sfile.mobi/includes/adsby.js
104.26.4.191200 OK 13 B URL GET HTTP/2 sfile.mobi/includes/adsby.js
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type ASCII text, with no line terminators
Hash c5f96fbf51ae71c2ab29237fa415bbf8
5f9cbbf13fe8e1775c3b8a99a7cc92ba5a32b81f
4b788930a60496876be01bf2dbc9e79d1ce226545438697f5333a4bf57f952d4
GET /includes/adsby.js HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 13
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=15
etag: "f-5b3f44e345d40"
expires: Mon, 15 May 2023 22:37:09 GMT
last-modified: Fri, 13 Nov 2020 03:05:49 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: DENY
cf-cache-status: HIT
age: 15125
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujV0lzrTzg71tTJ8dxu5P4Jzh5T5ATVEuKzUrDt%2FKuKnBeG47tcv1kGoG99ujZ0eghsppnZ920bzy%2F0hFZGWQ18qZjJMpRJGf4IcwhFU07WuHhmPUStvebx6EBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cb9a70b50b-OSL
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 26928
expires: Sun, 28 Apr 2024 02:49:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zF%2F7ELH4EPxEG7e3912lPTvabrpMr2oRZJPRnl3HFk3%2BFAijCVDLtX9Ff3E%2F6nBnws63%2FF4spwwphf01WX5aLeNDh5UxKVCfQ8G%2Fz8lQbZv6r%2BsPmhXfQ5UBy2FLAxNkzM7h73d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c46a0cbcf56fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/image/width=110/apk/id.co.danamasbor/2572482C41329913F335A6D107A3F1B5BEAFADF6/3.0.12/icon.png
104.26.4.191200 OK 3.0 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/id.co.danamasbor/2572482C41329913F335A6D107A3F1B5BEAFADF6/3.0.12/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash 1dbd3b11402eb8870bccdd7cfdc18b37
b1262ad37b7dc7220d7816daa626aef9b1df4bf9
a23bb6d9cfc1f2792910bca23ba40788f245ab86056fc3a7edf1fb0cc13d01de
GET /cdn-cgi/image/width=110/apk/id.co.danamasbor/2572482C41329913F335A6D107A3F1B5BEAFADF6/3.0.12/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/png
content-length: 2981
cf-ray: 7c46a0cbaa83b50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cfj8EEkYzTIGD5VRlaW9Ds3u1q0QHHIZOOit7pJFJtDQ:23d6-11c701b800400"
last-modified: Thu, 29 Nov 1979 17:00:00 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:99,h2pri
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2023.4.2 l=2981
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCg6CEseNCcwhBFaZ7TqOebB1%2BpttC%2BjZVaeiuQhCtH2X33KMLi1zVTAQk8OIjg9M2ygkPJKM9LdUQj%2FtBdSwTsdz3TdL%2FncXGxTDEJtfljeAPyxdOrXbIjYVbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/image/width=110/apk/com.iss.client.cairin/81631F4F0D5355713F508736014AD4CBC3A0E6B6/2.3.9/icon.png
104.26.4.191200 OK 4.1 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/com.iss.client.cairin/81631F4F0D5355713F508736014AD4CBC3A0E6B6/2.3.9/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 110x110, components 3\012- data
Hash d1496382d657f2cf40868488c2276218
f4a2d979470b8ea0ba4c4085c103972c6f715ad9
c1c61ac23c62500e4596d92e789123ed68bc1ff669f7038e2c5bd73a57334efd
GET /cdn-cgi/image/width=110/apk/com.iss.client.cairin/81631F4F0D5355713F508736014AD4CBC3A0E6B6/2.3.9/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/jpeg
content-length: 4135
cf-ray: 7c46a0cbaa86b50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cfxyxm818KKBKXUUy_ZIM7tuOr0QHHIZOOit7pJFJtDQ:ae488-13bb75a9cf380"
last-modified: Wed, 31 Dec 1980 18:01:02 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/m q=0 n=99+0 c=19+74 v=2023.4.2 l=4135
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6cxU2YMNlnFmlnahmxqcXLA7t9cxfij1oAR51Syf0hZH3BkxZrWdyO4lGgnmkyLgDCVrVCrR4HNDjxU3IdgG2rfyt%2BocdVpYV6j3RQwju8RFitJyFrDyN4eaLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/image/width=110/apk/com.bca/8747A31258E507FA21F32DB41EA0B5DD2D791722/2.9.9/icon.png
104.26.4.191200 OK 5.2 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/com.bca/8747A31258E507FA21F32DB41EA0B5DD2D791722/2.9.9/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash 37e1b4e19505eaf44884c66968d16939
7d5cf2fbbdf6556db8a124da7a282db11fba90a6
593658d483bc73588c636ed62e14b2248be9dab81f58c1dca84c278a603a62bb
GET /cdn-cgi/image/width=110/apk/com.bca/8747A31258E507FA21F32DB41EA0B5DD2D791722/2.9.9/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/png
content-length: 5196
cf-ray: 7c46a0cbba88b50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cflLjVFuF9tEJ0lFct-iX-Zm--0QHHIZOOit7pJFJtDQ:4bb4-5ecd9a9e6e68f"
last-modified: Mon, 07 Nov 2022 04:14:46 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:99,h2pri
cf-resized: internal=ok/h q=0 n=12+0 c=0+13 v=2023.4.2 l=5196
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrYjj3X4iTOXsNMR9jTgAUMC0harkPKwI3ndzMBIbukWSkL0KLcopdNfiT9tNvwb6fUK5sji%2BIFsrXpKzQfK%2BJMuSaSZEtbJiiwmnIW42%2F5odwm26MvXSjbtE2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/image/width=110/apk/id.flip/0E87203834A4F49B587747128A0EF7FD114DB81F/2.11.0/icon.png
104.26.4.191200 OK 3.7 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/id.flip/0E87203834A4F49B587747128A0EF7FD114DB81F/2.11.0/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash 548f7872fb4eee871ab0b417845b3e16
a66d34dafa9ccbced2740381b26982914973dae7
187e5ca38befa66eb6b840d0f8b17bfcd9bd8c0394fc5c34bf11572c0255a212
GET /cdn-cgi/image/width=110/apk/id.flip/0E87203834A4F49B587747128A0EF7FD114DB81F/2.11.0/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/png
content-length: 3691
cf-ray: 7c46a0cbba89b50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cf-rrqs8sg8eg3y8_CkkH9LLvn0QHHIZOOit7pJFJtDQ:1553-13bb75a9cf380"
last-modified: Wed, 31 Dec 1980 18:01:02 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:99,h2pri
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2023.4.2 l=3691
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MMx%2BDvnavKbXXoglqrpmdhik9xNnQ3Hf6YUU4C8lA3mXu4g4jZjrfvcmFqgmvIvFyC8JDbdRwmq01yMMJ1U9A2Knss%2BbRe0%2Bc85jaeqD4kKzG2N4lKGqLQgFM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/image/width=110/apk/com.rekeningku/F619D6A340BCF37FB4D91A44567E24CEC8129DB4/2.1.91/icon.png
104.26.4.191200 OK 3.5 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/com.rekeningku/F619D6A340BCF37FB4D91A44567E24CEC8129DB4/2.1.91/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash 183ab1355da1d1ec28ea4fe3c57f76a9
77641da64f929e52acb0d0f9acda7f58a40e0001
9aaf749eb4f5df4c9bc8e5869113f85bd3e29b27f2bc66f1999363595bfe1966
GET /cdn-cgi/image/width=110/apk/com.rekeningku/F619D6A340BCF37FB4D91A44567E24CEC8129DB4/2.1.91/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/png
content-length: 3464
cf-ray: 7c46a0cbba8bb50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cf7r6PcCo0-3gxINxzMggFwX8i0QHHIZOOit7pJFJtDQ:1226-13bb75a9cf380"
last-modified: Wed, 31 Dec 1980 18:01:02 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2023.4.2 l=3464
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beZdN5EgV9o1XoEYDCyL1jbA0%2FyX80%2FPlxhOa2k8ohDJo0NUx3IVNy9zpuqPWb61XGL0hqDeyFHrj%2FLM%2BwD1VJPy1r6QZzAhsAad7EDH%2FXaS0hJD94fZYgt2skE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 02dcc507b3a8f4d3488e301b4e100f03
ec9d2fc8324e7ab994a6c5f84bf430c18d71e6fe
f19c395d4378d6aab6f1251cbfe9c5883d58d06474a056a3c6cf70265807e3a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 09 May 2023 02:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sfile.mobi/cdn-cgi/image/width=110/apk/com.xzpt.pt/3E27E11A9AEFD4B06287BC418AE733C32AA0A90A/1.1.0.3/icon.png
104.26.4.191200 OK 5.2 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/com.xzpt.pt/3E27E11A9AEFD4B06287BC418AE733C32AA0A90A/1.1.0.3/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash 9c56bb014ca5f0fdc88464e299d8a4af
4b055b8515053c8fc7c699a998b2307fa048f455
b9219a73808d219b794d13cf6affa6bcbf5aef2e1bb3a11d586bf4d0ad22763d
GET /cdn-cgi/image/width=110/apk/com.xzpt.pt/3E27E11A9AEFD4B06287BC418AE733C32AA0A90A/1.1.0.3/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/png
content-length: 5181
cf-ray: 7c46a0cbaa84b50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cfkK9YR3hMK2ASo8HweA2rHY-_0QHHIZOOit7pJFJtDQ:3d66-13bb75a9cf380"
last-modified: Wed, 31 Dec 1980 18:01:02 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:99,h2pri
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2023.4.2 l=5181
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bMx4me4Xb75FTVJyQ2u94Xw9muAMhqzqavJoO%2ByenCUF9H4b%2BuvKLTgEzpfveY5Shvx9i5JJWZEoVfnMrlDUJx%2F6kEIeWiAgDUlBb5cHnXO2VWUP0KhseGhvgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/image/width=110/apk/com.ticno.olymptrade/3FCCAF2FA280EFC0503C49AC1478C635437742CB/8.24.32226/icon.png
104.26.4.191200 OK 3.0 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/com.ticno.olymptrade/3FCCAF2FA280EFC0503C49AC1478C635437742CB/8.24.32226/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash 8d3f6bcf62e8c750379c8d86d26efe6a
70dfef0b15ee5af0dd46657f8f23f0ac0fcb41d9
ee2b08e809148082c115ec2a2aef3a5d4a342c8b48537c33cdbf5044eb13fd50
GET /cdn-cgi/image/width=110/apk/com.ticno.olymptrade/3FCCAF2FA280EFC0503C49AC1478C635437742CB/8.24.32226/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/png
content-length: 2999
cf-ray: 7c46a0cbba8ab50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cf1wnXUNCv76QhrYjzZW0QXMtG0QHHIZOOit7pJFJtDQ:2087-5ecd9cc0a4093"
last-modified: Mon, 07 Nov 2022 04:24:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:99,h2pri
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2023.4.2 l=2999
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIXrNQoB0%2F4pXxiwakrJoFdfqAZpPdITcuTyoZPZZiOPG0%2FtMy16ShXiiV6IaGZhLDwpeJc76NYSdduLhP2VW5E%2BcMqiilRFqQPnUNnOJixMTD9zFFwl87zRQMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-XNQ10X1V2J
142.250.74.168200 OK 74 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-XNQ10X1V2J
IP 142.250.74.168:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintCA:2C:8E:2F:14:74:84:57:8C:39:86:59:92:AC:A1:7C:C8:FA:99:CA
ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT
File type ASCII text, with very long lines (5059)
Hash 938c554d015a1ad84392b6d5ef8b011a
f26ad09d19c62fa629a01eb87ce421ef35e02a30
63492cb00e8bb76284df5f05aafa9a6a44dfbf713cd4a05616bfb2d4282987d4
GET /gtag/js?id=G-XNQ10X1V2J HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 09 May 2023 02:49:15 GMT
expires: Tue, 09 May 2023 02:49:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
104.26.4.191200 OK 21 kB URL GET HTTP/2 sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 20724, version 1.0\012- data
Hash 43c849ea0258ce0d23a480e840881f16
5222f2283ff9eed9c05025b15dcca453a43cb8c3
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
GET /includes/fonts/raleway-v14-latin-regular.woff2 HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:15 GMT
content-length: 20724
last-modified: Mon, 26 Aug 2019 01:13:52 GMT
etag: "50f4-590fade753400"
cache-control: max-age=604800
expires: Mon, 15 May 2023 11:03:11 GMT
x-frame-options: DENY
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 56764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4M3gtjiOTYzXgBPpOtMnVEg%2BVqsDvgvivoTPiEr6fqxihNkzo97PV42yKXZqUXZ4RZAYApujpIvUmiEdA1LR9NhFJ6ckUkZtGm8fu1p%2FX%2FCDQaNxtFNqHivAsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cd1af2b50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 02dcc507b3a8f4d3488e301b4e100f03
ec9d2fc8324e7ab994a6c5f84bf430c18d71e6fe
f19c395d4378d6aab6f1251cbfe9c5883d58d06474a056a3c6cf70265807e3a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 09 May 2023 02:49:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sfile.mobi/icon/smallicon/hc.svg
104.26.4.191200 OK 78 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/hc.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (485)
Hash c6c987eb99f80581d63129cf31d0aef2
45a868ce78d02a13f297da325c5d58477d0c47c4
8267e9e767740e5c8bcdff1a99db6505868ec0879a398c76d2e5ac93ee8c6d41
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/hc.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Sep 2020 16:11:11 GMT
etag: W/"77a-5aebb7786e5c0-gzip"
cache-control: max-age=604800
expires: Fri, 12 May 2023 13:48:24 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 306050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDqYJdohLiHL%2FGyax5Z1qBWk23GMSfzRriZ0Gp3kF7a7n50JC6LjZ9mDk3P0K9ziShR8%2FSBUIqElOmf5AZtxpQhl7GKX8NUB1PFlysHEJa1fhzMCCwwAT3%2BpWgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cbba8cb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/sfile-icon-192x192.png
104.26.4.191200 OK 10 kB URL GET HTTP/2 sfile.mobi/icon/sfile-icon-192x192.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c657c0b27e6a3e98ae2736eab216cdb3
2eab135276b13dc87bdd3314ad8d7462e8246d35
5c9d9f4629d28f3fda7ccf4bae7bf6c53285686854a238b9ac0f2bac00836cb3
GET /icon/sfile-icon-192x192.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa; _ga=GA1.1.494488040.1683600555; _gid=GA1.2.424175299.1683600555; _gat=1; _ga_XNQ10X1V2J=GS1.1.1683600554.1.0.1683600554.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:15 GMT
content-type: image/png
content-length: 10001
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=11566, status=vary_header_present
etag: "2d2e-572ecea29a780"
expires: Sat, 13 May 2023 23:49:40 GMT
last-modified: Wed, 08 Aug 2018 13:59:10 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: DENY
cf-cache-status: HIT
age: 2170775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X59JFWvyg2eMDe70u7dw%2F32LsGKtjILnNCi6fyr%2BOOu5cJo3EoHRhaJQoy709lXMjOOZsIQ8cqgWe9bEW881olHVo8m8cXSv2%2FW0cOa8mNdIE%2BkxIcfgp9dP%2FkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0ce3b83b50b-OSL
X-Firefox-Spdy: h2
sfile.mobi/icon/sfile-favicon.png
104.26.4.191200 OK 1.6 kB URL GET HTTP/2 sfile.mobi/icon/sfile-favicon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c95ba8563fa6c88c0a431fc97b8175b
52d10299240136ff498c6dae3847662f9953d150
3438b8c9e88b10b9ea2cd353929ab4d345d679a842313c78123b25c290bb7902
GET /icon/sfile-favicon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa; _ga=GA1.1.494488040.1683600555; _gid=GA1.2.424175299.1683600555; _gat=1; _ga_XNQ10X1V2J=GS1.1.1683600554.1.0.1683600554.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:15 GMT
content-type: image/png
content-length: 1626
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2055, status=vary_header_present
etag: "807-554f42e2ce1c0"
expires: Sat, 27 May 2023 17:42:46 GMT
last-modified: Sun, 23 Jul 2017 04:03:27 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: DENY
cf-cache-status: HIT
age: 983189
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5vHFZX0EPh0ai4GRLbs8oDgzVk4atDbOvzXJhapDeCdVhOKjqIH9P2sALkPCnld%2F03c9bbnx8q00jl866l5rDNg9oINkYpwQHAGhhhGZCXsSF%2FnDfMrN0cYKYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0ce3b84b50b-OSL
X-Firefox-Spdy: h2
sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
104.26.4.191200 OK 21 kB URL GET HTTP/2 sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 20724, version 1.0\012- data
Hash 43c849ea0258ce0d23a480e840881f16
5222f2283ff9eed9c05025b15dcca453a43cb8c3
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
GET /includes/fonts/raleway-v14-latin-regular.woff2 HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa; _ga=GA1.1.494488040.1683600555; _gid=GA1.2.424175299.1683600555; _gat=1; _ga_XNQ10X1V2J=GS1.1.1683600554.1.0.1683600554.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:15 GMT
content-length: 20724
last-modified: Mon, 26 Aug 2019 01:13:52 GMT
etag: "50f4-590fade753400"
cache-control: max-age=604800
expires: Mon, 15 May 2023 11:03:11 GMT
x-frame-options: DENY
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 56764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BppNZh79%2BM%2FZwxjk%2F%2B39lUMqNt5T2%2FxkkO45r7hGVC9NpFx48CSligMtANsJMfz0kwwB16ZVhn1vBWd1BNw3czxVceEUB8TjrTSOw7jc8qz%2BEUhvj3iiVh%2FzCro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0ce6ba5b50b-OSL
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/image/width=110/apk/com.ada.astrapay/D742DBFB47ECC1AF3DEE31669BD45B4AF3FFB6DB/2.32.1/icon.png
104.26.4.191200 OK 3.5 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/image/width=110/apk/com.ada.astrapay/D742DBFB47ECC1AF3DEE31669BD45B4AF3FFB6DB/2.32.1/icon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash e70d63dcf013915db5f4ea41e4a2a9d5
3b14b82cfa1c6485f1e480be636c6c4d57520d70
19e88f64440d4cf352e7fbf10884c78ed06905acaa80cae97143ec0600534be1
GET /cdn-cgi/image/width=110/apk/com.ada.astrapay/D742DBFB47ECC1AF3DEE31669BD45B4AF3FFB6DB/2.32.1/icon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:15 GMT
content-type: image/png
content-length: 3518
cf-ray: 7c46a0cbaa85b50b-OSL
accept-ranges: bytes
cache-control: max-age=2592000
etag: "cfR2i0w907Z4u2YG3OlBHJAvFk0QHHIZOOit7pJFJtDQ:29c6-5ecd92b27e9dd"
last-modified: Mon, 07 Nov 2022 03:39:19 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:99,h2pri
cf-resized: internal=ok/m q=0 n=64+0 c=0+12 v=2023.4.2 l=3518
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfUK4zx%2FmJ1LurcUzFEeWwVrYbboDyH7QZH4La8G5IoD7MwqllErhE9VRyME1es576hj3X%2B3ZvZRJAeXpOcsFMlftx6fAXi6%2FnZci4xKy3M6XH1bJ0kUePLR%2FxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
sfile.mobi/downIoad/1158668/16476/8a4d1451cea3780328d1385350341116/alight-motion-4.2.0-mod.apk&is=c6f07ff9764ee9348276f81c503a93ec
104.26.4.191302 Found 33 kB URL User Request GET HTTP/2 sfile.mobi/downIoad/1158668/16476/8a4d1451cea3780328d1385350341116/alight-motion-4.2.0-mod.apk&is=c6f07ff9764ee9348276f81c503a93ec
IP 104.26.4.191:443
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /downIoad/1158668/16476/8a4d1451cea3780328d1385350341116/alight-motion-4.2.0-mod.apk&is=c6f07ff9764ee9348276f81c503a93ec HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 09 May 2023 02:49:14 GMT
content-type: text/html; charset=UTF-8
location: https://sfile.mobi/1NpO3F8o0gY7
set-cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: DENY
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBjpaMpDzr16hLBZ0FGShYpSXeLzJDRj333F1nMZ3ZbwFLexJYUN3ofXe28SPavM4OZm3aEjN7qP%2BCj7NKtgqsFyQttUGc99l2%2FH%2Ft4k7Bu6roed2cORwOgGcxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0c768e7b50b-OSL
X-Firefox-Spdy: h2
104.26.4.191200 OK 33 kB URL User Request GET HTTP/2 IP 104.26.4.191:443
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (573), with CRLF, LF line terminators
Hash feccb3ab18500a6d628fdb7f24760dac
aabf2336d3ac8a876797a6a49af8b8150a9f5c6e
14e94003f890a5996c7f7dcbae98f2479dc18790b6aeb9df8fbce04d6ed72001
GET /1NpO3F8o0gY7 HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: _v1158668=1; expires=Wed, 10-May-2023 02:49:14 GMT; Max-Age=86400; path=/1NpO3F8o0gY7
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmhGI7LySxL3X4mgEStS7zBldD38H%2BG5rHn29pkQoQvPUDaPX%2Bw9DEUiXP9nQzJC5jv%2FwR8nziBm43KoYpY3E%2FU%2BmdXl4jDcT6VJ4gD09btZA5r%2B0RoAP9jTxRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0c96996b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/apk.svg
104.26.4.191200 OK 2.5 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/apk.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2467), with no line terminators
Hash 469674871e148e599e809ddc7572d14d
99394ad1a68c8998e3fe431110833bd7e66477bd
51b16bf6325b4773905added21bd82bfbd1f8fa9ee86039bc7b3b572f376ae99
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/apk.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 05:51:20 GMT
etag: W/"995-554f5afff0600-gzip"
cache-control: max-age=604800
expires: Mon, 15 May 2023 15:41:31 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 40063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wu%2FuffwlkHGYc1Nb3vYJhuX9QTNf%2B0mQpdoWM0ucHPtIFC6cIqDlaAnkM6uCl7%2FO%2Bz0pFLkUKI9QbA7%2FMT8eiZdgUCJ9z1%2FP5URpdxZo5UMYaUZIYIP%2BBhUrc3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cbaa7bb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/pdf.svg
104.26.4.191200 OK 3.8 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/pdf.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4012), with no line terminators
Hash c3ea2f5d05f1cee5b5eb682b857d60f8
e94c3cd5bf277347cb001d1c5a8adde1097680f6
f93b9eedc014232e9248901f341e95901999b9a9aaa8ffab90bbdd7decb46a6d
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/pdf.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 04:55:06 GMT
etag: W/"ea8-554f4e6e3de80-gzip"
cache-control: max-age=604800
expires: Sat, 13 May 2023 00:48:52 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 266421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziQyk3jHL3znMzy2ygnxu0S4mt1UwbIVfE35R6r4cGgWtJmRx3gv1JKA9tBq%2BiMLmLuHqImwnZHspHktsDohuuO60muoJNt6KLok%2BX8ZX9B3lUZ%2FmRBa7kYDFc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cbba8eb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/npv4.svg
104.26.4.191200 OK 1.7 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/npv4.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1816), with no line terminators
Hash c22256205cc3d0d09276e1bd374f9c98
5d0bb88215bd5d666284af22f995d304e4e9e677
64e21fce1bdd5e9475b77480999e44c238ba3157349f4f2dba1033911ec52a1b
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/npv4.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Jun 2021 01:54:25 GMT
etag: W/"6a8-5c5652fa0f640-gzip"
cache-control: max-age=604800
expires: Sat, 13 May 2023 16:32:11 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 209823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xs7eMqe%2FtrwtZt3nmLUWbXRQhkOylRPzmUB3MrLVVIoeK7N%2BCIh0gqU%2BS8TufRHzikRuUNpEcWUHaH85uSbVilNuFC6Ki11a%2FdQyGAtvpQ7SHUMy0YR6t38oKkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cbba90b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/ehi.svg
104.26.4.191200 OK 1.4 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/ehi.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1482), with no line terminators
Hash 72ad048c90ae60b0ef9c2f909269e44a
b713246f9b1454c586c1f597e785ae6e228fd50f
de44b6e41b9d35b46cc8ee0b59238b92f70e9c1b83a19fa2889e3d002d7b05e6
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/ehi.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 06:12:11 GMT
etag: W/"594-554f5fa8fc4c0-gzip"
cache-control: max-age=604800
expires: Sat, 13 May 2023 07:26:07 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 242587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diAkTfL9roHtNkB6Rgfi9wYa9qdAt4eS4lWcE7f730KIrv2iuDI5N1JPiUWDM09k%2Fhbqrie%2BZ3z6EA8JhL2%2FhlZVTrqMDcAt%2F%2FOZEjMIxUNa4O11xJk2oYb1FLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cbba91b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/img/Sfile-Logo.svg
104.26.4.191200 OK 5.6 kB URL GET HTTP/2 sfile.mobi/img/Sfile-Logo.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5686), with no line terminators
Hash 29d9f3d0785d233602384223659ff407
2d87838a65792866a0a18c3d6b88b6714ba2a486
ccafb969fbadb6d9a63869f62a0538504001d5b0d59924e91ddc86b4a7b6d2f9
Analyzer Verdict Alert fortinet Malware
GET /img/Sfile-Logo.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/svg+xml
last-modified: Mon, 05 Oct 2020 09:51:24 GMT
etag: W/"15b1-5b0e96cdf5f00-gzip"
cache-control: max-age=604800
expires: Sat, 13 May 2023 16:32:11 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 209823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMY5SnpCzIp4z9FUes6ynOJkXFPPMjbrrXzqMMfvLWr5a0AwSEuEyH6vW%2FUCT2EQpmMSzzGmjDEWvtOaetPImrUZpU29NQwnSdCpaSqH4I%2F%2F7lOAfNrVU3bEPKg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cb9a74b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/includes/analytics.js
104.26.4.191200 OK 52 kB URL GET HTTP/2 sfile.mobi/includes/analytics.js
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type ASCII text, with very long lines (12884)
Hash 11f11a9177192e579d9f8d01b4470eb0
06363e5e8104cf124851cb6f9acf8e17ab0fa8ae
c02c34250922dff564644356dfca5559876b0e08323e4ff81f42ffcdb321cef0
GET /includes/analytics.js HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=52082
etag: W/"cb72-5fb3268678e55-gzip"
expires: Mon, 15 May 2023 21:48:12 GMT
last-modified: Mon, 08 May 2023 18:00:02 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 18063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkQtu8luwvTXwV9Nbb2cCvKF2VR4wdi8xDVPZXnzWp9SVNJxdaLpYNTVubri0o1tmMaTcQFxGwj%2BATbYSVgqNLhKYKQFdJAvPNXi4z7qQxfSS5tKYw%2BIFhlBgVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0ccdae4b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.25.14200 OK 77 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.25.14:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sfile.mobi
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 09 May 2023 02:49:15 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 24514
expires: Sun, 28 Apr 2024 02:49:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvbP%2BOW1tj1k70d3%2FiBurfKpYQ65bzSOO%2F8K4n%2BDylGdfwuoYjgQThTglJOdUTXwXOfpTETnwJq2XkCYDpAsULLJAQ5VGEhGFZLdsAxucI7ZibHjkkWDNnrFj1o%2BPmF4gmKvmrZZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c46a0cd4f550afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfile.mobi/icon/smallicon/txt.svg
104.26.4.191200 OK 3.2 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/txt.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3461), with no line terminators
Hash 5d69bea6e596b46c47d4c48fa425cfe3
25ddd704f96d8704def4ba8faa0ca60d965ebdb4
b3355fc50d12aa158b37b16cd715a47517f45a4a521072990baf63a306e5569d
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/txt.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 04:35:21 GMT
etag: W/"c81-554f4a0423440-gzip"
cache-control: max-age=604800
expires: Fri, 12 May 2023 20:16:07 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 282787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkcunvKDzTwBs6%2BqCZqbW0qtwysItIHsQrF%2FxqO9o2uApR78zvjwiPCvYjnq%2F2mgIWHF9vPcHwN6uBsqe3q4AOCVUy5juUoRr07W2%2Bdq0JZFy4stBfsZqj1iXJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cbba8fb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/includes/main-min.css
104.26.4.191200 OK 27 kB URL GET HTTP/2 sfile.mobi/includes/main-min.css
IP 104.26.4.191:443
Requested by https://sfile.mobi/1NpO3F8o0gY7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type ASCII text, with very long lines (25590), with CRLF line terminators
Hash 986660afda6a541addaf77e7fb8a5d4f
cf4dba035df7a09f83d87839d41eb03a24903400
b85136bf0a494514ef0e4321ec8c6754b8f2520868b262811322a62c9863da40
GET /includes/main-min.css HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/1NpO3F8o0gY7
Cookie: PHPSESSID=tj58c1405psk7764eeehdbo5sa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 09 May 2023 02:49:14 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 05 Nov 2022 06:53:42 GMT
etag: W/"68ea-5ecb3a69a8980-gzip"
cache-control: max-age=2592000
expires: Wed, 31 May 2023 21:39:06 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 623408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwhExIlw3bsHzBwM30hHnt6bmc3Riw%2F5dxsXEgyr4ZcXPFVFwbjHwhC38dYXeEDF8E3%2BTxwtfGAJrVKzWLMHp02%2B2g4Gyg8LSjQtx9PBA2fKqx3ig17dXqOAu5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c46a0cb9a6db50b-OSL
content-encoding: br
X-Firefox-Spdy: h2