Report - d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe

Report Overview

Visited public
2023-11-27 08:59:57
Tags
URL
d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe
Finishing URL
d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe
IP / ASN
199.59.243.225
#16509 AMAZON-02
Title
Filebox.moe

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.adsensecustomsearchads.com	unknown	2011-01-28	2015-09-02 02:57:40	2023-11-27 05:09:23	3.2 kB	156 kB	142.250.74.46
afs.googleusercontent.com	12123	2008-11-17	2013-05-06 21:11:00	2023-11-27 07:58:22	1.0 kB	2.1 kB	142.250.74.97
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	423 B	150 kB	142.250.74.132
e1.o.lencr.org	6159	2020-06-29	2021-08-20 09:36:30	2023-11-26 18:39:41	338 B	729 B	23.36.77.32
d.filebox.moe	unknown	unknown	2017-01-18 22:30:23	2023-06-24 09:31:51	2.3 kB	38 kB	199.59.243.225
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-27 06:40:38	897 B	151 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-27 08:59:43	medium	Client IP	199.59.243.225	ETPRO INFO .moe Domain in TLS SNI
2023-11-27 08:59:44	medium	Client IP	199.59.243.225	ETPRO INFO .moe Domain in TLS SNI
2023-11-27 08:59:44	medium	Client IP	199.59.243.225	ETPRO INFO .moe Domain in TLS SNI
2023-11-27 08:59:45	medium	Client IP	199.59.243.225	ETPRO INFO .moe Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	d.filebox.moe/buzUVEfYW.js	ScriptElement	32 kB	2023-11-14	2024-08-20
Pretty URL d.filebox.moe/buzUVEfYW.js IP 199.59.243.225 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 16:51 Last Seen2024-08-20 19:38 Times Seen5630 Hash 136bc91b923c115f678c13f3740bf8fa d8044de6e6a8b05f087f9fb73545d5b2e9666d61 46e2c2af87720b7ae5a86434547bd9bef9ff21fab2956b64bc48f17dc73c63a7 Loading...

	www.googletagmanager.com/gtag/js?id=UA-102508274-2	ScriptElement	190 kB	2023-11-27	2023-11-27
Pretty URL www.googletagmanager.com/gtag/js?id=UA-102508274-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 09:59 Last Seen2023-11-27 09:59 Times Seen1 Hash 775af46d9a6af94499cf8f5b43adac52 d7758d1dbf9a0c41c7e9d888586453404e41d216 2b2cfa92afebae9bf1d478da257c1060f5dffb08cbfd507bd4adab0675a8ae87 Loading...

	d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe	ScriptElement	347 B	2024-08-20	2024-08-20
Pretty URL d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe IP 199.59.243.225 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:45 Last Seen2024-08-20 17:45 Times Seen1 Hash cdddd7cc2db08edfb085fecc4fe08bbe 67facbb30361fdb105683594d68f4f218611f537 5ecba835f7783c1a9e310e340aac884a29c50d8a28e771b02c846eb835fb8e12 Loading...

	d.filebox.moe/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL d.filebox.moe/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 13:01 Times Seen341441 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 13:01 Times Seen340640 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.google.com/adsense/domains/caf.js	ScriptElement	150 kB	2023-11-09	2023-12-13
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-09 14:10 Last Seen2023-12-13 17:50 Times Seen1323 Hash 874a9639750ae434c10140eb1a983849 075e222560bb798ac08f476e157afa2782d3c85b a49690ce6db822bd1ae860ad7687076d3259019e7353ecdd86cd02066fd6bee8 Loading...

	www.googletagmanager.com/gtag/js?id=G-938Y5QJQ07&l=dataLayer&cx=c	ScriptElement	229 kB	2023-11-27	2023-11-27
Pretty URL www.googletagmanager.com/gtag/js?id=G-938Y5QJQ07&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 09:59 Last Seen2023-11-27 09:59 Times Seen1 Hash a69bb5d5f0b85e53850064f409eaa6d1 9b40e77109da0081acd812aeeff3476b27834254 f729f38a581b516988c69e5b17134a729335d2586dce7ed37ccbd9327d778e38 Loading...

	www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe	ScriptElement	683 B	2024-08-20	2024-08-20
Pretty URL www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:45 Last Seen2024-08-20 17:45 Times Seen1 Hash 5cf04a2e8bd346ac2216816ceb0fc1a6 169660b3c38fdf294941ab05333e9acd59b6b029 3e14cac950701a455f2b696b534d7f96cbfcc0cf1a39e30feb3fb5f17c5794e8 Loading...

	www.adsensecustomsearchads.com/adsense/domains/caf.js	ScriptElement	150 kB	2023-11-08	2024-08-20
Pretty URL www.adsensecustomsearchads.com/adsense/domains/caf.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 18:42 Last Seen2024-08-20 20:23 Times Seen561 Hash 6cf241afce18389b8a846cf20c6decd0 f8ba73079f5ab4ac902011cd294bc9a0c2e75820 14583633c7c8d5e084d889f9fd1886a02c158dac63a33293141f74eeb289d693 Loading...

HTTP Transactions (14)

	URL	IP	Response	Size
	e1.o.lencr.org/	23.36.77.32		345 B
URL e1.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash 149050522f0ae24947196eee9a6131c6 ba933a17db8260615a584dbd011d78993d71f588 fd60a9c2aa99c00e717b09cc39b23686a9f8a7a7701a925a169ba8ec0a75975f HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "FD60A9C2AA99C00E717B09CC39B23686A9F8A7A7701A925A169BA8EC0A75975F" Last-Modified: Fri, 24 Nov 2023 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21576 Expires: Mon, 27 Nov 2023 14:59:16 GMT Date: Mon, 27 Nov 2023 08:59:40 GMT Connection: keep-alive`

	d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe	199.59.243.225	200 OK	1.1 kB
URL User Request GET HTTP/1.1 d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe IP 199.59.243.225:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjectfilebox.moe FingerprintA9:9B:E8:9A:F0:96:36:29:F0:4A:58:72:A5:42:01:03:D1:30:27:3A ValidityMon, 16 Oct 2023 05:11:48 GMT - Sun, 14 Jan 2024 05:11:47 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (362) Size 1.1 kB (1065 bytes) Hash 8495dd4dcf02696f21630116c4605c62 12771ed1e92ee38689262a74956756b4b63af550 9f105678683900ec155701ccdfd2cd1fee3a4b7f0c564ca0ca22324fdc2e60dc HTTP Headers GET /stkzmg.exe%27,%27%25temp%25%5Cupdate.exe HTTP/1.1 Host: d.filebox.moe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Mon, 27 Nov 2023 08:59:39 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1065 X-Request-Id: d1462e4f-fefe-4a06-9f4c-70890a072903 Cache-Control: no-store, max-age=0 Accept-Ch: sec-ch-prefers-color-scheme Critical-Ch: sec-ch-prefers-color-scheme Vary: sec-ch-prefers-color-scheme X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_yxvxgUeeijdLWmxI59xEa5diqN3ZFN9O6N2ZMuJst2wxqasX+opYOG06BT7P3oqXk5dWMBMTt44Ca2zLRhXBPg== Set-Cookie: parking_session=d1462e4f-fefe-4a06-9f4c-70890a072903; expires=Mon, 27 Nov 2023 09:14:40 GMT; path=/ Connection: close

	d.filebox.moe/buzUVEfYW.js	199.59.243.225	200 OK	32 kB
URL GET HTTP/1.1 d.filebox.moe/buzUVEfYW.js IP 199.59.243.225:443 ASN #16509 AMAZON-02 Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerLet's Encrypt Subjectfilebox.moe FingerprintA9:9B:E8:9A:F0:96:36:29:F0:4A:58:72:A5:42:01:03:D1:30:27:3A ValidityMon, 16 Oct 2023 05:11:48 GMT - Sun, 14 Jan 2024 05:11:47 GMT File type Unicode text, UTF-8 text, with very long lines (32051) Size 32 kB (32054 bytes) Hash 136bc91b923c115f678c13f3740bf8fa d8044de6e6a8b05f087f9fb73545d5b2e9666d61 46e2c2af87720b7ae5a86434547bd9bef9ff21fab2956b64bc48f17dc73c63a7 HTTP Headers `GET /buzUVEfYW.js HTTP/1.1 Host: d.filebox.moe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Cookie: parking_session=d1462e4f-fefe-4a06-9f4c-70890a072903 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 27 Nov 2023 08:59:40 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 32054 X-Request-Id: 40d3cd49-a4c5-405d-ba63-507742972a92 Set-Cookie: parking_session=d1462e4f-fefe-4a06-9f4c-70890a072903; expires=Mon, 27 Nov 2023 09:14:40 GMT Connection: close`

	d.filebox.moe/_fd	199.59.243.225	200 OK	2.5 kB
URL POST HTTP/1.1 d.filebox.moe/_fd IP 199.59.243.225:443 ASN #16509 AMAZON-02 Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerLet's Encrypt Subjectfilebox.moe FingerprintA9:9B:E8:9A:F0:96:36:29:F0:4A:58:72:A5:42:01:03:D1:30:27:3A ValidityMon, 16 Oct 2023 05:11:48 GMT - Sun, 14 Jan 2024 05:11:47 GMT File type ASCII text, with very long lines (4633), with no line terminators Size 2.5 kB (2471 bytes) Hash 79e587a1108f1fb09f22b000406e69d0 5845ad80009401c793d78e70ace430cb5cba00db 41d5d7146839f7131cf862f1265afd77ffdd2fc400a2e29aaffe7b52654c336d HTTP Headers POST /_fd HTTP/1.1 Host: d.filebox.moe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Content-Type: application/json Origin: https://d.filebox.moe DNT: 1 Connection: keep-alive Cookie: parking_session=d1462e4f-fefe-4a06-9f4c-70890a072903 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache Content-Length: 0 `HTTP/1.1 200 OK Server: openresty Date: Mon, 27 Nov 2023 08:59:40 GMT Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Content-Length: 2471 X-Version: 2.110.4 Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: parking_session=d1462e4f-fefe-4a06-9f4c-70890a072903; expires=Mon, 27 Nov 2023 09:14:41 GMT; Max-Age=900; path=/; httponly Connection: close`

	www.googletagmanager.com/gtag/js?id=UA-102508274-2	142.250.74.168	200 OK	69 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-102508274-2 IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (4179) Size 69 kB (68665 bytes) Hash 775af46d9a6af94499cf8f5b43adac52 d7758d1dbf9a0c41c7e9d888586453404e41d216 2b2cfa92afebae9bf1d478da257c1060f5dffb08cbfd507bd4adab0675a8ae87 HTTP Headers `GET /gtag/js?id=UA-102508274-2 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d.filebox.moe/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 27 Nov 2023 08:59:41 GMT expires: Mon, 27 Nov 2023 08:59:41 GMT cache-control: private, max-age=900 last-modified: Mon, 27 Nov 2023 06:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 68665 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-938Y5QJQ07&l=dataLayer&cx=c	142.250.74.168	200 OK	81 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-938Y5QJQ07&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (5955) Size 81 kB (80971 bytes) Hash a69bb5d5f0b85e53850064f409eaa6d1 9b40e77109da0081acd812aeeff3476b27834254 f729f38a581b516988c69e5b17134a729335d2586dce7ed37ccbd9327d778e38 HTTP Headers `GET /gtag/js?id=G-938Y5QJQ07&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d.filebox.moe/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 27 Nov 2023 08:59:41 GMT expires: Mon, 27 Nov 2023 08:59:41 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 80971 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe	142.250.74.46	200 OK	2.5 kB
URL GET HTTP/2 www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe IP 142.250.74.46:443 ASN #15169 GOOGLE Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12983) Size 2.5 kB (2542 bytes) Hash 050d7a25adca5136115c7337474589a8 31646c1bd1a913be2a3e2edb6015a561ec3e6cb8 34c7bb6e2732ad6fe12cae1e43b502ec6f1756c050ff9181db963d6424f2fde9 HTTP Headers GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d.filebox.moe/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Mon, 27 Nov 2023 08:59:41 GMT expires: Mon, 27 Nov 2023 08:59:41 GMT cache-control: private, max-age=3600 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Yz0M5NpXPdz9DWDpBDG3Aw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-encoding: br server: gws content-length: 2542 x-xss-protection: 0 set-cookie: CONSENT=PENDING+177; expires=Wed, 26-Nov-2025 08:59:41 GMT; path=/; domain=.adsensecustomsearchads.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff	142.250.74.97	200 OK	278 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306) Size 278 B (278 bytes) Hash fe7dd8c3c629cc6e9cd6d3e4d3cbe905 59ef3b8e4a17169a4cb45fba65bf0d2bf49c8a18 5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e HTTP Headers GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 278 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 26 Nov 2023 10:30:21 GMT expires: Mon, 27 Nov 2023 09:30:21 GMT cache-control: public, max-age=82800 age: 80961 last-modified: Tue, 27 Jun 2023 17:28:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b	142.250.74.97	200 OK	174 B
URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subject.googleusercontent.com Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 174 B (174 bytes) Hash d47125b2ba92be53dcff07ba322ce1de e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28 5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 26 Nov 2023 10:14:11 GMT expires: Mon, 27 Nov 2023 09:14:11 GMT cache-control: public, max-age=82800 age: 81931 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d.filebox.moe/_tr	199.59.243.225	200 OK	22 B
URL POST HTTP/1.1 d.filebox.moe/_tr IP 199.59.243.225:443 ASN #16509 AMAZON-02 Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerLet's Encrypt Subjectfilebox.moe FingerprintA9:9B:E8:9A:F0:96:36:29:F0:4A:58:72:A5:42:01:03:D1:30:27:3A ValidityMon, 16 Oct 2023 05:11:48 GMT - Sun, 14 Jan 2024 05:11:47 GMT File type ASCII text, with no line terminators Size 22 B (22 bytes) Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df HTTP Headers POST /_tr HTTP/1.1 Host: d.filebox.moe User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Content-Type: application/json Content-Length: 1697 Origin: https://d.filebox.moe DNT: 1 Connection: keep-alive Cookie: parking_session=d1462e4f-fefe-4a06-9f4c-70890a072903; _ga_938Y5QJQ07=GS1.1.1701075585.1.0.1701075585.0.0.0; _ga=GA1.1.51513016.1701075585 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: openresty Date: Mon, 27 Nov 2023 08:59:41 GMT Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Content-Length: 22 X-Version: 2.110.4 Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: parking_session=d1462e4f-fefe-4a06-9f4c-70890a072903; expires=Mon, 27 Nov 2023 09:14:42 GMT; Max-Age=900; path=/; httponly Connection: close`

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=3v43ajet3ivw&aqid=fVpkZYb4IYyfiM0Pv9OEuAk&psid=3113057640&pbt=bs&adbx=290&adby=170&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=579967862&csala=4%7C0%7C432%7C53%7C8&lle=0&ifv=1&hpt=0	142.250.74.46	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=3v43ajet3ivw&aqid=fVpkZYb4IYyfiM0Pv9OEuAk&psid=3113057640&pbt=bs&adbx=290&adby=170&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=579967862&csala=4%7C0%7C432%7C53%7C8&lle=0&ifv=1&hpt=0 IP 142.250.74.46:443 ASN #15169 GOOGLE Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=3v43ajet3ivw&aqid=fVpkZYb4IYyfiM0Pv9OEuAk&psid=3113057640&pbt=bs&adbx=290&adby=170&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=579967862&csala=4%7C0%7C432%7C53%7C8&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d.filebox.moe/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vot3v_uDZ4BucTP1U8wXxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Mon, 27 Nov 2023 08:59:43 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: CONSENT=PENDING+462; expires=Wed, 26-Nov-2025 08:59:43 GMT; path=/; domain=.adsensecustomsearchads.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=tmvj1w5u30u5&aqid=fVpkZYb4IYyfiM0Pv9OEuAk&psid=3113057640&pbt=bv&adbx=290&adby=170&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=579967862&csala=4%7C0%7C432%7C53%7C8&lle=0&ifv=1&hpt=0	142.250.74.46	204 No Content	0 B
URL GET HTTP/3 www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=tmvj1w5u30u5&aqid=fVpkZYb4IYyfiM0Pv9OEuAk&psid=3113057640&pbt=bv&adbx=290&adby=170&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=579967862&csala=4%7C0%7C432%7C53%7C8&lle=0&ifv=1&hpt=0 IP 142.250.74.46:443 ASN #15169 GOOGLE Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=tmvj1w5u30u5&aqid=fVpkZYb4IYyfiM0Pv9OEuAk&psid=3113057640&pbt=bv&adbx=290&adby=170&adbh=481&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=579967862&csala=4%7C0%7C432%7C53%7C8&lle=0&ifv=1&hpt=0 HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d.filebox.moe/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 204 No Content content-type: text/html; charset=UTF-8 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-HkreFt4M9E1CTRfaviYrBg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Mon, 27 Nov 2023 08:59:43 GMT server: gws content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: CONSENT=PENDING+050; expires=Wed, 26-Nov-2025 08:59:43 GMT; path=/; domain=.adsensecustomsearchads.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.adsensecustomsearchads.com/adsense/domains/caf.js	142.250.74.46	200 OK	150 kB
URL GET HTTP/3 www.adsensecustomsearchads.com/adsense/domains/caf.js IP 142.250.74.46:443 ASN #15169 GOOGLE Requested by https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol308%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol435&client=dp-bodis31_3ph&r=m&hl=en&rpbu=https%3A%2F%2Fd.filebox.moe%3Fcaf%26&terms=file%20storage&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2982711262351858&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r3&nocache=9811701075585041&num=0&output=afd_ads&domain_name=d.filebox.moe&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1701075585042&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&cl=579967862&uio=-&cont=rs&jsid=caf&jsv=579967862&rurl=https%3A%2F%2Fd.filebox.moe%2Fstkzmg.exe%2527%2C%2527%2525temp%2525%255Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT File type ASCII text, with very long lines (1888) Size 150 kB (149615 bytes) Hash 6cf241afce18389b8a846cf20c6decd0 f8ba73079f5ab4ac902011cd294bc9a0c2e75820 14583633c7c8d5e084d889f9fd1886a02c158dac63a33293141f74eeb289d693 HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.adsensecustomsearchads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.adsensecustomsearchads.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Mon, 27 Nov 2023 08:59:41 GMT expires: Mon, 27 Nov 2023 08:59:41 GMT cache-control: private, max-age=3600 etag: "14110688364054311877" x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/adsense/domains/caf.js	142.250.74.132	200 OK	150 kB
URL GET HTTP/2 www.google.com/adsense/domains/caf.js IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by https://d.filebox.moe/stkzmg.exe%27,%27%25temp%25%5Cupdate.exe Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1 ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT File type ASCII text, with very long lines (1888) Size 150 kB (149642 bytes) Hash 874a9639750ae434c10140eb1a983849 075e222560bb798ac08f476e157afa2782d3c85b a49690ce6db822bd1ae860ad7687076d3259019e7353ecdd86cd02066fd6bee8 HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d.filebox.moe/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Mon, 27 Nov 2023 08:59:41 GMT expires: Mon, 27 Nov 2023 08:59:41 GMT cache-control: private, max-age=3600 etag: "13859965838328933494" x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL

IP

ASN