Report - filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked

Report Overview

Submitted URL
filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-04-13 15:21:39
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
shredvealdone.com	unknown	2023-04-02	2023-04-13	2.7 kB	7.7 kB	192.243.61.225
client.relay.crisp.chat	17983	2017-07-02	2023-04-12	572 B	439 B	64.227.36.222
www.googletagmanager.com	75	2013-05-22	2023-04-12	413 B	84 kB	142.250.74.168
client.crisp.chat	19483	2017-07-02	2023-04-12	2.9 kB	479 kB	104.18.29.91
ocsp.pki.goog	175	2018-07-01	2023-04-12	1.7 kB	3.5 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10	2023-04-12	973 B	15 kB	142.250.74.106
fonts.gstatic.com	unknown	2014-09-09	2023-04-12	1.0 kB	64 kB	216.58.207.227
ocsp.r2m01.amazontrust.com	unknown	2022-10-12	2023-04-12	340 B	1.0 kB	54.230.80.227
simplewebanalysis.com	unknown	2022-02-25	2023-04-13	418 B	419 B	3.65.16.149
cdn.cloudimagesb.com	23099	2021-02-12	2023-04-12	435 B	145 kB	45.133.44.10
filerice.com	unknown	2022-12-22	2023-04-10	9.8 kB	532 kB	188.114.96.1
cdnjs.cloudflare.com	235	2015-04-17	2023-04-12	430 B	7.7 kB	104.17.25.14
www.effectivecreativeformat.com	unknown	2022-12-26	2023-04-12	441 B	28 kB	173.233.137.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-04-13	medium	shredvealdone.com
2023-04-13	medium	shredvealdone.com

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	unknown	3.7 kB	2023-04-13	2023-04-13
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-13 17:21:40 Last Seen2023-04-13 17:21:40 Times Seen1 Hash dbcd8131df9b232c2922a27cfc099438 b3a701c18ee3fcd32f4f0495ef496528dddc7bf7 2133e9e08a0a976d734e20c0c66343ad5b7676324b25966e02954100b07ca132 Loading...

	filerice.com/xfst_theme2/js/bootstrap.min.js	58 kB	2023-03-07	2024-07-27
Pretty URL filerice.com/xfst_theme2/js/bootstrap.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-07-27 00:22:12 Times Seen22684 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar	286 B	2023-03-08	2024-07-19
Pretty URL filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:15:30 Last Seen2024-07-19 14:05:13 Times Seen337 Hash a10faca4ada9bbdcb1b350c8d4fdbceb acb8f3cfe394c96d40e8bc0a300ab889811849b9 cd39142e37a1c495b80ad9e423875277b29731e29a0538ce4c256e4b36eb9910 Loading...

	filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar	853 B	2023-03-07	2024-07-19
Pretty URL filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:43:32 Last Seen2024-07-19 14:05:13 Times Seen316 Hash 971ccce1cb82f9abada60a82500d22d6 79952a68530d1833179499a4dd44bca7437e1afb 0863118d0e302374e73b965a0c757374322b4edbe07b5dafd7f109b048bdc3b0 Loading...

	filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar	162 B	2023-04-13	2023-04-14
Pretty URL filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 17:21:40 Last Seen2023-04-14 10:04:39 Times Seen2 Hash 3ef993c223665b4edaf2150954323868 b08547095df5c8b240963dc2305ae350611f2141 299b36107e48a34cb157930009293ef5c07ff11194c6cb50c6d259eb30125e2a Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js	21 kB	2023-03-07	2024-07-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:27 Last Seen2024-07-26 19:31:49 Times Seen18952 Hash 56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Loading...

	client.crisp.chat/static/javascripts/locales/en.js?d2149b0	6.9 kB	2023-04-05	2023-05-11
Pretty URL client.crisp.chat/static/javascripts/locales/en.js?d2149b0 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:59:44 Last Seen2023-05-11 15:03:09 Times Seen88 Hash 09cc65bfdb7e2196121bf110d5f95f2d 1eb0bbd2d72f3cab8f36bd6858b713566999227b 4bfe2d3efa9466fb6d1a4cd49de984d6bc5c379f43a8494dfa90c863f88828a0 Loading...

	unknown	192 B	2023-04-05	2023-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 02:06:06 Last Seen2023-04-18 14:56:42 Times Seen8 Hash 4fddcbccad22fde445b9e566e98adb9c ad767772dd9548f49cfa0dd600c0a0b180b8b931 e0a6fe1de07f0ac527bab270d5e5524e20b8d8749cc14e891ba13c7c138f9f38 Loading...

	filerice.com/xfst_theme2/js/jquery.paging.js	19 kB	2023-03-07	2024-07-26
Pretty URL filerice.com/xfst_theme2/js/jquery.paging.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-07-26 21:34:31 Times Seen3641 Hash d7a2c1c7af2a004a6d68e1e55b1cfb46 7fd6daa7076c30381880519ad06ef5639b19ee28 c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6 Loading...

	filerice.com/xfst_theme2/js/jquery.cookie.js	3.1 kB	2023-03-07	2024-07-26
Pretty URL filerice.com/xfst_theme2/js/jquery.cookie.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-07-26 21:34:31 Times Seen2985 Hash ff14e4812b7f512e620b1ad35542bcfc c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Loading...

	www.googletagmanager.com/gtag/js?id=G-VV9SZWVMLV	248 kB	2023-04-13	2023-04-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-VV9SZWVMLV IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-13 17:21:40 Last Seen2023-04-13 17:21:40 Times Seen2 Hash 9db19982e64fd22b08312c2803583a11 bc2ef19e3a17023a7c4001fdd4d2e9e32f2d4632 30c6229dc9104e4cf6d8570bc24c29dc90b9f2931101c29e9690c92f8a36447b Loading...

	www.effectivecreativeformat.com/5f947266993f4ddb65cbb89e3d68f892/invoke.js	27 kB	2023-04-11	2023-04-19
Pretty URL www.effectivecreativeformat.com/5f947266993f4ddb65cbb89e3d68f892/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 05:40:42 Last Seen2023-04-19 18:46:27 Times Seen57 Hash 701f5e9dd5eabaaa2569384b94857e6c e271c9640fad0db9f9de5ac8f5bf84e4f6c09c29 0540635f1e298fa47c6015dbb759676f0d1e7689edd5cedf1bc6b841321c67f0 Loading...

	filerice.com/xfst_theme2/js/clipboard.min.js	11 kB	2023-04-05	2024-07-24
Pretty URL filerice.com/xfst_theme2/js/clipboard.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2024-07-24 17:28:41 Times Seen601 Hash 4b072870705218b33df5dea9bf90b187 c8437e774649ff1754d289aacbec00933d5cb806 122cab37fc0d2b18e47e05c9ea3d71b35be2eab34ce2ebd7e90ac1602a527ff6 Loading...

	client.crisp.chat/static/javascripts/client.js?d2149b0	411 kB	2023-04-05	2023-05-11
Pretty URL client.crisp.chat/static/javascripts/client.js?d2149b0 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 11:06:23 Last Seen2023-05-11 15:03:09 Times Seen125 Hash ed3501b05f72489828df85c4e7312918 46c27eac4dea6384838aa50543b06d0609b78c78 9b42874ae84e98c2fe7770c32473b44f7cbf51de1d88ad9b50e7e17632d258b2 Loading...

	client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1680939934780	1.6 kB	2023-04-13	2023-04-13
Pretty URL client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1680939934780 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-13 17:21:40 Last Seen2023-04-13 18:33:28 Times Seen2 Hash baa6ec5035f020a8cd1d9a56a48ca96e f089d8dc24d4c80f4d35334be77b13bc79ef3142 35f68e2d50ad153c8c212b4f8352e23f6c231d52daebbb1521f281fbaafa872b Loading...

	unknown	145 B	2023-03-29	2023-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:33 Last Seen2023-04-18 14:56:42 Times Seen11 Hash 459b8900c8b86fe6c60f7f6611326f91 e48fbe9d8218f5dfe48e30339159b35f902441be 62e6fb57228ccb8fe713fc61d78f3f2505d188560f2763a858052ec1c792929a Loading...

	filerice.com/xfst_theme2/js/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-07-27
Pretty URL filerice.com/xfst_theme2/js/jquery-1.9.1.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-07-27 01:42:21 Times Seen27297 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar	363 B	2023-03-25	2023-04-18
Pretty URL filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-25 23:42:22 Last Seen2023-04-18 14:56:42 Times Seen17 Hash 7987519a8715600570cecb8761cb77e8 4a552243673784817425d72462de4ec25a2cc858 d7029d2baf2ed2db1861baa9bd45b2dd239d57dfa1ec7befed582f3723adc211 Loading...

	filerice.com/xfst_theme2/js/main.js	452 B	2023-03-14	2024-05-28
Pretty URL filerice.com/xfst_theme2/js/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 16:01:08 Last Seen2024-05-28 19:21:50 Times Seen80 Hash 8d974c71479f5f5b0adfa133759d980c d1fb84f70d7bca3370edb547002770623757e398 ab3e274429894863ed5e790c206b2124f2d62c0e691522e0b9e2e9c0640d18d0 Loading...

	filerice.com/xfst_theme2/js/script.js	521 B	2023-04-05	2023-05-23
Pretty URL filerice.com/xfst_theme2/js/script.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:59:44 Last Seen2023-05-23 09:35:50 Times Seen39 Hash defdb2bd5f890ac5d74702d2c8cb1711 9ef501956d4985d0132c49d1a88324624f6f27c2 4b2fb4c1fd5221852bd00b105a4e150deaf1f602dd9d03023365e727cf1ab3a7 Loading...

	client.crisp.chat/l.js	8.4 kB	2023-04-05	2023-05-11
Pretty URL client.crisp.chat/l.js IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:47:46 Last Seen2023-05-11 15:03:09 Times Seen119 Hash 1ee3f3604fff7585a3c8531ef5b03632 a54968ae079389d1dca67460dfdab3bd5860f852 99607131ec05f0f953aad264fc55c203e31e2919f850c225120e7dd02ffa1c48 Loading...

	client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-3-13-15-22	212 B	2023-04-12	2023-04-18
Pretty URL client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-3-13-15-22 IP 104.18.29.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-12 17:51:53 Last Seen2023-04-18 14:56:42 Times Seen8 Hash 1c6022c702984db82d80a69a42f14360 bd46a86de8cbb801cecad01610fdfd67dcf1e06b 70f5e4e5a888c75592bae448216e44c7eb7afe00bd79ca22ec3d8616fbe81e2c Loading...

	filerice.com/xfst_theme2/js/paging.js	1.8 kB	2023-03-07	2024-07-24
Pretty URL filerice.com/xfst_theme2/js/paging.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:35 Last Seen2024-07-24 18:55:53 Times Seen817 Hash 3686c6282d9c94c620e42508fb5d0e18 97c9a31b1f7946d5f3ba6a5047c95cf38456fa64 e1d4f21db649ec5795e70cb72e59fdec97af300c64b5d8abbc67f00688eb0ecd Loading...

	filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar	234 B	2023-03-14	2023-05-23
Pretty URL filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 16:01:08 Last Seen2023-05-23 09:35:50 Times Seen39 Hash dd772d484db37d8825ce5c6554b0bfa9 512f2b3fa92392a4ca7444518d26581063b265d5 7dd99af2ced7fd8e5ab75fec1ad88b1243561385b14e401d11e17eaf6196f68e Loading...

		Size	First Seen	Last Seen
	#1 Eval - bfe2b2b44ac828c3cd081c9fbfcb0723	2.1 kB	2023-04-13	2023-04-13
Pretty Observations First Seen2023-04-13 17:21:40 Last Seen2023-04-13 17:21:40 Times Seen1 Hash bfe2b2b44ac828c3cd081c9fbfcb0723 bbe91cbbc3b205d186ed554226716ecfff7fd4ce 980c797f86d32fe8a7cb264388236378267a00b54f26a1217d4b9ebc60eee025 Loading...

		Size	First Seen	Last Seen
	#1 Write - 71474f3ef12537e92ce1312cea2e0db5	129 B	2023-03-25	2023-04-18
Pretty Observations First Seen2023-03-25 23:42:22 Last Seen2023-04-18 14:56:42 Times Seen18 Hash 71474f3ef12537e92ce1312cea2e0db5 525da06fdcc5bf236f16670b109d7af749536c0c 6c7b26ddf306ae794722d0a922c9fe03436c42b26609b4b77f5e1126168eeca2 Loading...

HTTP Transactions (39)

URL IP Response Size

filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar

188.114.96.1

200 OK

0 B

URL User Request GET HTTP/2
filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 13 Apr 2023 15:21:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 13 Apr 2023 16:21:23 GMT
Location: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFw9hRNlPCRhTWieMQDH0QbVQJHmphhf7ZR1SvkrBL9JJekCNiXVmGnKsfOokfBmf1ficRzg%2Bx4CPxtgznVqtqFOnd61jkvs5I0srSu1ncqchU7m0LZURd1kuoobJ14%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b74b2d46f8fb50f-OSL
alt-svc: h2=":443"; ma=60

filerice.com/xfst_theme2/img/logo.png

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
filerice.com/xfst_theme2/img/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
PNG image data, 169 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1429 bytes)
Hash
0e8583813d1e63acecfd5efbd9fdc41a
ffecb93b48d7d1ae7d46d6483f6e3aa918e1d433
ab3204267a65aa6ea380253f12c75f3a1042b18e89701fa3532bd9054743c846

HTTP Headers

GET /xfst_theme2/img/logo.png HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: image/png
content-length: 1429
last-modified: Mon, 26 Dec 2022 09:17:32 GMT
etag: "595-5f0b79ae6fc30"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3HXL6dIekz4QfOS8N%2F8kHjxFHeNmtNOE09Dr1PmZInLztq1d4i8qRxmD0inyMbVpQO40UwiSL3UsRAD%2FcznOX2DL9JVSk2x9AHIoEFUMVwLOJEzWA1pyM2A%2B1jX%2FOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2db0ef1b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

104.17.25.14

200 OK

6.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (20831)
Size
6.6 kB (6646 bytes)
Hash
368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102

HTTP Headers

GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 13 Apr 2023 15:21:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 677335
expires: Tue, 02 Apr 2024 15:21:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEhEI2MzsBl0XP5IQFl3gw14HT8VQ3JpohVmX4G4CsO6e1UZdARWk1LlAmCJO8ob8OMrUgzO3BZw8%2FA%2BB%2FtnIfwDsK4uxqqg4ZcsuQrOi2Zhj%2FJjw4crOftlmqPkfZAL3ArBqHqi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b74b2db4d4ab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

filerice.com/xfst_theme2/js/jquery-1.9.1.min.js

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
filerice.com/xfst_theme2/js/jquery-1.9.1.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
ASCII text, with very long lines (32089)
Size
34 kB (34011 bytes)
Hash
32dc1d320f411ea220c8e1da4e768cb4
8e7849be74083b090de768e3979256dc6e389326
55338c21d0e3a049ad2d2aa620ac40a52f2d8bf99133f3242cc5e6a52b86a7e9

HTTP Headers

GET /xfst_theme2/js/jquery-1.9.1.min.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:51:53 GMT
etag: W/"169d5-5f0925dd07f22"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abZIsUdQ2b5Q98M1sf42ejJVkvrYXzALdBQeAQeaigkCi46%2F1QOBv0f0ZDBH5xlwymSkm39BBM3pXqA%2BgPBjqMrzNWCoQbeBV3E%2BNSYRTVvI6tvsAnwJMJDvZYR3v2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2dafed6b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

filerice.com/xfst_theme2/js/jquery.cookie.js

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
filerice.com/xfst_theme2/js/jquery.cookie.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
ASCII text
Size
1.8 kB (1804 bytes)
Hash
1a79bc7cb78c2aa8d5f8c58704417cf2
62e877ab636f66b1a2ce68406bd73982b49ae110
2993c493c256ef49dc093670b976489edd381d8e12cda6ec0afe4e1c8b46eea9

HTTP Headers

GET /xfst_theme2/js/jquery.cookie.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:51:54 GMT
etag: W/"c31-5f0925de54364"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoQob05xYiQ%2FAyX%2FpCDNN%2FBqJFR9k3zSJqBzm2cCuTZM48sSGZ1%2BWooTCGjF%2Bhz9f9sdh5vaWh%2FQ7m0STdok6fRQ%2FK346uURfmu3Uvz%2FnK01siV99%2B5jiHslRp%2BK2v0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2dafeddb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

filerice.com/xfst_theme2/js/script.js

188.114.97.1

200 OK

690 B

URL GET HTTP/3
filerice.com/xfst_theme2/js/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
ASCII text
Size
690 B (690 bytes)
Hash
06b8427b0c36acef9ae8039b6cbdff9e
199c25d48992764e4b2c06309d47283cac558e13
4058954478eea16d275ac40c7caa2f0555b81eb24eefb9feb4899f6895e0bba9

HTTP Headers

GET /xfst_theme2/js/script.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 08:00:10 GMT
etag: W/"209-5f87e1085b124"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMsED4dXz9EIiHo0yuiPWaJAf1z0PxKkPfXBBLavWLO37uJHFHG98A%2Bm5KEI1cbdMgyX8uWzaKJKbtx5x0cyyJifspfhxI%2FMui1VS4gqwWCoo5N9m2SABNcOvFyZvKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2db1f01b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-VV9SZWVMLV

142.250.74.168

200 OK

84 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-VV9SZWVMLV
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT

File type
ASCII text, with very long lines (30260)
Size
84 kB (83939 bytes)
Hash
190b5caa82dddb0aecbbf159fb881295
5ea69d95d7f277b154e1a0d14df919c383e4537e
9030acdf7c3fe6898311cd1e4c8ea440071de91ee2964622754ee4e775b470f7

HTTP Headers

GET /gtag/js?id=G-VV9SZWVMLV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 13 Apr 2023 15:21:25 GMT
expires: Thu, 13 Apr 2023 15:21:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81375129214a57d2dc6793c1f3ac675a
d123df1cd6676e813a0dc11b5226616449ba6ef1
c08b4485550568c320579d60318c5b1fea9220df17e490418a561b541f6f2441

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 15:21:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT

File type
data
Size
1.2 kB (1184 bytes)
Hash
57187156d180b31e2bab8a6a61cc14fe
587e462745cf0554c1bee67e68017679cd913e11
64ebe34707de804f64ae1beb9aed81a53bd1bfc18e1465fd4183f127f498b406

HTTP Headers

GET /css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 13 Apr 2023 15:21:25 GMT
date: Thu, 13 Apr 2023 15:21:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

filerice.com/xfst_theme2/fa/webfonts/fa-duotone-900.woff2

188.114.97.1

200 OK

166 kB

URL GET HTTP/3
filerice.com/xfst_theme2/fa/webfonts/fa-duotone-900.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
Web Open Font Format (Version 2), TrueType, length 165712, version 330.15859\012- data
Size
166 kB (165712 bytes)
Hash
76b9d9788f37e68cc80dbe9349de7c65
6b3ede5185b085cc696be94d6ff7d1a389a225ae
3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae

HTTP Headers

GET /xfst_theme2/fa/webfonts/fa-duotone-900.woff2 HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/xfst_theme2/css/style.min.css
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:25 GMT
content-length: 165712
last-modified: Sat, 24 Dec 2022 12:52:13 GMT
etag: "28750-5f0925f015bd5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyx%2FHTpluo052Dnh%2B8EPIBrSnJ7JPQLd6ZA5WqcU%2BaDLfTLhU7lpTivM53d%2FQYcEK6ohAc0qPoCJG449m2he%2BoOsDDZW%2Bbr5arFKxT10qSsI3mky%2BReKN9si8uLG6as%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2dd199cb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0643034ab43fe83d85a590124af08587
920ae732b3a3b1a95081451dcf91ab9e85e35155
ef609fa9ecb60a2afac7fc0e6cff8e68182a1b78a0066541df5cb2b0b038c910

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 15:21:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0643034ab43fe83d85a590124af08587
920ae732b3a3b1a95081451dcf91ab9e85e35155
ef609fa9ecb60a2afac7fc0e6cff8e68182a1b78a0066541df5cb2b0b038c910

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 15:21:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0643034ab43fe83d85a590124af08587
920ae732b3a3b1a95081451dcf91ab9e85e35155
ef609fa9ecb60a2afac7fc0e6cff8e68182a1b78a0066541df5cb2b0b038c910

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 15:21:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

filerice.com/xfst_theme2/js/clipboard.min.js

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
filerice.com/xfst_theme2/js/clipboard.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
Unicode text, UTF-8 text, with very long lines (10809)
Size
34 kB (34396 bytes)
Hash
eccd3eea2385017844a984d3710e3fd2
6f6e7c1c2337d8aff9688feced29e8b5580d742b
110ac2ab0667b38e23f87b3422d5050728f34de25d20969b376936b8ecf142f7

HTTP Headers

GET /xfst_theme2/js/clipboard.min.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:51:51 GMT
etag: W/"2aa5-5f0925dace233"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3xxDEAAIxfy8S9XFs93CMi5zFkGlDWfdagc%2Fjd5c9Z02R3ZYVSTzbNy3bNczzL0OwCUutO%2B0TEBYSlcAD8beOi9aJTe6xUhu%2FMNfhq5WxVww7WjK5C8iB%2FGtcO4KYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2db1ef8b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://filerice.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 14:29:42 GMT
expires: Thu, 11 Apr 2024 14:29:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 89503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://filerice.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 14:29:42 GMT
expires: Thu, 11 Apr 2024 14:29:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 89503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0643034ab43fe83d85a590124af08587
920ae732b3a3b1a95081451dcf91ab9e85e35155
ef609fa9ecb60a2afac7fc0e6cff8e68182a1b78a0066541df5cb2b0b038c910

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 15:21:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

filerice.com/xfst_theme2/css/style.min.css

188.114.97.1

200 OK

46 kB

URL GET HTTP/3
filerice.com/xfst_theme2/css/style.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
assembler source, ASCII text, with very long lines (61504)
Size
46 kB (45607 bytes)
Hash
204886a82fc501be0f1819ebc56fcf99
7329f09984ab3c81bf97583f5e95b66af989013a
65a11db222604a2f747fdb93ac06b7ad8fb818ef82d4cb5ae8a8173479988b09

HTTP Headers

GET /xfst_theme2/css/style.min.css HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: text/css
last-modified: Fri, 03 Mar 2023 04:38:20 GMT
etag: W/"2e7cc-5f5f783c4e700"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ecGzy1LobByXhDUT2o6FhAseuiWNfZv6ZAtfmBxU5xRVdyqztIa1bBSUmSGuBjLMb2lD4xCEmJ9AU0Q%2B19RsOCwXKzvQLQN2HsbxNnne9A1m9f5kJY%2Bcg3rAsIs%2BAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2db0ee9b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
204c06c67dab4319a44c8cc8181ef9cd
27498168e88a4b5a1748a4f1ff6dee5ece836121
24d2af52d40fd8bf71c94b0258e442b56b89f5f907af22dfee22932df500fd1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97123
Date: Thu, 13 Apr 2023 15:21:26 GMT
Etag: "6436dcc8-1d7"
Expires: Fri, 14 Apr 2023 18:20:09 GMT
Last-Modified: Wed, 12 Apr 2023 16:31:04 GMT
Server: ECAcc (nya/78E9)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bvXw-9j7iGn1cRDt6U3B9sMl8XUPaQegpOTioNUCJU4yARBfhSw0Nw==
Age: 6545

simplewebanalysis.com/stats

3.65.16.149

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
3.65.16.149:443
ASN
#16509 AMAZON-02

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
6972d65a1ec9e47705ca8ed151aad427
bbfa7319df2cd2bcc48f56e2fc24046c5473030f
e368c43e4cf7b476876a24c29ef60c49272fcec359955aef0bbef53098c07ecf

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filerice.com
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://filerice.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=48d1202f-2d4d-461e-b9ee-46452a8c761a:1:1; expires=Sun, 10 Apr 2033 15:21:26 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

filerice.com/android-icon-192x192.png

188.114.97.1

200 OK

1.5 kB

URL GET HTTP/3
filerice.com/android-icon-192x192.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
PNG image data, 192 x 192, 8-bit grayscale, non-interlaced\012- data
Size
1.5 kB (1515 bytes)
Hash
e78f48261878796d473380899a95440a
8f042a70f7212fb61d61e1335c83a3714776c728
8c8779fdbb36867206d11e055030cbece5d72fc132a6a88970bd558e0a7b6706

HTTP Headers

GET /android-icon-192x192.png HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ; _ga_VV9SZWVMLV=GS1.1.1681399336.1.0.1681399336.0.0.0; _ga=GA1.1.1869641290.1681399336; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: image/png
content-length: 1515
last-modified: Tue, 27 Dec 2022 02:18:45 GMT
etag: "5eb-5f0c5df0dcb40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1227
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vdhrgK7Vw3O2qAG0%2Bbuxk5H7upxpyVaOOYxTqDCjYG%2B0mPr1HWsDhY%2B3nbx0zW%2F3MzmyWKIZd9jpxPSJDYmFv9NIrDjQxnDOk64sY6%2Fa0wmoUzI5c65OoBhDOALnb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2e3fba5b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

client.crisp.chat/static/stylesheets/client_default.css?d2149b0

104.18.29.91

200 OK

48 kB

URL GET HTTP/3
client.crisp.chat/static/stylesheets/client_default.css?d2149b0
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65436)
Size
48 kB (47708 bytes)
Hash
8d81dd674e4a00bc31deb6ae29aaabea
8522128a353f5870ed6e280e699d070ca54e76b2
eada2d04fe9f97afa7c10e3dff1604a004cb1ca348a300a6c3f509c64b8e9bbd

HTTP Headers

GET /static/stylesheets/client_default.css?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: client.crisp.chat
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: text/css
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"642ad5e4-56afb"
expires: Sun, 10 Apr 2033 15:21:26 GMT
last-modified: Mon, 03 Apr 2023 13:34:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6317
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b74b2e1bf57b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

192.243.61.225

307 Temporary Redirect

0 B

URL GET HTTP/1.1
shredvealdone.com/watch.81076404037.js?key=5f947266993f4ddb65cbb89e3d68f892&kw=%5B%22download%22%2C%22349431%22%2C%22uncen%22%2C%22leaked%22%2C%22snis%22%2C%22636%22%2C%22part2%22%2C%22rar%22%5D&refer=https%3A%2F%2Ffilerice.com%2Fh86qbgp6yuf6%2F349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar&tz=0&dev=e&res=12.2079&uuid=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerLet's Encrypt
Subject*.shredvealdone.com
Fingerprint45:2B:81:6A:29:8B:1A:10:56:D7:19:A9:11:A6:35:8F:F6:08:C5:DB
ValiditySun, 02 Apr 2023 04:13:46 GMT - Sat, 01 Jul 2023 04:13:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.81076404037.js?key=5f947266993f4ddb65cbb89e3d68f892&kw=%5B%22download%22%2C%22349431%22%2C%22uncen%22%2C%22leaked%22%2C%22snis%22%2C%22636%22%2C%22part2%22%2C%22rar%22%5D&refer=https%3A%2F%2Ffilerice.com%2Fh86qbgp6yuf6%2F349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar&tz=0&dev=e&res=12.2079&uuid=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1 HTTP/1.1
Host: shredvealdone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filerice.com
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 13 Apr 2023 15:21:26 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://filerice.com
Access-Control-Allow-Origin: https://filerice.com
Access-Control-Allow-Credentials: true
Location: https://shredvealdone.com/watch.81076404037.js?key=5f947266993f4ddb65cbb89e3d68f892&kw=%5B%22download%22%2C%22349431%22%2C%22uncen%22%2C%22leaked%22%2C%22snis%22%2C%22636%22%2C%22part2%22%2C%22rar%22%5D&refer=https%3A%2F%2Ffilerice.com%2Fh86qbgp6yuf6%2F349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar&tz=0&dev=e&res=12.2079&uuid=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1&shu=39baaf4cc22d160c8d192c8673ee22e713e23b89f9bf702717bf51f19e4061c44a9095b4cfd5b981086b3e3a1ac9e8ff1d5db38a61ba8fbc9de0c2974c82b353e7702b21c4418f59e2d36a334313b48f8c01ad5c9a0215769cda044b70&pst=1681399346&rmtc=t
Set-Cookie: u_pl=18310778; expires=Fri, 14 Apr 2023 15:21:26 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODMxMDc3OCwiayI6IjVmOTQ3MjY2OTkzZjRkZGI2NWNiYjg5ZTNkNjhmODkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjExMTU5LCJwaWQiOjY4MDA1MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2U5enB4cyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZmlsZXJpY2UuY29tL2g4NnFiZ3A2eXVmNi8zNDk0MzFfM3hwbGFuZXRfVW5jZW4tbGVha2VkX1NOSVMtNjM2LnBhcnQyLnJhciJ9fQ.l4P1CKHJRqjYGJjRDMSxd3SAgVbCP06tco-AZE6JYOw; expires=Thu, 13 Apr 2023 15:22:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 215c303fbb7d0704572d807b35550ccf
Strict-Transport-Security: max-age=0; includeSubdomains

client.crisp.chat/static/javascripts/locales/en.js?d2149b0

104.18.29.91

200 OK

5.0 kB

URL GET HTTP/3
client.crisp.chat/static/javascripts/locales/en.js?d2149b0
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (6814)
Size
5.0 kB (4979 bytes)
Hash
dc2394672469bd840397725b8d327ede
1f073a6d5450c643568d4889d37300cf182b3050
705e8affac56b08c3661ce5d211c38bf871f3f4f570b2f62f6d31c5ec459a7ee

HTTP Headers

GET /static/javascripts/locales/en.js?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: client.crisp.chat
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"62a737a2-1afc"
expires: Sun, 10 Apr 2033 15:21:26 GMT
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6300
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b74b2e69e2db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png

45.133.44.10

200 OK

145 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
145 kB (145012 bytes)
Hash
620dee7dda3ab0a55fef5e66735e48e1
c03458e7950bed758e4352ec7a78bb434a3164b1
8552142726040854ba6a1d57037aa513e8cb424e3e5b96f017fb742f7c9255c3

HTTP Headers

GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 13 Apr 2023 15:21:27 GMT
content-type: image/png
content-length: 145012
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Sat, 15 Apr 2023 15:21:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

shredvealdone.com/watch.81076404037.js?key=5f947266993f4ddb65cbb89e3d68f892&kw=%5B%22download%22%2C%22349431%22%2C%22uncen%22%2C%22leaked%22%2C%22snis%22%2C%22636%22%2C%22part2%22%2C%22rar%22%5D&refer=https%3A%2F%2Ffilerice.com%2Fh86qbgp6yuf6%2F349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar&tz=0&dev=e&res=12.2079&uuid=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1&shu=39baaf4cc22d160c8d192c8673ee22e713e23b89f9bf702717bf51f19e4061c44a9095b4cfd5b981086b3e3a1ac9e8ff1d5db38a61ba8fbc9de0c2974c82b353e7702b21c4418f59e2d36a334313b48f8c01ad5c9a0215769cda044b70&pst=1681399346&rmtc=t

192.243.61.225

200 OK

4.0 kB

URL GET HTTP/1.1
shredvealdone.com/watch.81076404037.js?key=5f947266993f4ddb65cbb89e3d68f892&kw=%5B%22download%22%2C%22349431%22%2C%22uncen%22%2C%22leaked%22%2C%22snis%22%2C%22636%22%2C%22part2%22%2C%22rar%22%5D&refer=https%3A%2F%2Ffilerice.com%2Fh86qbgp6yuf6%2F349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar&tz=0&dev=e&res=12.2079&uuid=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1&shu=39baaf4cc22d160c8d192c8673ee22e713e23b89f9bf702717bf51f19e4061c44a9095b4cfd5b981086b3e3a1ac9e8ff1d5db38a61ba8fbc9de0c2974c82b353e7702b21c4418f59e2d36a334313b48f8c01ad5c9a0215769cda044b70&pst=1681399346&rmtc=t
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerLet's Encrypt
Subject*.shredvealdone.com
Fingerprint45:2B:81:6A:29:8B:1A:10:56:D7:19:A9:11:A6:35:8F:F6:08:C5:DB
ValiditySun, 02 Apr 2023 04:13:46 GMT - Sat, 01 Jul 2023 04:13:45 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (4012), with no line terminators
Size
4.0 kB (3984 bytes)
Hash
ceaa0838a4e2a673a56056f1d90da6dd
7fda1d2edc65f9832293db081858b549348f19ad
896629077dabc7d7bdda7ad66fd355c3b9ccfa9446abfe68a460db7a0a527456

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.81076404037.js?key=5f947266993f4ddb65cbb89e3d68f892&kw=%5B%22download%22%2C%22349431%22%2C%22uncen%22%2C%22leaked%22%2C%22snis%22%2C%22636%22%2C%22part2%22%2C%22rar%22%5D&refer=https%3A%2F%2Ffilerice.com%2Fh86qbgp6yuf6%2F349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar&tz=0&dev=e&res=12.2079&uuid=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1&shu=39baaf4cc22d160c8d192c8673ee22e713e23b89f9bf702717bf51f19e4061c44a9095b4cfd5b981086b3e3a1ac9e8ff1d5db38a61ba8fbc9de0c2974c82b353e7702b21c4418f59e2d36a334313b48f8c01ad5c9a0215769cda044b70&pst=1681399346&rmtc=t HTTP/1.1
Host: shredvealdone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://filerice.com
Referer: https://filerice.com/
Connection: keep-alive
Cookie: u_pl=18310778; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODMxMDc3OCwiayI6IjVmOTQ3MjY2OTkzZjRkZGI2NWNiYjg5ZTNkNjhmODkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMjExMTU5LCJwaWQiOjY4MDA1MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2U5enB4cyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZmlsZXJpY2UuY29tL2g4NnFiZ3A2eXVmNi8zNDk0MzFfM3hwbGFuZXRfVW5jZW4tbGVha2VkX1NOSVMtNjM2LnBhcnQyLnJhciJ9fQ.l4P1CKHJRqjYGJjRDMSxd3SAgVbCP06tco-AZE6JYOw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 13 Apr 2023 15:21:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://filerice.com
Access-Control-Allow-Origin: https://filerice.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=48d1202f-2d4d-461e-b9ee-46452a8c761a:1:1; expires=Thu, 20 Apr 2023 15:21:26 GMT; secure; SameSite=None
iprc8bb82191278a6c97dcd681f446aff037=3569681; expires=Thu, 13 Apr 2023 19:21:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 14 Apr 2023 15:21:26 GMT; secure; SameSite=None
uncs=1; expires=Fri, 14 Apr 2023 15:21:26 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 14 Apr 2023 15:21:26 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 14 Apr 2023 15:21:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6fe9a94c3b5d9983f211c088fa87c885
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-3-13-15-22

104.18.29.91

200 OK

212 B

URL GET HTTP/3
client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-3-13-15-22
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
212 B (212 bytes)
Hash
9a5747560bb784082bc92e210c1d04ed
c1865cdae6ba7639b36f1daa548d5938db1937af
5b1ba2c588ceed042aa0eb33f62805bed520e71b0923d810c87ef97dd178925d

HTTP Headers

GET /settings/website/43511e03-50ac-40ce-959c-630103e65274/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-3-13-15-22 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: client.crisp.chat
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Thu, 13 Apr 2023 19:21:26 GMT
vary: Accept-Encoding
last-modified: Thu, 13 Apr 2023 15:21:26 GMT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b74b2e2e8e3b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1680939934780

104.18.29.91

200 OK

1.6 kB

URL GET HTTP/3
client.crisp.chat/settings/website/43511e03-50ac-40ce-959c-630103e65274/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1680939934780
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1786), with no line terminators
Size
1.6 kB (1628 bytes)
Hash
b7e2f8f2d6feeb8439ad33403d3da4e0
290def721b992e77070f512fe99958bfd97ed7d1
6af7229f71cb4b79375e44397965bee1d4ed228e1c59e917131f3760707be3d7

HTTP Headers

GET /settings/website/43511e03-50ac-40ce-959c-630103e65274/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1680939934780 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: client.crisp.chat
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Thu, 13 Apr 2023 19:21:26 GMT
vary: Accept-Encoding
last-modified: Thu, 13 Apr 2023 14:11:39 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b74b2e65de6b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.googleapis.com/css2?family=Karla:wght@200;300;400;500&family=Source+Sans+Pro:wght@200;300;400;600&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Karla:wght@200;300;400;500&family=Source+Sans+Pro:wght@200;300;400;600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT

File type
ASCII text
Size
12 kB (12256 bytes)
Hash
dc2b7bd667459d53b5f30e9c660d290d
5cb7fad1bb1208033d299486de96d1143c57134d
d6b678039702ff92f676b40559d3d0567f9a712a3e215dec05b84b9df9b2ec79

HTTP Headers

GET /css2?family=Karla:wght@200;300;400;500&family=Source+Sans+Pro:wght@200;300;400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 13 Apr 2023 15:21:25 GMT
date: Thu, 13 Apr 2023 15:21:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

filerice.com/xfst_theme2/js/jquery.paging.js

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
filerice.com/xfst_theme2/js/jquery.paging.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
ASCII text
Size
19 kB (19365 bytes)
Hash
d7a2c1c7af2a004a6d68e1e55b1cfb46
7fd6daa7076c30381880519ad06ef5639b19ee28
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

HTTP Headers

GET /xfst_theme2/js/jquery.paging.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:51:55 GMT
etag: W/"4ba5-5f0925df2918c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2dOYCAhhJq6BCia7N4oa9AhHcDhuuuTn845EdgQoPA1%2B9KdUjGH2aiMy21kR9tGrirFtBTltxbFX3qd6Anql0BSBRD1l%2FLSvF7LnttrzfDj6UNIi4O%2FTCXiDxxZEqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2dafed9b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.effectivecreativeformat.com/5f947266993f4ddb65cbb89e3d68f892/invoke.js

173.233.137.36

200 OK

27 kB

URL GET HTTP/1.1
www.effectivecreativeformat.com/5f947266993f4ddb65cbb89e3d68f892/invoke.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerLet's Encrypt
Subjecteffectivecreativeformat.com
Fingerprint2E:A8:8E:04:6C:1D:60:E4:EA:69:33:A0:1B:3C:D9:7E:08:39:B8:B8
ValidityTue, 21 Feb 2023 06:13:46 GMT - Mon, 22 May 2023 06:13:45 GMT

File type
exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Size
27 kB (26943 bytes)
Hash
701f5e9dd5eabaaa2569384b94857e6c
e271c9640fad0db9f9de5ac8f5bf84e4f6c09c29
0540635f1e298fa47c6015dbb759676f0d1e7689edd5cedf1bc6b841321c67f0

HTTP Headers

GET /5f947266993f4ddb65cbb89e3d68f892/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 13 Apr 2023 15:21:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00676b36b40773acbc2a1b434bd55cd9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

filerice.com/xfst_theme2/js/bootstrap.min.js

188.114.97.1

200 OK

58 kB

URL GET HTTP/3
filerice.com/xfst_theme2/js/bootstrap.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
ASCII text, with very long lines (57791)
Size
58 kB (58072 bytes)
Hash
e1d98d47689e00f8ecbc5d9f61bdb42e
6778fed3cf095a318141a31f455c8f4663885bde
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

HTTP Headers

GET /xfst_theme2/js/bootstrap.min.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:51:50 GMT
etag: W/"e2d8-5f0925d9f9fc3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdqHbWBnV9mUd0epjWHXbo9THE4FZixBpaFjz%2FkP9FasNDg%2Fo4J91AtQga4A9dRZsZQ3QL1H78%2F8WffOSsAFgYM6rzlQseAXVdbodQL7QcvA%2FmirNDbzhSkZ1XL4WHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2db1ef9b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

client.crisp.chat/static/javascripts/client.js?d2149b0

104.18.29.91

200 OK

411 kB

URL GET HTTP/3
client.crisp.chat/static/javascripts/client.js?d2149b0
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type

Size
411 kB (411268 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/javascripts/client.js?d2149b0 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: client.crisp.chat
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"62a737a2-64684"
expires: Sun, 10 Apr 2033 15:21:26 GMT
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6317
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b74b2e1bf54b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

client.crisp.chat/l.js

104.18.29.91

200 OK

8.4 kB

URL GET HTTP/2
client.crisp.chat/l.js
IP
104.18.29.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerCloudflare, Inc.
Subjectcrisp.chat
Fingerprint2C:C1:6E:7F:ED:D7:B5:B5:E9:5A:E7:94:B7:9E:47:B0:90:F7:E5:D3
ValidityTue, 07 Jun 2022 00:00:00 GMT - Tue, 06 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (8670), with no line terminators
Size
8.4 kB (8401 bytes)
Hash
6049cd4f090c2bc329364e4946a823f1
0825603db1dec50b9e4bd10c05af697baa08d51e
13abb9d031815d62bad706693babad7fae836ddf58cae3a99191d9844b3e484e

HTTP Headers

GET /l.js HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://filerice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 13 Apr 2023 15:21:25 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
etag: W/"622f402b-20d1"
expires: Fri, 14 Apr 2023 15:21:25 GMT
last-modified: Mon, 14 Mar 2022 13:16:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6343
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b74b2e16801b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

client.relay.crisp.chat/w/58/?EIO=4&transport=websocket

64.227.36.222

101 Switching Protocols

0 B

URL GET HTTP/1.1
client.relay.crisp.chat/w/58/?EIO=4&transport=websocket
IP
64.227.36.222:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerSectigo Limited
Subjectclient.relay.crisp.chat
FingerprintDE:C1:D0:92:2F:AB:BF:30:B3:AB:23:6A:61:3D:EB:7F:F0:5E:2E:EC
ValidityTue, 07 Jun 2022 00:00:00 GMT - Sat, 08 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /w/58/?EIO=4&transport=websocket HTTP/1.1
Host: client.relay.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://filerice.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: utBUsQd+UMdNP5m3iYgqUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 13 Apr 2023 15:21:26 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jotrfnIKrZG5zK80DozB4NZBKOE=
X-Crisp-Ray: website w:58 10.133.35.18:3000
Access-Control-Allow-Headers: Content-Type, Origin, Upgrade
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300

filerice.com/favicon.ico

188.114.97.1

200 OK

1.2 kB

URL GET HTTP/3
filerice.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
becd95e13e9651529a5c4a6c3651417a
d86cebea15cce61f0c5828fc252ae51e21497c6a
9387d4f33ff9ed20fbbe31edef090d6814b2b15008fe6643f28af4c7da4589f0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ; _ga_VV9SZWVMLV=GS1.1.1681399336.1.0.1681399336.0.0.0; _ga=GA1.1.1869641290.1681399336; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48d1202f-2d4d-461e-b9ee-46452a8c761a%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:26 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 27 Dec 2022 02:18:45 GMT
etag: W/"47e-5f0c5df0dcb40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1227
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd3YsDLNerzkEzx5aNxlaJ8LjIqLx%2FgtoFzAkJOgfF7l78qNcmoGp5Dlfa1vjh2FFjvBR6Zr%2BbRZUOA%2Bfwj8SfWw1Bt4DCiSx6ego381i7%2FJPzzK5fjGEd6fIciKkMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2e3fba2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

filerice.com/xfst_theme2/js/paging.js

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
filerice.com/xfst_theme2/js/paging.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
HTML document, ASCII text, with very long lines (1921), with no line terminators
Size
1.8 kB (1849 bytes)
Hash
7e6d789ff68f5a194bf499a29605ca56
41e6fe1bac89caab4600cfba5c56279c3dc2eada
46386c4f2b85b7c26389b6aa77d622fbdd9f28fbba6436619ce25c73549ff5df

HTTP Headers

GET /xfst_theme2/js/paging.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:51:58 GMT
etag: W/"739-5f0925e2541bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjtowuRjK6cgLe9zVCJ%2BHcNiTVifr2QqW9lHN1%2FU6tDVYgjBc9iyjho6K3eSZp6YUpf5eodI47yWOrEhvrFF1lASwEZKUwi1iF4vDeg%2Fk%2BzBtSMpF8pjB0sF8%2Fdxxio%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2db0ee1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

filerice.com/xfst_theme2/js/main.js

188.114.97.1

200 OK

452 B

URL GET HTTP/3
filerice.com/xfst_theme2/js/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
ASCII text, with very long lines (480), with no line terminators
Size
452 B (452 bytes)
Hash
b1fcac5b762af5f678fca2e5cd8f60d8
cfb23198575f5622e7e628abbc3c3ece425969b0
0bef1d529ca0874ae96526abafd137986d21768a530d113cc70f0159167794af

HTTP Headers

GET /xfst_theme2/js/main.js HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:24 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:51:56 GMT
etag: W/"1c4-5f0925dffb4bc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXBHQF%2BSloriG5guEafeUBeb9VPTxjEvYN8P1DTU5f2TTnN49I%2Fynlox7gMvGUy49tzXMQ3wLDVgQfjKLPSGovw481VIiMuiCJCmhQWTzfzcNwlEXXuzDkTY6n7y6mY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2db1ef6b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

filerice.com/xfst_theme2/css/bootstrap.min.css

188.114.97.1

200 OK

156 kB

URL GET HTTP/3
filerice.com/xfst_theme2/css/bootstrap.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://filerice.com/h86qbgp6yuf6/349431_3xplanet_Uncen-leaked_SNIS-636.part2.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.filerice.com
Fingerprint7A:A6:E9:E4:FC:D9:85:BE:8F:E4:37:64:22:CF:D2:C5:B3:01:34:90
ValiditySun, 19 Feb 2023 17:15:04 GMT - Sat, 20 May 2023 17:15:03 GMT

File type
ASCII text, with very long lines (65324)
Size
156 kB (155745 bytes)
Hash
6cd44014a337c34bfdcb27c1919fbe8f
61f43fdeb1960e096aad30a571f9d77a1f065c8c
972146e9fb595a457c66f3ba9fc29fe7b00780940da8999e17290466d9669837

HTTP Headers

GET /xfst_theme2/css/bootstrap.min.css HTTP/1.1
Host: filerice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: filerice.com
Connection: keep-alive
Referer: https://filerice.com/xfst_theme2/css/style.min.css
Cookie: lang=english; affiliate=Fw9UwYMI5D4hxJ6Ccr1NAkpxCKdWdeuy11N7VAjTZK27RsZvarNAHyayFckLIJ%2Fde2PhAMV3K4jdwjYuTS5OW8NOTSaRl1Nb6zMnM8rZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 13 Apr 2023 15:21:25 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 14:44:32 GMT
etag: W/"26061-5f28adab11400"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5utgOgjMhcsQGgRQLkgHsIfzkRGaY%2Fs0htJu6nJa6fJ0fhRoFL7LpLeVkF8UYq9XB7q6GsXW9mdM5M8LjbshjKUuPT%2FV%2BBoUabBt%2BHGSeRvdBEowHf7cJmAFCBw9UDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b74b2dbeffcb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by