| advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html | 192.185.168.217 | 200 OK | 286 B |
URL User Request GET HTTP/2advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html IP192.185.168.217:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerLet's Encrypt Subject*.advanceconcrete.net Fingerprint78:4A:FC:B7:EE:34:76:A4:E2:A2:EA:B4:A7:2F:4E:02:08:2A:F0:D8 ValidityWed, 20 Mar 2024 01:42:54 GMT - Tue, 18 Jun 2024 01:42:53 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash06b6c5e16ebb292511058e751a320472 b72f3cf9ee1cee63783b66b9bc5c77017fee846a 1ef3906f12aca98d4c31d37a4e7dfa505aef93aaa3bb4c0850b2d9df0dacebb6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /E-IN4V0815_Ref_STFXK76741Docx.html HTTP/1.1
Host: advanceconcrete.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 02 May 2024 19:27:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 286
content-type: text/html
date: Wed, 08 May 2024 19:19:39 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| advanceconcrete.net/cgi/basic.js | 192.185.168.217 | 200 OK | 10 kB |
URL GET HTTP/2advanceconcrete.net/cgi/basic.js IP192.185.168.217:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subject*.advanceconcrete.net Fingerprint78:4A:FC:B7:EE:34:76:A4:E2:A2:EA:B4:A7:2F:4E:02:08:2A:F0:D8 ValidityWed, 20 Mar 2024 01:42:54 GMT - Tue, 18 Jun 2024 01:42:53 GMT
File typeJavaScript source, ASCII text, with very long lines (22648), with CRLF line terminators Hashe15929c246480b504e112b3d33d9bbce 4f9d7507772b394f5a5a49f7e6993765177802d1 39f095a16dd138f4661a3e47cb528b5b146be41f0e1b0a6697539670c1556706
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /cgi/basic.js HTTP/1.1
Host: advanceconcrete.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 May 2024 19:26:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10281
content-type: application/javascript
date: Wed, 08 May 2024 19:19:39 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.1.1.min.js | 151.101.2.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.1.1.min.js IP151.101.2.137:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32030) Hashe071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 19:19:40 GMT
age: 20395381
x-served-by: cache-lga21947-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 118, 127211
x-timer: S1715195980.455923,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js | 104.17.25.14 | 200 OK | 6.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP104.17.25.14:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19015) Hash70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advanceconcrete.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 688054
expires: Mon, 28 Apr 2025 19:19:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXQFR80xod04cOZSM%2B%2BRX9a9UVTRvAaLO8gEg9IpltlWcSN0aNFE5Qwfv9nBc0hOzUgyPmKVJT580svyGtuE%2FIhT7lgxaAIm%2Feew2R19kVJud01lNEmf81TANrZSkYhCzcRLkgzu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880bcd7ddc67b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.slim.min.js | 151.101.2.137 | 200 OK | 24 kB |
URL GET HTTP/2code.jquery.com/jquery-3.2.1.slim.min.js IP151.101.2.137:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32012) Hash5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advanceconcrete.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 19:19:40 GMT
age: 478602
x-served-by: cache-lga21963-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 43, 38343
x-timer: S1715195980.467983,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP142.250.74.170:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:47 GMT
expires: Fri, 02 May 2025 23:24:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 503693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| icon-library.com/images/one-drive-icon/one-drive-icon-28.jpg | 172.67.68.224 | 200 OK | 15 kB |
URL GET HTTP/2icon-library.com/images/one-drive-icon/one-drive-icon-28.jpg IP172.67.68.224:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjecticon-library.com FingerprintA4:A9:B0:06:3C:55:29:F6:F4:F1:31:2C:16:EB:40:3D:5E:F1:B5:DD ValidityMon, 18 Mar 2024 13:36:58 GMT - Sun, 16 Jun 2024 13:36:57 GMT
File typePNG image data, 300 x 189, 8-bit/color RGBA, non-interlaced Hash038183a1bc5dc6bffad412edfe09c2e4 06594be36a2070c11bd57b8d8fee478d893b660d 047cd04c0bf47796870a485d672f90f6b4ec54203957cd520022b46130102a46
GET /images/one-drive-icon/one-drive-icon-28.jpg HTTP/1.1
Host: icon-library.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:40 GMT
content-type: image/jpeg
content-length: 14777
cf-bgj: h2pri
last-modified: Tue, 09 Jul 2019 06:32:45 GMT
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2cLi6kUmaKp%2BdhT4PBxC%2Fp4VdI3zNWp%2BgN1mfP%2FKrxJf4reYogLKOtbO6AWUqy40DH68cJ1eZhrM9DHWQnZWU7KiXysDxRjs%2B%2F5rb%2FEfDj7HyI6I2HLOJENiC5qDBJBJ8c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bcd7e28070afa-OSL
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 30 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65325) Hash450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advanceconcrete.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:40 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:51:41
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 517bc12580202253797c95a547799967
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880bcd7d89285684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.imgur.com/5sLeYjL.png | 151.101.244.193 | 302 Found | 0 B |
IP151.101.244.193:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerSectigo Limited Subject*.imgur.com Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42 ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5sLeYjL.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
retry-after: 0
location: https://i.imgur.com/removed.png
accept-ranges: bytes
age: 0
date: Wed, 08 May 2024 19:19:40 GMT
x-served-by: cache-iad-kcgs7200120-IAD, cache-hel1410025-HEL
x-cache: HIT, MISS
x-cache-hits: 0, 0
x-timer: S1715195981.799820,VS0,VE117
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
content-length: 0
X-Firefox-Spdy: h2
|
|
| kit.fontawesome.com/585b051251.js | 104.18.40.68 | 200 OK | 9.5 kB |
URL GET HTTP/2kit.fontawesome.com/585b051251.js IP104.18.40.68:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hashb48ccd2335c695b57e7b8b0e0f5824cb 281135cdc218d64fc156efec71227bf8e621e884 612c7d040668f95c068aaa00605169bf884d949bdcceaceadd8d07fb86f82d97
GET /585b051251.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advanceconcrete.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:40 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F82ZqCPszykuKNesKyhi
cf-cache-status: MISS
server: cloudflare
cf-ray: 880bcd7da83956cb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=SegeoUI&display=swap | 142.250.74.106 | 400 Bad Request | 7.9 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=SegeoUI&display=swap IP142.250.74.106:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hasheb016ba3e74fba158a2ff1af893270ca 23e4c444a004e169e4d692ca4175f3a4d430d354 ee6581ae789f74dc0ac2d7ec5083a783e4229541bf9063070744d22f436430c4
GET /css?family=SegeoUI&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 19:19:40 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP142.250.74.170:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:47 GMT
expires: Fri, 02 May 2025 23:24:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 503693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.imgur.com/removed.png | 151.101.244.193 | 200 OK | 503 B |
IP151.101.244.193:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerSectigo Limited Subject*.imgur.com Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42 ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File typePNG image data, 161 x 81, 1-bit colormap, non-interlaced Hashd835884373f4d6c8f24742ceabe74946 20002faf28adfd94ca98cf6ced46f14334b53684 9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
GET /removed.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 May 2014 05:44:36 GMT
etag: "d835884373f4d6c8f24742ceabe74946"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 08 May 2024 19:19:41 GMT
age: 5470741
x-served-by: cache-bwi5167-BWI, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 20966
x-timer: S1715195981.088911,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 503
X-Firefox-Spdy: h2
|
|
| bafkreihyvdhu6gjisoghs3rpgx4megynkegu4pyw4alo5a6r6idpr266cq.ipfs.nftstorage.link/ | 172.64.146.216 | 200 OK | 26 kB |
URL GET HTTP/2bafkreihyvdhu6gjisoghs3rpgx4megynkegu4pyw4alo5a6r6idpr266cq.ipfs.nftstorage.link/ IP172.64.146.216:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subjectnftstorage.link Fingerprint9B:66:BA:52:EF:53:AB:A1:89:67:FE:91:A2:0B:1C:23:C3:66:CB:19 ValiditySat, 13 Apr 2024 08:26:05 GMT - Fri, 12 Jul 2024 08:26:04 GMT
File typePNG image data, 253 x 218, 8-bit/color RGBA, non-interlaced Hashec9cbc1048239b3927ad0276fc983019 17c27c038644bdb141381b606c7c94a177c07326 f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: bafkreihyvdhu6gjisoghs3rpgx4megynkegu4pyw4alo5a6r6idpr266cq.ipfs.nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: image/png
content-length: 26456
cf-ray: 880bcd7f29e4b4ee-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: "bafkreihyvdhu6gjisoghs3rpgx4megynkegu4pyw4alo5a6r6idpr266cq"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=196
x-dotstorage-anchor: 0ac972454f6e04b756562ee1731f63a967a74b6ac67e35f061fa918ff9951f75
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.16.0
server: cloudflare
X-Firefox-Spdy: h2
|
|
| bafkreicxrgcgc4jkmoordg67rc3riwiz3tejk3d2e4os4sqqqszj5lthqu.ipfs.nftstorage.link/ | 172.64.146.216 | 200 OK | 771 B |
URL GET HTTP/2bafkreicxrgcgc4jkmoordg67rc3riwiz3tejk3d2e4os4sqqqszj5lthqu.ipfs.nftstorage.link/ IP172.64.146.216:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subjectnftstorage.link Fingerprint9B:66:BA:52:EF:53:AB:A1:89:67:FE:91:A2:0B:1C:23:C3:66:CB:19 ValiditySat, 13 Apr 2024 08:26:05 GMT - Fri, 12 Jul 2024 08:26:04 GMT
File typePNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced Hashc3fc46c5799c76f9107504028f39190f 519096ad3f03410cf9ce3c9b9fcca6b439d97b23 57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: bafkreicxrgcgc4jkmoordg67rc3riwiz3tejk3d2e4os4sqqqszj5lthqu.ipfs.nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: image/png
content-length: 771
cf-ray: 880bcd7e2f79b4ee-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: "bafkreicxrgcgc4jkmoordg67rc3riwiz3tejk3d2e4os4sqqqszj5lthqu"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=342
x-dotstorage-anchor: 74d28545c43e7947282ea44fb2b69ecbe1f6b6f1ca8e0155204678776073ab80
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.16.0
server: cloudflare
X-Firefox-Spdy: h2
|
|
| bafkreidr44uzhhqxl5fotu74yzc5nnzyt3budjd2qskq4bdrs4zr7xbc6e.ipfs.nftstorage.link/ | 172.64.146.216 | 200 OK | 18 kB |
URL GET HTTP/2bafkreidr44uzhhqxl5fotu74yzc5nnzyt3budjd2qskq4bdrs4zr7xbc6e.ipfs.nftstorage.link/ IP172.64.146.216:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subjectnftstorage.link Fingerprint9B:66:BA:52:EF:53:AB:A1:89:67:FE:91:A2:0B:1C:23:C3:66:CB:19 ValiditySat, 13 Apr 2024 08:26:05 GMT - Fri, 12 Jul 2024 08:26:04 GMT
File typePNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced Hasha5cdadd60382e9ae6228121542eb1c2a cec15f6470d0237569e931d7d11752b41ac5d8a3 71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: bafkreidr44uzhhqxl5fotu74yzc5nnzyt3budjd2qskq4bdrs4zr7xbc6e.ipfs.nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: image/png
content-length: 18147
cf-ray: 880bcd7f29dab4ee-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: "bafkreidr44uzhhqxl5fotu74yzc5nnzyt3budjd2qskq4bdrs4zr7xbc6e"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=469
x-dotstorage-anchor: 07af72e9fce3b8553b445b6c76df621a4da7e7dc4a15b54cb184fe4474025464
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.16.0
server: cloudflare
X-Firefox-Spdy: h2
|
|
| bafkreifk2jhnl43decleyuk3tce4wkkdxp4dbnahaomzvu4xn7hic5xfkq.ipfs.nftstorage.link/ | 172.64.146.216 | 200 OK | 18 kB |
URL GET HTTP/2bafkreifk2jhnl43decleyuk3tce4wkkdxp4dbnahaomzvu4xn7hic5xfkq.ipfs.nftstorage.link/ IP172.64.146.216:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subjectnftstorage.link Fingerprint9B:66:BA:52:EF:53:AB:A1:89:67:FE:91:A2:0B:1C:23:C3:66:CB:19 ValiditySat, 13 Apr 2024 08:26:05 GMT - Fri, 12 Jul 2024 08:26:04 GMT
File typePNG image data, 151 x 151, 8-bit/color RGBA, non-interlaced Hash4458cd0a6df7deabdff0b99bd5905ec9 45a8b436d07d7ed7973b87a1c393d6973afe6fb5 aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: bafkreifk2jhnl43decleyuk3tce4wkkdxp4dbnahaomzvu4xn7hic5xfkq.ipfs.nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: image/png
content-length: 17931
cf-ray: 880bcd7f29ecb4ee-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: "bafkreifk2jhnl43decleyuk3tce4wkkdxp4dbnahaomzvu4xn7hic5xfkq"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=490
x-dotstorage-anchor: 059f090883c2301819046f7c00b7d118fbaa465622c32a511c40c5f4390c6caf
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.16.0
server: cloudflare
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=SegeoUI&display=swap | 142.250.74.106 | 400 Bad Request | 180 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=SegeoUI&display=swap IP142.250.74.106:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Size180 kB (179616 bytes) Hash40027e880f4dc7c0d0a00f99796ce20b e0f89c5abe7523811b95628e501fb71721d1b9fd 2a20beca22f4ad7116bc2b51d8c3b47be7f76a6519f863085929cef9991f5cc8
GET /css?family=SegeoUI&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 19:19:40 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bafkreibo6bopl3uphffghgihpwi6ckxd5v7xemrtmmelzqcr73fhfuwxxa.ipfs.nftstorage.link/ | 172.64.146.216 | | 91 kB |
URL GET bafkreibo6bopl3uphffghgihpwi6ckxd5v7xemrtmmelzqcr73fhfuwxxa.ipfs.nftstorage.link/ IP172.64.146.216:0
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subjectnftstorage.link Fingerprint9B:66:BA:52:EF:53:AB:A1:89:67:FE:91:A2:0B:1C:23:C3:66:CB:19 ValiditySat, 13 Apr 2024 08:26:05 GMT - Fri, 12 Jul 2024 08:26:04 GMT
File typeMS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel Hash3ff3fae99693cae7293cdb92f0781d2d f1f8a0b4539d9bd819aa91aa57f11132968e16b3 2ef05cf5ee8f394a6399077d91e12ae3ed7f7232336308bcc051feca72d2d7b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: bafkreibo6bopl3uphffghgihpwi6ckxd5v7xemrtmmelzqcr73fhfuwxxa.ipfs.nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: image/x-icon
cf-ray: 880bcd7e294656cb-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreibo6bopl3uphffghgihpwi6ckxd5v7xemrtmmelzqcr73fhfuwxxa"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=862
x-dotstorage-anchor: 5a8d5cb739cee6fa0ad6389ff1c056c0628c49780a0e7e7497a7634e33d9cfba
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.16.0
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| advanceconcrete.net/cgi/jquery.js | 192.185.168.217 | 200 OK | 291 kB |
URL GET HTTP/2advanceconcrete.net/cgi/jquery.js IP192.185.168.217:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subject*.advanceconcrete.net Fingerprint78:4A:FC:B7:EE:34:76:A4:E2:A2:EA:B4:A7:2F:4E:02:08:2A:F0:D8 ValidityWed, 20 Mar 2024 01:42:54 GMT - Tue, 18 Jun 2024 01:42:53 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Size291 kB (290960 bytes) Hash24fa855a7678b1938f16235881e3e80b 67b6c9946134456d67c07765d230130d8679f8c6 f2a84bc4f4cb8ae04162f42f1f3ebed1e05725d9b5bf666b885356c7698a071f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /cgi/jquery.js HTTP/1.1
Host: advanceconcrete.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 02 May 2024 19:23:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 08 May 2024 19:19:39 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251 | 172.67.139.119 | 200 OK | 60 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251 IP172.67.139.119:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintB7:87:04:20:5C:0E:FA:B1:92:D1:3B:91:3F:39:7C:48:5C:CB:01:EA ValidityFri, 03 May 2024 11:08:04 GMT - Thu, 01 Aug 2024 11:08:03 GMT
File typeASCII text, with very long lines (60130) Hasha12ec7ebe75a4d59a5dd6b79e2ba2e16 28f5dcc595ee6d4163481ef64170180502c8629b fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://advanceconcrete.net/
Origin: https://advanceconcrete.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9X1SM1W6jdNcqVwzRqwgDrFsE_t0S7Z0m4F_VAmN3RRN3ADv-f16uQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGz7eYpbxmioSjWxMvu9heu7aahSh4f34jvYI8gPWH%2FpWdjWWEeD0KrHH0oPhtV1EStYvJf3d6SbVrY%2FQSBhPEOJFG%2Fyu%2FMmY6L%2B296eqRMoMeeAc6X%2Bb2P9O9fF%2BMBz2RLu8YSdaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bcd812aefb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 | 172.67.139.119 | 200 OK | 27 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 IP172.67.139.119:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintB7:87:04:20:5C:0E:FA:B1:92:D1:3B:91:3F:39:7C:48:5C:CB:01:EA ValidityFri, 03 May 2024 11:08:04 GMT - Thu, 01 Aug 2024 11:08:03 GMT
File typeASCII text, with very long lines (26500) Hash76f34b71fc9fb641507ff6a822cc07f5 73ed2f8f21cd40fb496e61306acbb5849d4dbff4 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://advanceconcrete.net/
Origin: https://advanceconcrete.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2-0ad-Wyr-wVPnVPS7VgHVAPi94NSfjOOIJpW4ePCaM5Dp2NhTBzrQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8sgQNYHNakukqswV7whth1ABwiIKs%2FMrNh1vKyEYEXGqGHAP4hSOs5OJcqSotzXpFFpOPcEdPwFNff5qJPo17NlI8napFiBVAghpq3wiHP0Ac7gzy5wWVDLMau79IV0nEqUOVJqcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bcd812afbb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| advanceconcrete.net/favicon.ico | 0.0.0.0 | | 0 B |
URL GET advanceconcrete.net/favicon.ico IP0.0.0.0:0
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subject*.advanceconcrete.net Fingerprint78:4A:FC:B7:EE:34:76:A4:E2:A2:EA:B4:A7:2F:4E:02:08:2A:F0:D8 ValidityWed, 20 Mar 2024 01:42:54 GMT - Tue, 18 Jun 2024 01:42:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /favicon.ico HTTP/1.1
Host: advanceconcrete.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| bafkreidltp6ockde5z54hk3a46lifxrkoapwjzmrsxszgdv3tiogpirej4.ipfs.nftstorage.link/ | 172.64.146.216 | 200 OK | 179 kB |
URL GET HTTP/2bafkreidltp6ockde5z54hk3a46lifxrkoapwjzmrsxszgdv3tiogpirej4.ipfs.nftstorage.link/ IP172.64.146.216:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerLet's Encrypt Subjectnftstorage.link Fingerprint9B:66:BA:52:EF:53:AB:A1:89:67:FE:91:A2:0B:1C:23:C3:66:CB:19 ValiditySat, 13 Apr 2024 08:26:05 GMT - Fri, 12 Jul 2024 08:26:04 GMT
File typePNG image data, 1999 x 1093, 8-bit colormap, non-interlaced Size179 kB (178845 bytes) Hash49e24f572401a88d22940723d25fb803 7cc9312c020f594ab640a012f0cbd363d7761301 6b9bfce12864ee7bc3ab60e79682de2a701f64e59195e5930ebb9a1c67a2244f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: bafkreidltp6ockde5z54hk3a46lifxrkoapwjzmrsxszgdv3tiogpirej4.ipfs.nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:41 GMT
content-type: image/png
content-length: 178845
cf-ray: 880bcd811d97b4ee-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: "bafkreidltp6ockde5z54hk3a46lifxrkoapwjzmrsxszgdv3tiogpirej4"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=856
x-dotstorage-anchor: 43de2eb21f65adcfb5f786b3a5e27a79d98bbb9b73849fc52eb2468e6e65870c
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.16.0
server: cloudflare
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 49 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP104.18.11.207:443
Requested byhttps://advanceconcrete.net/E-IN4V0815_Ref_STFXK76741Docx.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (48664) Hash14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advanceconcrete.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 19:19:40 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:46:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: abbc5f7a050c39bd7a04cbdd0f8bd015
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880bcd7dd9ac5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|