IP104.18.15.101:0
Hash634821758833625857c13bb16934fc2e 67b4a01580e62f774e7bc237bcad7bcdf6ab86b5 f61c79e94b9a45eb9b36e184894fedea51861b7a57cfbeaea7c809e1c7dbd3a8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 22:19:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 00:32:26 GMT
Expires: Sun, 04 Jun 2023 00:32:25 GMT
Etag: "67b4a01580e62f774e7bc237bcad7bcdf6ab86b5"
Cache-Control: max-age=526470,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ce9e0e5a9e1b51b-OSL
|
| 42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com/ugd/42502d_1c92cfc584cd466fbe1f352e9566105a.txt | 34.102.176.152 | 200 OK | 2.4 kB |
URL User Request GET HTTP/242502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com/ugd/42502d_1c92cfc584cd466fbe1f352e9566105a.txt IP34.102.176.152:443
CertificateIssuerSectigo Limited Subject*.usrfiles.com FingerprintA4:13:5D:EA:AC:2A:0C:0F:5B:A1:EA:A5:61:47:45:B1:E4:B3:D3:78 ValiditySat, 25 Feb 2023 00:00:00 GMT - Thu, 24 Aug 2023 23:59:59 GMT
File typeXML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (2088), with CRLF line terminators Hashc90b31d5808920b18ea943da493719b6 26005d1b84393e0dbee69d28e4578a2bb3f1e0c9 c7dbbce74d7786826284ca764da87840797978cb8ebbd2846b957e1faa1bedaf
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /ugd/42502d_1c92cfc584cd466fbe1f352e9566105a.txt HTTP/1.1
Host: 42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 28 May 2023 22:19:19 GMT
content-type: text/plain
content-length: 2423
expires: Sun, 28 May 2023 23:19:19 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Fri, 09 Sep 2022 01:19:00 GMT
etag: "c90b31d5808920b18ea943da493719b6"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-84588bb8-4s2xm
x-robots-tag: noindex, nofollow
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
IP104.18.15.101:0
Hash634821758833625857c13bb16934fc2e 67b4a01580e62f774e7bc237bcad7bcdf6ab86b5 f61c79e94b9a45eb9b36e184894fedea51861b7a57cfbeaea7c809e1c7dbd3a8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 22:19:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 00:32:26 GMT
Expires: Sun, 04 Jun 2023 00:32:25 GMT
Etag: "67b4a01580e62f774e7bc237bcad7bcdf6ab86b5"
Cache-Control: max-age=527154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ce9e0e7da68fab8-OSL
|
| 42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com/favicon.ico | 34.102.176.152 | 403 Forbidden | 9 B |
URL GET HTTP/342502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com/favicon.ico IP34.102.176.152:443
Requested byhttps://42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com/ugd/42502d_1c92cfc584cd466fbe1f352e9566105a.txt CertificateIssuerSectigo Limited Subject*.usrfiles.com FingerprintA4:13:5D:EA:AC:2A:0C:0F:5B:A1:EA:A5:61:47:45:B1:E4:B3:D3:78 ValiditySat, 25 Feb 2023 00:00:00 GMT - Thu, 24 Aug 2023 23:59:59 GMT
File typeASCII text, with no line terminators Hash722969577a96ca3953e84e3d949dee81 3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /favicon.ico HTTP/1.1
Host: 42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles.com/ugd/42502d_1c92cfc584cd466fbe1f352e9566105a.txt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
server: openresty/1.21.4.1
date: Sun, 28 May 2023 22:19:19 GMT
content-type: text/plain
content-length: 9
access-control-allow-origin: *
cache-control: no-cache, private, must-revalidate, proxy-revalidate, no-store
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-84588bb8-vfll5
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|