Report - cloud.comoserescritor.com/

Report Overview

Submitted URL
cloud.comoserescritor.com/
IP
173.249.49.28
ASN
#51167 Contabo GmbH
Submitted
2023-02-02 00:59:27
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.41.11.218
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	1.1 kB	19 kB	34.120.237.76
images.unsplash.com	4519	2015-08-06T08:03:25Z	2023-03-13T09:00:28Z	571 B	250 kB	151.101.246.208
cloud.comoserescritor.com	unknown	2020-09-21T10:29:53Z	2023-03-11T04:03:12Z	23 kB	1.1 MB	173.249.49.28
source.unsplash.com	74985	2017-01-30T07:51:41Z	2023-03-13T08:45:24Z	357 B	1.2 kB	54.91.59.199
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-02	medium	cloud.comoserescritor.com/	Malware
2023-02-02	medium	cloud.comoserescritor.com/	Malware
2023-02-02	medium	cloud.comoserescritor.com/index.php/js/core/merged-template-prepend.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/apps/files_pdfviewer/js/previewplugin.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/core/js/files/fileinfo.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/apps/side_menu/js/sideMenu.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/apps/files_sharing/js/dist/main.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/index.php/core/js/oc.js?v=720bb167	Malware
2023-02-02	medium	cloud.comoserescritor.com/core/js/dist/main.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/core/img/actions/toggle.svg	Malware
2023-02-02	medium	cloud.comoserescritor.com/core/img/actions/confirm-white.svg?v=2	Malware
2023-02-02	medium	cloud.comoserescritor.com/index.php/apps/side_menu/js/config	Malware
2023-02-02	medium	cloud.comoserescritor.com/core/search/js/searchprovider.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/index.php/apps/side_menu/js/script?v=1	Malware
2023-02-02	medium	cloud.comoserescritor.com/index.php/login	Malware
2023-02-02	medium	cloud.comoserescritor.com/apps/side_menu/css/sideMenu.css?v=839fff82-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/core/js/files/client.js?v=720bb167-45	Malware
2023-02-02	medium	cloud.comoserescritor.com/index.php/apps/theming/styles?v=45	Malware
2023-02-02	medium	cloud.comoserescritor.com/apps/files_pdfviewer/css/style.css?v=4fda350b-45	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	cloud.comoserescritor.com/core/js/dist/login.js?v=720bb167-45	801 kB	2023-03-07	2023-03-14
Pretty URL cloud.comoserescritor.com/core/js/dist/login.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-03-14 17:47:33 Times Seen1 Hash 71d58a4366ad4f3db647e48388823478 34b0d0c4e72263d4459837f67d073bc73c1dcd0b 8db074da3243fecbbc78128090964bcb86ae2dec5a25fe968232b6bf8d8815dd Loading...

	cloud.comoserescritor.com/index.php/js/core/merged-template-prepend.js?v=720bb167-45	11 kB	2023-03-07	2024-02-06
Pretty URL cloud.comoserescritor.com/index.php/js/core/merged-template-prepend.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:30 Last Seen2024-02-06 23:06:47 Times Seen98 Hash ac775911308be73e74431c4685ac2908 b36b05c33c4a3c82ffe407b576e11efeb80e861e b5b154671d65ca3538491cfe9a1a6dd25d614baf1a43bc8314d769fee97aa062 Loading...

	cloud.comoserescritor.com/apps/files_pdfviewer/js/previewplugin.js?v=720bb167-45	5.9 kB	2023-03-07	2024-01-02
Pretty URL cloud.comoserescritor.com/apps/files_pdfviewer/js/previewplugin.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2024-01-02 10:16:23 Times Seen5 Hash 1a118863e66c6e777e6b0211c565f8e0 4efef834a35c3bc7f2467c167f5b76541a6c4159 f79a1a1178494808e4c947351eafd8d81cb4abcf25c7c954a1f427f6d4a99a49 Loading...

	cloud.comoserescritor.com/apps/side_menu/js/sideMenu.js?v=720bb167-45	93 kB	2023-03-07	2023-03-14
Pretty URL cloud.comoserescritor.com/apps/side_menu/js/sideMenu.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-03-14 17:47:33 Times Seen1 Hash 85e6b2a4366accf04b16da903f6550ef 2b03092295076aed1b82ae78ca65304fcea8510a d3c2c71e766afa5077751e1dbc962848619c790c735d57edead1357cb934ac39 Loading...

	cloud.comoserescritor.com/index.php/core/js/oc.js?v=720bb167	8.1 kB	2023-03-13	2023-03-13
Pretty URL cloud.comoserescritor.com/index.php/core/js/oc.js?v=720bb167 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:34:46 Last Seen2023-03-13 14:34:46 Times Seen1 Hash 78abec45222b611834ae9485ee1a19c9 402c72de6e356d0a07adca253eccb14b53bc0374 9dc8c166297ad233fa002d5a6283551b84334358181ad436b90a7c560557ef75 Loading...

	cloud.comoserescritor.com/apps/files_sharing/js/dist/main.js?v=720bb167-45	1.2 kB	2023-03-07	2023-03-14
Pretty URL cloud.comoserescritor.com/apps/files_sharing/js/dist/main.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-03-14 17:47:33 Times Seen1 Hash 2dbfd2ffd10062fe330d0178ea4849ee ec93994176e134f185f490ca556a5b20e7741096 b9daaca24a0dae0026c721dcc7a4e04283cca8ed707b1065fdec4be65bf3c9ec Loading...

	cloud.comoserescritor.com/index.php/apps/theming/js/theming?v=45	264 B	2023-03-07	2023-03-14
Pretty URL cloud.comoserescritor.com/index.php/apps/theming/js/theming?v=45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-03-14 17:47:33 Times Seen1 Hash 390c2a12b5cea15b6c7f8ef072807bd4 72fd912bc79c399c1dd1f5cb04d90a561454a8e9 94b283061082199eb8daf9871ac9d40d39ae4b44a3402ba2e02bd3cf88f28e44 Loading...

	cloud.comoserescritor.com/index.php/apps/side_menu/js/script?v=1	3.1 kB	2023-03-07	2023-03-14
Pretty URL cloud.comoserescritor.com/index.php/apps/side_menu/js/script?v=1 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-03-14 17:47:33 Times Seen1 Hash ee54673e5de921f09e1c2e08d641bbbd e66bd8f39ce0c226d1b2acbc1b4ff8edcbd011a6 8fec60a2ddb3506da36c0ed64c48d55d5ce86c5abf666b683a4fa285d7208bf4 Loading...

	cloud.comoserescritor.com/apps/files_videoplayer/js/main.js?v=720bb167-45	6.4 kB	2023-03-07	2024-01-02
Pretty URL cloud.comoserescritor.com/apps/files_videoplayer/js/main.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2024-01-02 10:16:23 Times Seen5 Hash b246738288d7312e7bdc488b0db53510 4012c588fc5287c57f9e59e21fab8b2e79a5c67b c35812c5eb46f86383da4ddbeeaf04c58524355c0909eb2744896af0d1f63b5e Loading...

	cloud.comoserescritor.com/core/js/files/fileinfo.js?v=720bb167-45	2.1 kB	2023-03-07	2023-11-09
Pretty URL cloud.comoserescritor.com/core/js/files/fileinfo.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-11-09 06:23:30 Times Seen17 Hash d2dc6ddc0e4935122420c637cdd594b0 8577c5ad28f2727f54b80459886dc656ac5e51c4 92c2fe4f9fef817b19874899a44a550ddc7229172437b9a42d206f92cb900d34 Loading...

	cloud.comoserescritor.com/index.php/apps/accessibility/js/accessibility?v=0	85 B	2023-03-07	2024-01-02
Pretty URL cloud.comoserescritor.com/index.php/apps/accessibility/js/accessibility?v=0 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2024-01-02 10:16:23 Times Seen5 Hash 9088917f3583073aed42528468930740 2013892280cc26b894ec1e0df7c59e5f34f3b1b0 a3f9b71146af9d64606a2beb8996beb18e7d0a3108ab3468665f417f5ba5e15b Loading...

	cloud.comoserescritor.com/core/search/js/search.js?v=720bb167-45	5.6 kB	2023-03-07	2024-01-02
Pretty URL cloud.comoserescritor.com/core/search/js/search.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2024-01-02 10:16:23 Times Seen7 Hash 17f1c725ba8cc2104faf6c1b7ab66669 d5d23f497831f7f8a1d63a3c5c0f63398f446dc5 33d63768fe239b62cf2c3457b7aa55f1d135bb9943b50f17b66b273bc8290d83 Loading...

	cloud.comoserescritor.com/core/js/files/client.js?v=720bb167-45	24 kB	2023-03-07	2023-11-09
Pretty URL cloud.comoserescritor.com/core/js/files/client.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-11-09 06:23:30 Times Seen6 Hash f9c2b623e1e5743156564b76c70e78b2 1e4185210c5a4657163a78dba7387763270da6de 162b916b5265dcaab975e4a59af900b0e4576428e6f35617edf08500ca9a6992 Loading...

	cloud.comoserescritor.com/core/js/dist/main.js?v=720bb167-45	1.4 MB	2023-03-07	2023-11-09
Pretty URL cloud.comoserescritor.com/core/js/dist/main.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2023-11-09 06:23:30 Times Seen3 Hash 2e0a030a2b059292868d618d351e446e 764e7af67c0b9cf0b783aae339b103168f39349a 477ad0ce5f35ae0bf10c86e50ba2dc3f1758ffd4e794d0be38d8ee52e15c8a96 Loading...

	cloud.comoserescritor.com/core/search/js/searchprovider.js?v=720bb167-45	12 kB	2023-03-07	2024-01-02
Pretty URL cloud.comoserescritor.com/core/search/js/searchprovider.js?v=720bb167-45 IP 173.249.49.28 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:13 Last Seen2024-01-02 10:16:23 Times Seen4 Hash 391e6dfa3c76202f17776b4d545e5cd3 3c6e9c0b24da4269caa88387ea99e12521a94309 3f5e9fd69061bb055e196444eb578513f4c22c8f5623229d3be18432a093f0e6 Loading...

HTTP Transactions (52)

URL IP Response Size

cloud.comoserescritor.com/

173.249.49.28

301 Moved Permanently

162 B

URL HTTP/1.1
cloud.comoserescritor.com/
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 00:59:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://cloud.comoserescritor.com/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16701
Expires: Thu, 02 Feb 2023 05:37:36 GMT
Date: Thu, 02 Feb 2023 00:59:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15635
Expires: Thu, 02 Feb 2023 05:19:50 GMT
Date: Thu, 02 Feb 2023 00:59:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 00:36:02 GMT
content-type: application/json
age: 1393
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10832
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Thu, 02 Feb 2023 00:59:15 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MRfR1eR/0R6DKn7v8qA3Y2ODh3f/dmGnmJjLkg5S6SpWWTll4QmWPNFaiv1cX+mLZKDMCWn0VHo=
x-amz-request-id: BQGDY6J059CKNYBV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 00:22:52 GMT
age: 2183
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:15 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
61a9ab24b60bf1800647a5336d91cfc6
6b27a6e194a42679f7d2693d01aed09ed2def1d7
f7b0947476a517f42dff215b9b23cf56a8bd3040f5f25e3eecdd83119783e922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7B0947476A517F42DFF215B9B23CF56A8BD3040F5F25E3EECDD83119783E922"
Last-Modified: Thu, 02 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Thu, 02 Feb 2023 06:59:14 GMT
Date: Thu, 02 Feb 2023 00:59:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 00:49:05 GMT
age: 610
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cloud.comoserescritor.com/

173.249.49.28

302 Found

0 B

URL HTTP/2
cloud.comoserescritor.com/
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 00:59:15 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'nonce-MHlLSWo4RmY5WWZaMTRNNXBQOUxUNmNweVdMS2Q2OWVqUHYvbFFoclUvaz06dFJ2TjZZNXRuUDI5dStkM2w3Z2JKYzVxdmp1ek1Kc1N1TXlyOTJ3OEFkWT0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
set-cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; path=/; secure; HttpOnly; SameSite=Lax
oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; path=/; secure; HttpOnly; SameSite=Lax
__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
location: https://cloud.comoserescritor.com/index.php/login
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5558
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Thu, 02 Feb 2023 00:59:15 GMT
Connection: keep-alive

push.services.mozilla.com/

52.41.11.218

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.11.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FKfaPzNuQjWerznyt3/ZpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iN+0Xk9E1mneAE8ZWYP3v5nA/tA=

cloud.comoserescritor.com/images/aciisi.png

173.249.49.28

200 OK

26 kB

URL HTTP/2
cloud.comoserescritor.com/images/aciisi.png
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 320 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
26 kB (26411 bytes)
Hash
64bf5bc31b583ca7ea2f5cdb4a54340a
df95979c086fbb03675ced1a5d2ba5a094c1fd12
50257477bf0c1f7b0a5f0de79d425d0b0c7676d7515a39efe93339e106ef11ff

HTTP Headers

GET /images/aciisi.png HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: image/png
content-length: 26411
last-modified: Mon, 16 Nov 2020 18:15:23 GMT
etag: "5fb2c1bb-672b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cloud.comoserescritor.com/images/canarias_avanza.png

173.249.49.28

200 OK

22 kB

URL HTTP/2
cloud.comoserescritor.com/images/canarias_avanza.png
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 662 x 277, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22468 bytes)
Hash
635cce82e0bd2862cfd3e32b1ea0b008
f718bb2f696c2e14c0890f3db7f82c8b3f937509
e335c72d72242616e52040823498fd637254c28d76b85a8f181fad2af06d8ea1

HTTP Headers

GET /images/canarias_avanza.png HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: image/png
content-length: 22468
last-modified: Mon, 26 Oct 2020 13:45:25 GMT
etag: "5f96d2f5-57c4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cloud.comoserescritor.com/images/UE.jpg

173.249.49.28

200 OK

97 kB

URL HTTP/2
cloud.comoserescritor.com/images/UE.jpg
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2016:06:20 07:48:24], baseline, precision 8, 1446x1229, components 3\012- data
Size
97 kB (97448 bytes)
Hash
4d5ccbde49a9a28a5f6186e4b17716a4
05ede4e1bebc978356ce0b4353620bc3382fd28a
11e5261288419c8ef85db1c6a1472753ce13caefef61f352d86c8c562e1d6d06

HTTP Headers

GET /images/UE.jpg HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: image/jpeg
content-length: 97448
last-modified: Mon, 26 Oct 2020 13:45:25 GMT
etag: "5f96d2f5-17ca8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/js/core/merged-template-prepend.js?v=720bb167-45

173.249.49.28

200 OK

3.0 kB

URL HTTP/2
cloud.comoserescritor.com/index.php/js/core/merged-template-prepend.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text
Size
3.0 kB (2982 bytes)
Hash
962c8917efe5d8f105abe978188d4e22
7bde59e2f07daa92d0833d647a125b70bbbbb2c8
0ec3f44822e00b7373730aa45d6b93d70cef979de12a57c4136d32630bd2504b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.php/js/core/merged-template-prepend.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
content-length: 2982
cache-control: max-age=31536000, immutable
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
content-disposition: inline; filename="merged-template-prepend.js.gzip"
content-encoding: gzip
expires: Fri, 02 Feb 2024 00:59:16 +0000
pragma: cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Sep 2020 10:18:23 GMT
etag: "95924c798d1cc108c833cae4268f0574"
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/theming/image/logo?useSvg=1&v=45

173.249.49.28

200 OK

113 kB

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/theming/image/logo?useSvg=1&v=45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 580 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
113 kB (113231 bytes)
Hash
22b3964a4aa16958fcabaf9026191c00
e1a71ce9ead768461950d4e91b1b5d74053d3d4c
8770698182fedc7a84f41ab4673e79e795c57cfc86504ec356a29745614fe91b

HTTP Headers

GET /index.php/apps/theming/image/logo?useSvg=1&v=45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: image/png
content-length: 113231
cache-control: private, max-age=3600, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://source.unsplash.com https://images.unsplash.com;font-src 'self' data:;connect-src 'self' stun.nextcloud.com:443;media-src 'self';frame-src data:;child-src 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
content-disposition: attachment; filename="logo"
pragma: private
expires: Thu, 02 Feb 2023 01:59:16 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Sep 2020 10:20:29 GMT
etag: "3dde5af4caa2616af3147d1bfee55549"
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

cloud.comoserescritor.com/apps/files_pdfviewer/js/previewplugin.js?v=720bb167-45

173.249.49.28

200 OK

2.5 kB

URL HTTP/2
cloud.comoserescritor.com/apps/files_pdfviewer/js/previewplugin.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text
Size
2.5 kB (2500 bytes)
Hash
7ad3dc3094347caa0fd95fd52ee8d6da
41d45969d1647a0e6aca38e6dc7b262e8f990746
665178e098ba395e14a613fa7705093bac5af61142bec25e82fed2f833c6c059

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /apps/files_pdfviewer/js/previewplugin.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:57 GMT
cache-control: max-age=15778463
etag: W/"5f58bf85-1729"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/js/files/fileinfo.js?v=720bb167-45

173.249.49.28

200 OK

1.3 kB

URL HTTP/2
cloud.comoserescritor.com/core/js/files/fileinfo.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text
Size
1.3 kB (1294 bytes)
Hash
5116db21b557f9c4ca63daccaf5a1ea9
78d5eae105059fa6fd7c45aad32acaf74ef27aba
ecdf842b53cc28014c349ae5ddbd1a50b6f549ca2f4716ca28ba93d6123aeca4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /core/js/files/fileinfo.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:50 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7e-85e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/apps/side_menu/js/sideMenu.js?v=720bb167-45

173.249.49.28

200 OK

31 kB

URL HTTP/2
cloud.comoserescritor.com/apps/side_menu/js/sideMenu.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text, with very long lines (61983)
Size
31 kB (31150 bytes)
Hash
d1f29bab53573d77db790b84d47a03b8
a448d91132edd958d388fe9c9ae32adec8d1a163
7cae48d55734335e7bb281426917896a88f12fbfd317a8eb3c7b362f0016336b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /apps/side_menu/js/sideMenu.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 13:19:49 GMT
cache-control: max-age=15778463
etag: W/"5f96ccf5-169b3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6356
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 00:59:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6356
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 00:59:17 GMT
Connection: keep-alive

cloud.comoserescritor.com/apps/unsplash/css/login.css?v=a7145d35-45

173.249.49.28

200 OK

7.7 kB

URL HTTP/2
cloud.comoserescritor.com/apps/unsplash/css/login.css?v=a7145d35-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text
Size
7.7 kB (7656 bytes)
Hash
f42f8f25077632165a18ca405091cc74
d4d680b332f163c6dd721d237bec23763f75bf22
4faf7d5b60dcaaa276f5b99faf0f1bd3420f01e7f8ff13f35fcd2a268205cd66

HTTP Headers

GET /apps/unsplash/css/login.css?v=a7145d35-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: text/css
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Tue, 27 Oct 2020 08:26:10 GMT
etag: W/"1cc-5b2a2cc9a677f"
cache-control: max-age=15778463
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 9622
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cloud.comoserescritor.com/apps/files_sharing/js/dist/main.js?v=720bb167-45

173.249.49.28

200 OK

16 kB

URL HTTP/2
cloud.comoserescritor.com/apps/files_sharing/js/dist/main.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text, with very long lines (1145)
Size
16 kB (15607 bytes)
Hash
be340ad01749b77b04741606e3a010f5
596a481e78f4758d7ad713c412ef752fa6d007d5
473aa721ef92752d5934aef4182604727d02d59d84c7166e66ae4260ac64413c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /apps/files_sharing/js/dist/main.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:49 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7d-49a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/core/js/oc.js?v=720bb167

173.249.49.28

200 OK

12 kB

URL HTTP/2
cloud.comoserescritor.com/index.php/core/js/oc.js?v=720bb167
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text, with very long lines (3407)
Size
12 kB (12251 bytes)
Hash
57bc6d00a694958708587f20bc6f7f3a
96fad423788a9dd5d6721c46422181c2c967c52f
657712de3c3eb300cdf97acaa62d1ee7a2d7feed66669316aebbf46850a6629d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.php/core/js/oc.js?v=720bb167 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
content-disposition: inline; filename=""
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/js/dist/main.js?v=720bb167-45

173.249.49.28

200 OK

385 kB

URL HTTP/2
cloud.comoserescritor.com/core/js/dist/main.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
385 kB (384954 bytes)
Hash
e62b24f10e3ffb774f9549f448a95493
79f779eae6de9602f4551d62663e40bf1de95d89
63f5f9d8b8dd2139d0fdfe2a11bdf80a3b02b00ea45e7e2a17a596513980fb9d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /core/js/dist/main.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:50 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7e-1551b4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/search/js/search.js?v=720bb167-45

173.249.49.28

200 OK

12 kB

URL HTTP/2
cloud.comoserescritor.com/core/search/js/search.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
Unicode text, UTF-8 text
Size
12 kB (12259 bytes)
Hash
84eecb6d18f08c22c71e6c3aa653050a
437d163eae93b9110d01139e04a521a74cdbbd39
01f01b8672b0674a46f793e7d9dc13782a3398f85ae9a082f5bee580b8c8450a

HTTP Headers

GET /core/search/js/search.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:50 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7e-15b8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/img/loading-dark.gif

173.249.49.28

200 OK

4.7 kB

URL HTTP/2
cloud.comoserescritor.com/core/img/loading-dark.gif
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.7 kB (4683 bytes)
Hash
7446c22d8ed8b7b4641adc5dc30f39d2
1ccb798de57db7a5d8996c3eac5ffc3c6b0c5147
93b795ec06aebf7141dbfb46cf6fa51fb964d2a5c0646303eb135b38d007a0a9

HTTP Headers

GET /core/img/loading-dark.gif HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: image/gif
content-length: 4683
last-modified: Wed, 09 Sep 2020 11:41:49 GMT
cache-control: max-age=15778463
etag: "5f58bf7d-124b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/img/actions/toggle.svg

173.249.49.28

200 OK

308 B

URL HTTP/2
cloud.comoserescritor.com/core/img/actions/toggle.svg
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (307)
Size
308 B (308 bytes)
Hash
d4dfeb8d8847da5d714a6a1c537a70e4
23e8f1d322347c4a0f690f005c4efb14accbf888
f93b7b94742bc8efa1b9c5bceae34be32a053af36727972ed3f7cd0fecb339b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /core/img/actions/toggle.svg HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: image/svg+xml
content-length: 308
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 09 Sep 2020 11:41:49 GMT
etag: "134-5aedfefe11940"
accept-ranges: bytes
cache-control: max-age=15778463
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/img/actions/confirm-white.svg?v=2

173.249.49.28

200 OK

405 B

URL HTTP/2
cloud.comoserescritor.com/core/img/actions/confirm-white.svg?v=2
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (404)
Size
405 B (405 bytes)
Hash
e06eff833cd2ee48a2f293b6f832e744
e3dbc308964e6bd10e0c8bd3e835436092a6cbcc
b8219e8f0ef3404d35b41a25f4c090df62e95a12cbc5f6452edc89ac3d3fed80

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /core/img/actions/confirm-white.svg?v=2 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloud.comoserescritor.com/core/css/guest.css?v=720bb167-45
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: image/svg+xml
content-length: 405
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 09 Sep 2020 11:41:49 GMT
etag: "195-5aedfefe11940"
accept-ranges: bytes
cache-control: max-age=15778463
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/theming/image/logo?v=45

173.249.49.28

200 OK

113 kB

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/theming/image/logo?v=45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 580 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
113 kB (113231 bytes)
Hash
22b3964a4aa16958fcabaf9026191c00
e1a71ce9ead768461950d4e91b1b5d74053d3d4c
8770698182fedc7a84f41ab4673e79e795c57cfc86504ec356a29745614fe91b

HTTP Headers

GET /index.php/apps/theming/image/logo?v=45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: image/png
content-length: 113231
cache-control: private, max-age=3600, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://source.unsplash.com https://images.unsplash.com;font-src 'self' data:;connect-src 'self' stun.nextcloud.com:443;media-src 'self';frame-src data:;child-src 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
content-disposition: attachment; filename="logo"
pragma: private
expires: Thu, 02 Feb 2023 01:59:17 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Sep 2020 10:20:29 GMT
etag: "3dde5af4caa2616af3147d1bfee55549"
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e129aca4b87df02f31e2723f5dfdeaa4
3422ac59f9747c4d1d09011629d4387ec956f371
b661388ae5dbcea650d40afe35fb17e7398f309267de5a6512ede2fdb7b96455

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B661388AE5DBCEA650D40AFE35FB17E7398F309267DE5A6512EDE2FDB7B96455"
Last-Modified: Mon, 30 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11639
Expires: Thu, 02 Feb 2023 04:13:16 GMT
Date: Thu, 02 Feb 2023 00:59:17 GMT
Connection: keep-alive

source.unsplash.com/featured/?nature

54.91.59.199

302 Found

364 B

URL HTTP/1.1
source.unsplash.com/featured/?nature
IP
54.91.59.199:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document, ASCII text, with very long lines (364), with no line terminators
Size
364 B (364 bytes)
Hash
9ed844cc056fa17e89daa11dd99e7457
92fad9e0b3d140cdc4d97847f950784eef9f30e8
b7c7ebdd897ccd7ec1f71fbc164c138035498e9e2b1680abdb82f6e84e9557f6

HTTP Headers

GET /featured/?nature HTTP/1.1
Host: source.unsplash.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: Cowboy
Date: Thu, 02 Feb 2023 00:59:17 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Location: https://images.unsplash.com/photo-1505028106030-e07ea1bd80c3?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHx8bmF0dXJlfHx8fHx8MTY3NTI5OTU1Nw&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1080
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
X-Request-Id: 97e09a58-8673-45d9-986d-3b2ec94d2c4f
X-Runtime: 0.076170
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Transfer-Encoding: chunked
Via: 1.1 vegur

images.unsplash.com/photo-1505028106030-e07ea1bd80c3?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHx8bmF0dXJlfHx8fHx8MTY3NTI5OTU1Nw&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1080

151.101.246.208

200 OK

249 kB

URL HTTP/2
images.unsplash.com/photo-1505028106030-e07ea1bd80c3?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHx8bmF0dXJlfHx8fHx8MTY3NTI5OTU1Nw&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1080
IP
151.101.246.208:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x872, components 3\012- data
Size
249 kB (248973 bytes)
Hash
d9ab32b37d615caef1cf664823e96233
c7bf1fda6273878339847a35217959c5b6532eba
fe39e24dae877389e051cfe980cee5aace35b00b475cae797e19de89008d94b6

HTTP Headers

GET /photo-1505028106030-e07ea1bd80c3?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHx8bmF0dXJlfHx8fHx8MTY3NTI5OTU1Nw&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1080 HTTP/1.1
Host: images.unsplash.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 14:29:54 GMT
cache-control: public, max-age=315360000
server: imgix
x-imgix-id: 419d725e85e5195c5f869749eb13f405b20e0bf9
x-imgix-render-farm: 01.1104
x-imgix-original-status: 200
date: Thu, 02 Feb 2023 00:59:18 GMT
age: 7468163
accept-ranges: bytes
set-cookie: ugid=6461806687ff9dd048a40b6b7dfa094e5584331;domain=.unsplash.com;path=/;expires=Fri, 02 Feb 2024 00:59:18 GMT;SameSite=None;Secure
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10045-SJC, cache-hel1410031-HEL
x-cache: HIT, HIT
content-length: 248973
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/side_menu/js/config

173.249.49.28

200 OK

90 kB

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/side_menu/js/config
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
JSON data\012- , ASCII text, with very long lines (333), with no line terminators
Size
90 kB (90206 bytes)
Hash
e71e81c934b796d880c560f9ff3e3e1e
57bf1abf2d0c94105ada3e5c4820661035fbc08a
db3a99983d28b5bc50c9e9089e753f951f6616b1607f8a970ec2a4696387f380

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.php/apps/side_menu/js/config HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:18 GMT
content-type: application/json; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/theming/icon?v=45

173.249.49.28

200 OK

106 kB

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/theming/icon?v=45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
106 kB (106047 bytes)
Hash
9faa5ef63465a8fef86edecab1fd3d95
bf1946fc523df7f63062b6ba648107cbbb609206
23a631fbadd579c5c774b7ff09b841cad8fe78f8bef3edb270553539018b62da

HTTP Headers

GET /index.php/apps/theming/icon?v=45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:18 GMT
content-type: image/png
content-length: 106047
cache-control: private, max-age=86400, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
content-disposition: inline; filename="touchIcon-core"
pragma: private
expires: Fri, 03 Feb 2023 00:59:18 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 07:58:24 GMT
etag: "985976a1cf377702dac6139a70390e29"
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11367 bytes)
Hash
395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 9253
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/theming_customcss/styles?v=1603721640455

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/theming_customcss/styles?v=1603721640455
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.php/apps/theming_customcss/styles?v=1603721640455 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
content-disposition: inline; filename=""
pragma: cache
expires: Fri, 03 Feb 2023 00:59:17 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/search/js/searchprovider.js?v=720bb167-45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/core/search/js/searchprovider.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /core/search/js/searchprovider.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:50 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7e-309c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/side_menu/js/script?v=1

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/side_menu/js/script?v=1
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.php/apps/side_menu/js/script?v=1 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://source.unsplash.com https://images.unsplash.com;font-src 'self' data:;connect-src 'self' stun.nextcloud.com:443;media-src 'self';frame-src data:;child-src 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
feature-policy: autoplay 'self';camera 'self';fullscreen 'self';geolocation 'none';microphone 'self';payment 'none'
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/login

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/index.php/login
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.php/login HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://source.unsplash.com https://images.unsplash.com;font-src 'self' data:;connect-src 'self' stun.nextcloud.com:443;media-src 'self';frame-src data:;child-src 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
feature-policy: autoplay 'self';camera 'self';fullscreen 'self';geolocation 'none';microphone 'self';payment 'none'
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/apps/side_menu/css/sideMenu.css?v=839fff82-45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/apps/side_menu/css/sideMenu.css?v=839fff82-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /apps/side_menu/css/sideMenu.css?v=839fff82-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: text/css
last-modified: Mon, 26 Oct 2020 13:19:49 GMT
cache-control: max-age=15778463
etag: W/"5f96ccf5-18c4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/js/files/client.js?v=720bb167-45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/core/js/files/client.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /core/js/files/client.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:50 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7e-5d46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/side_menu/css/stylesheet?v=1

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/side_menu/css/stylesheet?v=1
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.php/apps/side_menu/css/stylesheet?v=1 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://source.unsplash.com https://images.unsplash.com;font-src 'self' data:;connect-src 'self' stun.nextcloud.com:443;media-src 'self';frame-src data:;child-src 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
feature-policy: autoplay 'self';camera 'self';fullscreen 'self';geolocation 'none';microphone 'self';payment 'none'
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/css/guest.css?v=720bb167-45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/core/css/guest.css?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /core/css/guest.css?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: text/css
last-modified: Wed, 09 Sep 2020 11:41:49 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7d-51d5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/theming/js/theming?v=45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/theming/js/theming?v=45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.php/apps/theming/js/theming?v=45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600, must-revalidate
content-disposition: attachment; filename="javascript"
pragma: private
expires: Thu, 02 Feb 2023 01:59:17 +0000
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/apps/files_videoplayer/js/main.js?v=720bb167-45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/apps/files_videoplayer/js/main.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apps/files_videoplayer/js/main.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:58 GMT
cache-control: max-age=15778463
etag: W/"5f58bf86-18ce"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/accessibility/js/accessibility?v=0

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/accessibility/js/accessibility?v=0
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.php/apps/accessibility/js/accessibility?v=0 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600, must-revalidate
content-disposition: attachment; filename="javascript"
pragma: private
expires: Thu, 02 Feb 2023 01:59:17 +0000
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/index.php/apps/theming/styles?v=45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/index.php/apps/theming/styles?v=45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.php/apps/theming/styles?v=45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:17 GMT
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
content-disposition: inline; filename="e8ed-1418-theming.css"
pragma: private
expires: Fri, 03 Feb 2023 00:59:17 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Oct 2020 14:13:54 GMT
etag: W/"8920d627a59e3a5372e5a8457c47d360"
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/core/js/dist/login.js?v=720bb167-45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/core/js/dist/login.js?v=720bb167-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /core/js/dist/login.js?v=720bb167-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Sep 2020 11:41:49 GMT
cache-control: max-age=15778463
etag: W/"5f58bf7d-c38b8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cloud.comoserescritor.com/apps/files_pdfviewer/css/style.css?v=4fda350b-45

173.249.49.28

200 OK

0 B

URL HTTP/2
cloud.comoserescritor.com/apps/files_pdfviewer/css/style.css?v=4fda350b-45
IP
173.249.49.28:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /apps/files_pdfviewer/css/style.css?v=4fda350b-45 HTTP/1.1
Host: cloud.comoserescritor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc1xwt9x0bbt=jfn0apuftc55t01ucdibki4o98; oc_sessionPassphrase=9OUI7%2FU%2BdnTteV4dxyplmn0vcP3LdKUu9LHYBBW%2BkqTnCnOct71kObeK2UShuRwVj34W%2BvZ1dk07P1xk3iArAEX9PvbSnbaMiKk7UiycNKwsF0x2m6Ywkgbe2ofMhvOW; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 00:59:16 GMT
content-type: text/css
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 09 Sep 2020 11:41:57 GMT
etag: W/"15a-5aedff05b2b40"
cache-control: max-age=15778463
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML