cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 63779
expires: Sun, 12 May 2024 14:59:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stKtE%2FZwJI0AVEkLn5E09WMBxsScfGtuwrNBKsaTfindIOAlIMLqklo6EvvWks0D2gXQNMyDCuoln70ehMSXQO8xmT4aYYXMWdlOET7EsiofCEbPBFTBRvmhPh8Q4SKh4Mxjeef3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cbe29b30f95b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
104.26.4.191200 OK 21 kB URL GET HTTP/2 sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 20724, version 1.0\012- data
Hash 43c849ea0258ce0d23a480e840881f16
5222f2283ff9eed9c05025b15dcca453a43cb8c3
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
GET /includes/fonts/raleway-v14-latin-regular.woff2 HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:28 GMT
content-length: 20724
last-modified: Mon, 26 Aug 2019 01:13:52 GMT
etag: "50f4-590fade753400"
cache-control: max-age=604800
expires: Sun, 28 May 2023 20:49:08 GMT
x-frame-options: DENY
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 151820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCLbE7AsbDNXYjxFRsGv7NsUrt1TVRSBNnZLrbugzVRQVWRzKDIQnouXKnxTr0e1p87fO3QPUoJi%2BEuWqxJccZLVnA%2B3BxemXwik9bpeyQOtgZ4o4tYzgGmxcb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b4bfd5b524-OSL
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.25.14200 OK 77 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.25.14:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sfile.mobi
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 14:59:28 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 564791
expires: Sun, 12 May 2024 14:59:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esRI8eT1zRRKdodWhsSRI5JzwGdS6pwsxFOpVcI0%2BiEyM2dDBnttfkUK2iqSIu%2BZ2ObyIuChTsxdsXNmrpWrxML7rqLC%2Fbmv5apb2Xz1XcjCOu8WEk%2FWdWMZ4iFRyTiIOhYe6rXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cbe29b52bf2fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfile.mobi/includes/adsby.js
104.26.4.191200 OK 13 B URL GET HTTP/2 sfile.mobi/includes/adsby.js
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type ASCII text, with no line terminators
Hash c5f96fbf51ae71c2ab29237fa415bbf8
5f9cbbf13fe8e1775c3b8a99a7cc92ba5a32b81f
4b788930a60496876be01bf2dbc9e79d1ce226545438697f5333a4bf57f952d4
GET /includes/adsby.js HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 13
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=15
etag: "f-5b3f44e345d40"
expires: Mon, 29 May 2023 22:06:56 GMT
last-modified: Fri, 13 Nov 2020 03:05:49 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: DENY
cf-cache-status: HIT
age: 60752
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnQEpp%2FuMqfWkxRW2D%2F1eGL7HIfQGalxUOSmg%2Bg6ZFxFm1GDFSs0AX1eZJ%2B%2FjIv%2BQ6r9GRLynY25vfzsUKKdw%2FuLvFsIo59djBRI60L3cBqxVUfn263u8T8f5DA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b5da35b524-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f76aec436e4a09ac0168f72992464de4
b27c2ad12b9bc62e7761f39398b52434ab4f76b0
a027a7e0c828dea11becdced03e497722a9a50511aff1efef6df73542bae3f42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 14:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-XNQ10X1V2J
142.250.74.168200 OK 74 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-XNQ10X1V2J
IP 142.250.74.168:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (5059)
Hash cc1ad1a60be83f742b909d11a9d0a56b
412d47eabebba1ea8176d179ee17b859dac28ee9
b4bc12caec8b522135ebe4cb0d83f3f338e58fae93b774e2b6883c05b31fb315
GET /gtag/js?id=G-XNQ10X1V2J HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 23 May 2023 14:59:28 GMT
expires: Tue, 23 May 2023 14:59:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sfile.mobi/icon/sfile-icon-192x192.png
104.26.4.191200 OK 10 kB URL GET HTTP/2 sfile.mobi/icon/sfile-icon-192x192.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c657c0b27e6a3e98ae2736eab216cdb3
2eab135276b13dc87bdd3314ad8d7462e8246d35
5c9d9f4629d28f3fda7ccf4bae7bf6c53285686854a238b9ac0f2bac00836cb3
GET /icon/sfile-icon-192x192.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l; _ga=GA1.2.63454442.1684853968; _gid=GA1.2.1699373595.1684853968; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:28 GMT
content-type: image/png
content-length: 10001
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=11566, status=vary_header_present
etag: "2d2e-572ecea29a780"
expires: Tue, 13 Jun 2023 03:21:15 GMT
last-modified: Wed, 08 Aug 2018 13:59:10 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: DENY
cf-cache-status: HIT
age: 819493
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bp1hSriw1ptsO%2Bxx53MEjE%2FKKubIqwqeT5oM3RnsyYX8tNcmArQ9MiJRRU%2FBBukYHOfUd1khPPa1SpUO6bnMOUE6AbidUM6VXEofpbUD8Uv3bzPrjSkgsGCnXPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b75c87b524-OSL
X-Firefox-Spdy: h2
sfile.mobi/includes/main-min.css
104.26.4.191200 OK 8.3 kB URL GET HTTP/2 sfile.mobi/includes/main-min.css
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type ASCII text, with very long lines (25590), with CRLF line terminators
Hash 986660afda6a541addaf77e7fb8a5d4f
cf4dba035df7a09f83d87839d41eb03a24903400
b85136bf0a494514ef0e4321ec8c6754b8f2520868b262811322a62c9863da40
GET /includes/main-min.css HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 05 Nov 2022 06:53:42 GMT
etag: W/"68ea-5ecb3a69a8980-gzip"
cache-control: max-age=2592000
expires: Sun, 18 Jun 2023 19:03:32 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 330955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiuj5WXCgzBT3oRN%2Fxkn15bGSFN87aQbBdnL1W%2BSiadfUWgICjci5xM9gs3%2BEkLEKTZRoibGyCxUAWLUgTzrY1b%2BS1BrsjRH7yaqc9GaH3vQ9rs6xHac15nKJXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b2dcb6b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f76aec436e4a09ac0168f72992464de4
b27c2ad12b9bc62e7761f39398b52434ab4f76b0
a027a7e0c828dea11becdced03e497722a9a50511aff1efef6df73542bae3f42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 14:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
104.26.4.191200 OK 21 kB URL GET HTTP/2 sfile.mobi/includes/fonts/raleway-v14-latin-regular.woff2
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 20724, version 1.0\012- data
Hash 43c849ea0258ce0d23a480e840881f16
5222f2283ff9eed9c05025b15dcca453a43cb8c3
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
GET /includes/fonts/raleway-v14-latin-regular.woff2 HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l; _ga=GA1.1.63454442.1684853968; _gid=GA1.2.1699373595.1684853968; _gat=1; _ga_XNQ10X1V2J=GS1.1.1684853968.1.0.1684853968.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:29 GMT
content-length: 20724
last-modified: Mon, 26 Aug 2019 01:13:52 GMT
etag: "50f4-590fade753400"
cache-control: max-age=604800
expires: Sun, 28 May 2023 20:49:08 GMT
x-frame-options: DENY
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 151821
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GGQC735UBM7DL4oG9EBkXpKWoQUC2w4reZGl%2BotyabTsKW5Pz18Tjs9CKioZCTYQwlShfAAksV3PAO5h1q0EbbSXTmkDhKpLiEweBXGwIl%2F8bCMkQbaZdqlypM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29bb4a01b524-OSL
X-Firefox-Spdy: h2
sfile.mobi/downIoad/903771/16961/698d4d3bf24690de093d679841f77549/bug-config.zip&is=54cfb64442aa3268ab3a80af44f76ac5
104.26.4.191302 Found 31 kB URL User Request GET HTTP/2 sfile.mobi/downIoad/903771/16961/698d4d3bf24690de093d679841f77549/bug-config.zip&is=54cfb64442aa3268ab3a80af44f76ac5
IP 104.26.4.191:443
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /downIoad/903771/16961/698d4d3bf24690de093d679841f77549/bug-config.zip&is=54cfb64442aa3268ab3a80af44f76ac5 HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 23 May 2023 14:59:26 GMT
content-type: text/html; charset=UTF-8
location: https://sfile.mobi/bqlTsgRIpG7
set-cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: DENY
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr3mzfSfHNKHIM4Kig8pAuGy6FJPeFByFjWSJJRO4uKIqNEjtns4yEbvCALCr2ZRQGn0%2FWVtEnEXjNTqMJZRHK1AykDP3929GZBDpqyHzlubDkVol4pvfYLcxRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29a95e52b524-OSL
X-Firefox-Spdy: h2
sfile.mobi/img/Sfile-Logo.svg
104.26.4.191200 OK 5.6 kB URL GET HTTP/2 sfile.mobi/img/Sfile-Logo.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5686), with no line terminators
Hash 29d9f3d0785d233602384223659ff407
2d87838a65792866a0a18c3d6b88b6714ba2a486
ccafb969fbadb6d9a63869f62a0538504001d5b0d59924e91ddc86b4a7b6d2f9
Analyzer Verdict Alert fortinet Malware
GET /img/Sfile-Logo.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Mon, 05 Oct 2020 09:51:24 GMT
etag: W/"15b1-5b0e96cdf5f00-gzip"
cache-control: max-age=604800
expires: Fri, 26 May 2023 10:52:57 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 360390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XH7MKYYxztErVssSS9Xnp8n5Gihe%2BXGnhvgk7N4baqcU7Wtta2%2FmAh6UaGF%2Fplk2BCOfbB2QOe4fRlmFSanX1Gz9JVEXHygpV9d5bLDV6fXTQF4flu6loDlOOWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b2ecc8b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/apk.svg
104.26.4.191200 OK 2.5 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/apk.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2467), with no line terminators
Hash 469674871e148e599e809ddc7572d14d
99394ad1a68c8998e3fe431110833bd7e66477bd
51b16bf6325b4773905added21bd82bfbd1f8fa9ee86039bc7b3b572f376ae99
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/apk.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 05:51:20 GMT
etag: W/"995-554f5afff0600-gzip"
cache-control: max-age=604800
expires: Mon, 29 May 2023 16:10:12 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 82155
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbqXDs%2FvZVfn58NULVF258AY1s6me1Y7lcVmz3vUc83MYfgtuIZRByH0nytxFRGFNurNicWw8XOKXjDh3yTc35CUZ%2FeO2sQP4EFRkDVJ6RA11UfSdxJdMDBuXdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b31d11b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/sfile-favicon.png
104.26.4.191200 OK 1.6 kB URL GET HTTP/2 sfile.mobi/icon/sfile-favicon.png
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c95ba8563fa6c88c0a431fc97b8175b
52d10299240136ff498c6dae3847662f9953d150
3438b8c9e88b10b9ea2cd353929ab4d345d679a842313c78123b25c290bb7902
GET /icon/sfile-favicon.png HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l; _ga=GA1.2.63454442.1684853968; _gid=GA1.2.1699373595.1684853968; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:28 GMT
content-type: image/png
content-length: 1626
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2055, status=vary_header_present
etag: "807-554f42e2ce1c0"
expires: Sat, 17 Jun 2023 04:30:46 GMT
last-modified: Sun, 23 Jul 2017 04:03:27 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: DENY
cf-cache-status: HIT
age: 469722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6985ZZpgb%2FeZ%2Fw3fCls6wCRITkfy2W8g8SRQFoYu4%2BbapWAomwBQKnACrs6P2iEtKPg3eqfyAQcZp3F4Ii6KHVkzfMjyaTLGqgxafhhvnFKfQ71296QB14V0Qg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b75c91b524-OSL
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/ehi.svg
104.26.4.191200 OK 1.4 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/ehi.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1482), with no line terminators
Hash 72ad048c90ae60b0ef9c2f909269e44a
b713246f9b1454c586c1f597e785ae6e228fd50f
de44b6e41b9d35b46cc8ee0b59238b92f70e9c1b83a19fa2889e3d002d7b05e6
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/ehi.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 06:12:11 GMT
etag: W/"594-554f5fa8fc4c0-gzip"
cache-control: max-age=604800
expires: Sat, 27 May 2023 10:10:13 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 276554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FY8ZWPTNZTx6tyFI%2BPzxDfhagmZcCSqgWeDJcUaj%2Frg6zOIFymRQyWMF%2FeJLXBNwZWGoY4VvuB5VF3R5uVDQHj94gPSJyA9iNzqZ%2Bn47gSHE%2BpsvE5PozqyD0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b31d17b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/pdf.svg
104.26.4.191200 OK 3.8 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/pdf.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4012), with no line terminators
Hash c3ea2f5d05f1cee5b5eb682b857d60f8
e94c3cd5bf277347cb001d1c5a8adde1097680f6
f93b9eedc014232e9248901f341e95901999b9a9aaa8ffab90bbdd7decb46a6d
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/pdf.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 04:55:06 GMT
etag: W/"ea8-554f4e6e3de80-gzip"
cache-control: max-age=604800
expires: Sun, 28 May 2023 02:44:12 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 216915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zodBruzcIhUpT5OuLSnM3dAprS8t3gkckr68%2BkB5b5Y6%2BlS32n7zs2MkLzZFi4U3M0g0%2Bswh7i4KdxjNc6s614a9dAgu%2Fv9jZ%2FSJ8en7HPlwQHinRCPuh%2BNlIUw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b33d32b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/npv4.svg
104.26.4.191200 OK 1.7 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/npv4.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1816), with no line terminators
Hash c22256205cc3d0d09276e1bd374f9c98
5d0bb88215bd5d666284af22f995d304e4e9e677
64e21fce1bdd5e9475b77480999e44c238ba3157349f4f2dba1033911ec52a1b
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/npv4.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Jun 2021 01:54:25 GMT
etag: W/"6a8-5c5652fa0f640-gzip"
cache-control: max-age=604800
expires: Sat, 27 May 2023 16:15:25 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 254642
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AmtxSA4ijpvvbcPnFOI54QmHowvhf3oJGb9BbuLhr5zseYshfEU8lkV35gF1mLESnCn%2BBv0aSzMxyRFPAoHvuTGT2bQdkZwsBNivv0j0DXmYXU31b0%2BSdI0%2Brs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b33d33b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/txt.svg
104.26.4.191200 OK 3.2 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/txt.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3461), with no line terminators
Hash 5d69bea6e596b46c47d4c48fa425cfe3
25ddd704f96d8704def4ba8faa0ca60d965ebdb4
b3355fc50d12aa158b37b16cd715a47517f45a4a521072990baf63a306e5569d
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/txt.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 04:35:21 GMT
etag: W/"c81-554f4a0423440-gzip"
cache-control: max-age=604800
expires: Thu, 25 May 2023 04:30:57 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 469710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2idowvev3dB66e%2BNIda54ZTI%2BWBV%2Fwm9T3xS8t6b%2F7bSwsurhJaeV7eIgidboyEnbE4ATdKlQZI6W%2BHyD3L8gkL6ynwe4iFIT9X23SJ8u3VMwfw%2BoGGR3Uxy5ik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b2fcefb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/hc.svg
104.26.4.191200 OK 1.9 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/hc.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2012), with no line terminators
Hash ac183bad8a9dbea7038a83b440a985dd
eac21265d4d46cd44cd2b73efdc1c12e5af9d173
62d431a9b2d8a25f68461812168eb6a82ddc27246de49e73246d215b2a431aba
Analyzer Verdict Alert fortinet Malware
GET /icon/smallicon/hc.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Sep 2020 16:11:11 GMT
etag: W/"77a-5aebb7786e5c0-gzip"
cache-control: max-age=604800
expires: Fri, 26 May 2023 14:10:12 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 348555
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9k42wpDVPmzJ7%2BXYkcx4PYju6J4AxHbB6DVs%2Bu7Pmrlpwsock8YRTcA3E4Cjo5hiaLZbLDVg4xIKTAQ8txO4CPEsRVhsSoraF2%2B21rIyGvDB4%2FGwk32%2BonG3veU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b31d0fb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.4.191200 OK 12 kB URL GET HTTP/2 sfile.mobi/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 14:45:11 GMT
etag: W/"64678b77-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUBG1VC1eIIYXdsr0GzJPceMNMYR8zA2OMVEbj4PXmwPq5qQQ0yFxfjs6GhV292museJKvStN024N6gvYw6bI2t13LBon7kxc4z4CeWEgcxzv%2FvLLoaQtWQfCQU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cbe29b33d39b524-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 25 May 2023 14:59:27 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
104.26.4.191200 OK 31 kB URL User Request GET HTTP/2 IP 104.26.4.191:443
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (560), with CRLF, LF line terminators
Hash 3cf3e571786c394b78be731bcdfdf763
db58088f8b21d7a4d8aea25a442fb310b89f1950
50a5e51f057401b38349b518d32c4fbea51b702af44c35195eca52c009021239
GET /bqlTsgRIpG7 HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: _v903771=1; expires=Wed, 24-May-2023 14:59:26 GMT; Max-Age=86400; path=/bqlTsgRIpG7
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrFaZGXfZnqi0kekBy%2Bk9Dz3LNu0ZVMV2VoIIO5YNhHj77DUl9IexjKYPwbaOtjeb5BvRWczWHYhT3p6miv9W4O9jbJnknnwiJoNnI22tLI9Sz1n%2FZEhFS385PU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29abaa03b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/zip.svg
104.26.4.191200 OK 1.4 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/zip.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1469), with no line terminators
Hash 1766e29f1b51b1f95a18b065891acf1a
1dbfed323277454a85e07f1551f597f417eb327f
2d4cb3291842bc114daa8275fe40887ab2be63ea379a5b0fb9c4b64e3996e079
GET /icon/smallicon/zip.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 04:57:43 GMT
etag: W/"5a3-554f4f03f7fc0-gzip"
cache-control: max-age=604800
expires: Thu, 25 May 2023 04:30:49 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 469718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQyvPFHy3n%2BjGjFmK8yqJrsEy86k%2F4vUwSmCR%2BUGBn24k7ROboEuBlC2fB8g2ag4seyaYVRKoXFzWDhDPgfGJOL2mtoIuXvhvEBY655fYjRY06bZPn7CSbIXtI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b2ecc9b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/icon/smallicon/ovpn.svg
104.26.4.191200 OK 1.4 kB URL GET HTTP/2 sfile.mobi/icon/smallicon/ovpn.svg
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1499), with no line terminators
Hash b313458730673e3403bf7c6c15da73f6
7372b8ef80df8ff0059d58d1d60736f6a09db483
53410d309afe4598048220e6196a5e58cae78d775d3b20a7900293fca3bf4547
GET /icon/smallicon/ovpn.svg HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:27 GMT
content-type: image/svg+xml
last-modified: Sun, 23 Jul 2017 06:17:09 GMT
etag: W/"5a3-554f60c52e340-gzip"
cache-control: max-age=604800
expires: Sat, 27 May 2023 18:47:40 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 245507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoYZpDtFTJJimnOOFu93ffDfoBfnX9lGd6Gjo6PQfmpDjWaC0WhA6YZ7MovL%2FRlvJRIyy8rYSoT42jo8wUwbr8lp9bk6eheTooAeDHwoWEWdEE2zBoYdqe2ov9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b31d15b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
sfile.mobi/includes/analytics.js
104.26.4.191200 OK 52 kB URL GET HTTP/2 sfile.mobi/includes/analytics.js
IP 104.26.4.191:443
Requested by https://sfile.mobi/bqlTsgRIpG7
Certificate IssuerGoogle Trust Services LLC
Subject*.sfile.mobi
FingerprintF6:1C:B1:63:3E:E2:BB:F0:B1:32:47:74:FD:1D:2A:46:B9:B4:9F:2D
ValiditySat, 01 Apr 2023 08:04:46 GMT - Fri, 30 Jun 2023 08:04:45 GMT
File type ASCII text, with very long lines (12884)
Hash 11f11a9177192e579d9f8d01b4470eb0
06363e5e8104cf124851cb6f9acf8e17ab0fa8ae
c02c34250922dff564644356dfca5559876b0e08323e4ff81f42ffcdb321cef0
GET /includes/analytics.js HTTP/1.1
Host: sfile.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sfile.mobi/bqlTsgRIpG7
Cookie: PHPSESSID=nm7f3oi2mb7v5ohcl06s60r90l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 14:59:28 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=52082
etag: W/"cb72-5fc4c0a2c0cec-gzip"
expires: Mon, 29 May 2023 22:06:57 GMT
last-modified: Mon, 22 May 2023 18:00:01 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
cf-cache-status: HIT
age: 60751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV7rfqORiZaJQUQ2dMCsjShSwyray6zVtfAoKsbP9G3RjgSerGuyjC5H5eadjkL3VhT1C7ERNywcm%2FdYJbXJsGWW3FUCX6acR%2BlWhYbHuHWryz%2BE%2B3BVxDezMcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbe29b67b57b524-OSL
content-encoding: br
X-Firefox-Spdy: h2