| dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 | 172.67.218.5 | 403 Forbidden | 167 B |
URL User Request GET HTTP/3dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 IP172.67.218.5:443
CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 17 Apr 2024 14:36:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 17 Apr 2024 15:36:26 GMT
Location: https://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bbmlf37VkTnjWBcyIAw1UQHx%2Fy7LBNK31wovXwt1y3F7m4DazKuOAPsAHhQ895%2F2B2v58pCJViW3wltmxrCVvW%2FVhl%2BpHNVcn5T%2FIZizf5s3CI4u8IrFfRKAyLJLtmXiQaA97AO%2FfBJeYMs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 875d25b77e1c92f1-CPH
alt-svc: h2=":443"; ma=60
|
|
| dropoptionfilestorage.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.38.19 | 302 Found | 0 B |
URL GET HTTP/3dropoptionfilestorage.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.38.19:443
Requested byhttps://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; 1of9Nj2p3_bGGmNOD7mNvcMM22c=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 17 Apr 2024 14:36:26 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAMtkXXqer0Rl6pB1%2FU4V1wiwFQkl8%2Fp7%2F%2BcVbwZOzgnMEfR3tO3MH1l9XUdf%2FNGHkyGN9p2JjsOqQxt4ioS8tXJC%2FUEObRHr4D%2F9bVNi6K0J7E0h8gXjlqJwoY%2B5mY7Ptr07X0qUQt0Jn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875d25ba7da88f59-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dropoptionfilestorage.nl/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js | 104.21.38.19 | 200 OK | 14 kB |
URL GET HTTP/3dropoptionfilestorage.nl/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js IP104.21.38.19:443
Requested byhttps://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
File typeJavaScript source, ASCII text, with very long lines (7765), with no line terminators Hasha3d4d4a8b549b60bdf3cf22167d7f83f cbca6be2004fdec958f3ab2f494387dade552219 e9c8bea4729506474183d2da6b362647737e666595da93953eb864a049f63b4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; 1of9Nj2p3_bGGmNOD7mNvcMM22c=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 17 Apr 2024 14:36:26 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOIK0Gw2jopxbAfm5CJ3Jig%2BU%2B5HCcLLwGmCINjOBG7pVy0VPtyS341gnIUFEudui4Ur7wWCEtWaL8vYS7TmhQ6Oe7z1DiqUZiq95YYMg5Ry8z3yxXKMF4gwdRLufLuWDtUtOQ%2BFPK%2BAHkg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875d25babe408f59-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 | 104.21.38.19 | 403 Forbidden | 15 kB |
URL User Request GET HTTP/3dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 IP104.21.38.19:443
CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
File typeHTML document, ASCII text, with very long lines (7194) Hash1d8193053fbf0e1cf9ac081fdde0e5ab d355713faabcda5765289e58a1846329bd6aa77f 8116db2564765f0a388edc48577ff0d73cb58d625d63252642d9817504a3c3ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 503 Service Unavailable
date: Wed, 17 Apr 2024 14:36:25 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
set-cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Fy6dVOJHb81w1cCUjI36j7s%2F2joHyRDH%2BiQxQTUd1D%2FhYeFyo5z2FYYaaVQMpdJ5emRH%2FheFLNm3Ptmn0HKBteAJSIQX1tS%2B9QOJVwY33kl19rl69EoyinhZORUdHocRqoiBcij6drEhTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875d25b3b9788f59-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 | 104.21.38.19 | 403 Forbidden | 20 kB |
URL User Request GET HTTP/3dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 IP104.21.38.19:443
CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
File typeHTML document, ASCII text, with very long lines (17977) Hashb2dba35452698f9578b86a2b926c0d67 b107c9d74571b1161fe525abdfca6e54e83fdf27 b6201292d987efadd424005c929ba3373f18d56839f821bfcb75af6b062f0e04
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 503 Service Unavailable
date: Wed, 17 Apr 2024 14:36:26 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
set-cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; path=/; expires=Thu, 18-Apr-24 14:36:14 GMT; Max-Age=86400;
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50WAvuREahgr7KGc168q06eMxr%2BNGLI6eApxlYvM1ykHOiYaUhgS%2FBnJLAh%2B5Vdvy4anjPtYy%2BHOvf1UVI%2BiYoQKx5aXtWneQ%2BFHVsMif%2BvLWPRcIv58o09SpBiX0kCAS9flvFAuuDQK3P0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875d25b7e9018f59-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dropoptionfilestorage.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.38.19 | 302 Found | 0 B |
URL GET HTTP/3dropoptionfilestorage.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.38.19:443
Requested byhttps://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; 1of9Nj2p3_bGGmNOD7mNvcMM22c=lkLPZiL_UVgRTxwDers97UXe5XU; Na29JMVJucGi6iEtm6u0jG7vdDk=xGvcNAUiktZj2YWAIWEVXrdZ9fc; Yjb7nPs6fauvM9xtubUpxPWH7g8=1713364586; AJDc22tnRfITVMbA8iG8VukoRtY=1713450986; mny_kGDNUXTddrsVvVXr6jBeKM8=NmJPhZtGpwig4y8fPkRM31-DerU; JmLGxBkt48wap2i3hGTwMicul2E=pGsBSnNhhoimZ6LJFW54dIsIYRQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 14:36:27 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtjVu0fcaI%2FQVp8EGkePq92KP3Pm9LBSc4oggyFsJc%2BEYF7GZ8GHj5nsiTdXjNXu19JgrOCeWCBvpBsBkP%2BLmqTN%2BOzyFNYa1N6oFAa1P1rfJs6ZTfmy%2B%2BcpdYUEO2LxYsxj8ysnA%2Bce8xk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875d25bf5a1d92c1-CPH
alt-svc: h3=":443"; ma=86400
|
|
| dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 | 104.21.38.19 | 403 Forbidden | 10 kB |
URL User Request GET HTTP/3dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 IP104.21.38.19:443
CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
File typeHTML document, ASCII text, with very long lines (1125), with CRLF line terminators Hash5155bf4d9f3127effe94a744e63f81d1 c8bda1defdc7fb56aa62f26ecdd0dd1f7a4c561b 2644b43bae3b46f6f8766c7764c6fa86d395639e4ef3d78fee4f9b7b25fe444d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; 1of9Nj2p3_bGGmNOD7mNvcMM22c=lkLPZiL_UVgRTxwDers97UXe5XU; Na29JMVJucGi6iEtm6u0jG7vdDk=xGvcNAUiktZj2YWAIWEVXrdZ9fc; Yjb7nPs6fauvM9xtubUpxPWH7g8=1713364586; AJDc22tnRfITVMbA8iG8VukoRtY=1713450986; mny_kGDNUXTddrsVvVXr6jBeKM8=NmJPhZtGpwig4y8fPkRM31-DerU; JmLGxBkt48wap2i3hGTwMicul2E=pGsBSnNhhoimZ6LJFW54dIsIYRQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Wed, 17 Apr 2024 14:36:27 GMT
content-type: text/html
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqdrv%2BBMK743b%2FPKx0C2FWFZdiTccN6U1YjHlGCeSfSMO4w6PLR7RCc1g%2FtivSQ0XEiW7QG8f9oMFdFx%2Fo7k0dAqDvzlVM43wVEFgAY%2FofCpFBUN2Mwj174%2BB%2F4lf92tTeecnmd7fzKoOPQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875d25bc5c5492c1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dropoptionfilestorage.nl/favicon.ico | 104.21.38.19 | 403 Forbidden | 8.0 kB |
URL GET HTTP/3dropoptionfilestorage.nl/favicon.ico IP104.21.38.19:443
Requested byhttps://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4b074b0b59693fa9f94fb71b175fb187 0004d4f82b546013424b2e0de084395071eef98b 25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; 1of9Nj2p3_bGGmNOD7mNvcMM22c=lkLPZiL_UVgRTxwDers97UXe5XU; Na29JMVJucGi6iEtm6u0jG7vdDk=xGvcNAUiktZj2YWAIWEVXrdZ9fc; Yjb7nPs6fauvM9xtubUpxPWH7g8=1713364586; AJDc22tnRfITVMbA8iG8VukoRtY=1713450986; mny_kGDNUXTddrsVvVXr6jBeKM8=NmJPhZtGpwig4y8fPkRM31-DerU; JmLGxBkt48wap2i3hGTwMicul2E=pGsBSnNhhoimZ6LJFW54dIsIYRQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Wed, 17 Apr 2024 14:36:27 GMT
content-type: text/html
vary: Accept-Encoding
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
pragma: public
cf-cache-status: HIT
age: 455824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sbdOExgN%2FHBuRikEcxzrKsUDu4X7TctLawxErK4n0aaSO8QKBamehhsnxfjb92FYfD0leX50kTjT3fpWnL4sv%2Fc%2FDX7y%2BZey0IR39sVW%2Bud1BYr796nLwyG7rrd4OX1c7Q8SlJe3XF0jGdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875d25bf49f592c1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hash52a1e40d3746c76b0167007994950370 6c5838f16f22c0778bc428242b26ca65bf64683c 5ca94e7f36b9452fe67eeaf4a9898c2003278f9f9151c572b2cc6178afff781a
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 14:36:44 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=g-FYk4KFPx9MfaN0M2blsoZHR-xV8f37zp5mtOJYHD89SIyX4kSz5nar9yLy1gFmEfcDcwwdavJDjn6enTgMXt2_-kH3OiOziVAqcI3w1OAI2nnbhF1gFYF1cHWFMJgH
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dropoptionfilestorage.nl/cdn-cgi/challenge-platform/h/g/jsd/r/875d25bc5c5492c1 | 104.21.38.19 | 200 OK | 0 B |
URL POST HTTP/3dropoptionfilestorage.nl/cdn-cgi/challenge-platform/h/g/jsd/r/875d25bc5c5492c1 IP104.21.38.19:443
Requested byhttps://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353 CertificateIssuerGoogle Trust Services LLC Subjectdropoptionfilestorage.nl FingerprintCE:D1:AC:74:00:54:8D:7E:F9:FF:4D:E7:3D:D6:6B:FD:ED:50:11:D2 ValidityMon, 08 Apr 2024 22:27:40 GMT - Sun, 07 Jul 2024 22:27:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/jsd/r/875d25bc5c5492c1 HTTP/1.1
Host: dropoptionfilestorage.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12306
Origin: https://dropoptionfilestorage.nl
DNT: 1
Connection: keep-alive
Referer: https://dropoptionfilestorage.nl/Test/6827287428478472842749248294829482/49333948394333894343843935985303/3738394839583359839583593880353
Cookie: Jlhhp0fLqTaN5zjnWfFEPNLaiUY=geM2LgNvuX36WsvpeAdwPbqwxR4; 1KtDi8EHDVEphyEk-5rzgZAATBs=1713364574; 3WUfJSMHHaVBibqaCmu2WZOWlOs=1713450974; 0TQYiQlWDny9bqQ_k7zlMIyZxI4=daVhZQ6UKlYH6QD9_y2qDPLgEw0; 1of9Nj2p3_bGGmNOD7mNvcMM22c=lkLPZiL_UVgRTxwDers97UXe5XU; Na29JMVJucGi6iEtm6u0jG7vdDk=xGvcNAUiktZj2YWAIWEVXrdZ9fc; Yjb7nPs6fauvM9xtubUpxPWH7g8=1713364586; AJDc22tnRfITVMbA8iG8VukoRtY=1713450986; mny_kGDNUXTddrsVvVXr6jBeKM8=NmJPhZtGpwig4y8fPkRM31-DerU; JmLGxBkt48wap2i3hGTwMicul2E=pGsBSnNhhoimZ6LJFW54dIsIYRQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 14:36:27 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=zwNZcpqWJ62B9rPdQ3O9vBEw5TzT2hfK2JlOxqPCqLs-1713364587-1.0.1.1-uBo8mhCNdVKrwtrBScr5ubttXl9IagWntrHmmltGWgJnisuuTqW1f39cDEiD9pAaSW2mWoCbUMfxXDln.Sz_2w; path=/; expires=Thu, 17-Apr-25 14:36:27 GMT; domain=.dropoptionfilestorage.nl; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GSGiH5bGVBFwTg83kMJRFOOs37kPCxmKT2B52x8SM0ATQzo51DPFHPMycHJTZxwiSXAJ4PURO4P%2BHdjZl7smFpg5pYm%2F7Dl%2BPwAn%2F4f6ySyzSUVR%2FeK%2B5t9YEK%2FCttGythJpNMVy7sEb28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875d25c08c5192c1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|