, 07 Jun 2016 04:52:48 GMT
Etag: "b9bdeea3df960262b026285fc846d2e4"
CF-Cache-Status: HIT
Expires: Tue, 02 Oct 2018 19:15:30 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46381ff33e844297-OSL


--- Additional Info ---
Magic:  data
Size:   2720
Md5:    b9bdeea3df960262b026285fc846d2e4
Sha1:   f491f3ce04d3e99aa3dc7f5f453a38b56d74f99b
Sha256: 3837e8ecee21f15d8b3960af92901906d8bf96ad4b50dbdf834c6d9f2befeaca
                                        
                                            GET /s/lekton/v8/SZc43FDmLaWmWpBuWB3v.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Lekton:400,400italic,700
Origin: https://elite-hackers.com

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 12604
Date: Tue, 28 Aug 2018 20:45:37 GMT
Expires: Wed, 28 Aug 2019 20:45:37 GMT
Last-Modified: Tue, 10 Oct 2017 20:53:42 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 3004193
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   12604
Md5:    83af272c659255d073110a8bc6ddc655
Sha1:   8c07006b56789cf5b538a4c11a6eedf7eca9b6ab
Sha256: a83d88e6e610186338d2b7a1a2246b2549683490fec39bf88c63f7aecf8cc651
                                        
                                            GET /s/lekton/v8/SZc73FDmLaWmWpBm4zj8kmLQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Lekton:400,400italic,700
Origin: https://elite-hackers.com

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 12652
Date: Tue, 28 Aug 2018 22:35:11 GMT
Expires: Wed, 28 Aug 2019 22:35:11 GMT
Last-Modified: Tue, 10 Oct 2017 20:53:28 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 2997620
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   12652
Md5:    ea50c9a0cc6ca3f1569dbf23d5a1dc47
Sha1:   c288d42067380b591f1c29f68bdfacc9986cb16e
Sha256: 8659bb7242fbd747a2434ef874f139396017c545a6744745d5a6ef15c448565f
                                        
                                            GET /s/lekton/v8/SZc63FDmLaWmWpBuXS3rtUE.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Lekton:400,400italic,700
Origin: https://elite-hackers.com

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 9888
Date: Thu, 20 Sep 2018 21:30:36 GMT
Expires: Fri, 20 Sep 2019 21:30:36 GMT
Last-Modified: Tue, 10 Oct 2017 20:53:02 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1014295
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   9888
Md5:    f3611423fde85eaf588a3d8483676ec0
Sha1:   7dec2e11d1e462f33f1406e9a07d4979b5b703e6
Sha256: 7fa64d4747482f7502ddbfd76a862e54136f379c1e302361b768b942e8fb6b9a
                                        
                                            GET /r/collect?v=1&_v=j70&a=155017761&t=pageview&_s=1&dl=https%3A%2F%2Felite-hackers.com%2Ffiles%2Fsub7.exe&ul=en-us&de=UTF-8&dt=404%3A%20Page%20Not%20Found&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAEQ~&jid=507173660&gjid=339701963&cid=208773339.1538493331&tid=UA-4046771-1&_gid=2098011129.1538493331&_r=1&z=1411688746 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://elite-hackers.com/files/sub7.exe

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 02 Oct 2018 15:15:31 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015