ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
104.26.0.12301 Moved Permanently 0 B URL HTTP/1.1 ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
IP 104.26.0.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Oct 2022 18:26:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 03 Oct 2022 19:26:56 GMT
Location: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjoxDmkluMwEPlvM1nJPMsKsBNkchP%2F1pu3xpnee3IA6z9u91L6B1D5xlQt4TYIc4XgXTBv12OV5uMttHXMxDyvfLdpSQPD2I%2FFPkx8VyOdD6gkHTrSEMnS9TdUM4BOm8%2BM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547ba9d8bf91bfa-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 17:29:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RJiol7eUAwh2a6sCZx6oggD1C9Ng1dBA5Y3YEGkM7VLM9r_aOl03QA==
Age: 3437
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6282
Expires: Mon, 03 Oct 2022 20:11:38 GMT
Date: Mon, 03 Oct 2022 18:26:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Kvr2e5ndIZ5N1HHP-0leBB6ak1I7papNZNzflQJEPU7KPaXb_i471Q==
age: 46709
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:26:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 17:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 18:14:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 04BwMR1uUyiyRiOw7-zSo8w-M2U6JdOLwX9MXt3Ft3CZjrVEZMObFg==
Age: 3443
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4103
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:57 GMT
Last-Modified: Mon, 03 Oct 2022 17:18:34 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bpe89Si+D2DUzVIQM/LxXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NIcaE17hd1EkG7blhdGJaiBwkgk=
secufiles.com/themes/spirit/assets/images/logo/logo.png
172.67.69.122200 OK 60 kB URL HTTP/2 secufiles.com/themes/spirit/assets/images/logo/logo.png
IP 172.67.69.122:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fb6e69180aafd9e721b4d1f175893ab3
6b7d8c714d828cca3d8b445f5abdd2c6344ae866
0c4a024b24487ff81e3060a68ee990f2d9f01b711fbfe270e2dd7db5bb23cedd
GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: image/webp
content-length: 60438
cache-control: max-age=2678400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=146490
content-disposition: inline; filename="logo.webp"
vary: Accept
etag: "60d2b87c-23c3a"
expires: Sat, 29 Oct 2022 03:48:50 GMT
last-modified: Wed, 23 Jun 2021 04:28:44 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 398288
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVdYH2S5GA95wWJ1zifjuAqqy%2FMqGqnJFX0zJsiapoeO6Dex%2BFpf7rfodI5PrfIOQre9gMR1yxSy9j6N5JeZSmBt%2BmThRieb1BEdzhW%2BGoZvile2ozNIxM5XBI%2Fx4ak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7547baabdd030b45-OSL
X-Firefox-Spdy: h2
secufiles.com/themes/spirit/assets/images/logo/logo-whitebg.png
172.67.69.122200 OK 60 kB URL HTTP/2 secufiles.com/themes/spirit/assets/images/logo/logo-whitebg.png
IP 172.67.69.122:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fb6e69180aafd9e721b4d1f175893ab3
6b7d8c714d828cca3d8b445f5abdd2c6344ae866
0c4a024b24487ff81e3060a68ee990f2d9f01b711fbfe270e2dd7db5bb23cedd
GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: image/webp
content-length: 60438
cache-control: max-age=2678400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=146490
content-disposition: inline; filename="logo-whitebg.webp"
vary: Accept
etag: "60d2b897-23c3a"
expires: Sat, 29 Oct 2022 03:52:55 GMT
last-modified: Wed, 23 Jun 2021 04:29:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 398043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mppAJy5i3umCIvKvCtuaFapPM95Hlin5nylaTlzvRXOtvpIzkpPPfA5kkFG8192eTzijdK6GhmgL5UmXQKmWcxoFLrwgIyfNiRzPpl4j%2Fy4G%2BDJCVLY%2FQy2QaEkJhr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7547baabdd000b45-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-FM4ZS09GQ6
142.250.74.168200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-FM4ZS09GQ6
IP 142.250.74.168:0
File type ASCII text, with very long lines (18966)
Hash 2b224ff1b6e8f1f27a0e1a4e63ccdb8f
3c412111d89f08952fd7c3c01de8bb51d6297d57
092893aa18db9f739140312a754a47892077e1dd3c0c66f371a9c7d4776b3387
GET /gtag/js?id=G-FM4ZS09GQ6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 03 Oct 2022 18:26:58 GMT
expires: Mon, 03 Oct 2022 18:26:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Mon, 03 Oct 2022 20:02:40 GMT
Date: Mon, 03 Oct 2022 18:26:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Mon, 03 Oct 2022 20:02:40 GMT
Date: Mon, 03 Oct 2022 18:26:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Mon, 03 Oct 2022 20:02:40 GMT
Date: Mon, 03 Oct 2022 18:26:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 16:41:17 GMT
age: 6341
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 74422
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed17699f6b123b33b8df416b23c4cac
36458cca636c4ffc873df8acd254ff726b1a9544
65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DZ6ZMlje50ktV6_cABRx3fr4Dke7Z2UhNhBDi1aCK00kRPTlnG691A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 03:36:14 GMT
age: 53444
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 74422
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 49447
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 73720
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/images/flags/us.png
172.67.69.122200 OK 609 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/images/flags/us.png
IP 172.67.69.122:0
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
GET /themes/spirit/assets/images/flags/us.png HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: image/png
content-length: 609
last-modified: Sun, 18 Oct 2020 02:16:22 GMT
etag: "5f8ba576-261"
expires: Wed, 02 Nov 2022 18:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUjmtG5LV9rRfCSLI8bkfeltNiswvGhxqQIYe2Q7JQgoKK9jctvwnMmgUENXH0eTFL8HcQL5FucVp%2FM7zR%2B8vlMWjfn2XuuaI3xmAX7AxVvm%2BmB%2BJuJrDQ85Y3i5HZmlC9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabdcf70b45-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ab.secufiles.com/themes/spirit/assets/frontend/css/lightbox.min.css
172.67.69.122200 OK 1.4 kB URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/lightbox.min.css
IP 172.67.69.122:0
Hash 2688fc06a4f4aab7bc51c6fbb479b160
4023a87a742bd413d733bcd8a009d9111d0e4ec7
7b1da9c509c7e253387310afd3622e40f49149caace5684cd4ecf878501f7c70
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:46 GMT
etag: W/"5f71ac56-e54"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6NFObCguwJsGHf9t1c%2BVmnDfrL5C8Pq42i1vd1KTsCAxoDg1hsxqt50OgoscZWU2HLt9Qv2B2gvTAe%2B%2FwRDOg%2Fzg3rfV%2BapEifHTDAIvWDAcfrQM0JjhB%2BLKQHKBxw5hv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce30b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
172.67.69.122200 OK 20 kB URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP 172.67.69.122:0
File type ASCII text, with very long lines (768)
Hash 67fbf806241e8a4e57730e5926c61280
30e98f409264a88c7ab639cb8ad3fbfb18f8a166
9955972e748cba87b273baeb00251af097a19f9dafc6d0cc62efb728bc071101
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-10fe4"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueQMEzPGDmfXEfsUY47XwmX%2BhCOhDy5FyZO1w4xKM6KpLJ0aoW8aLeucOu0TfDqJ8L3VFQfHWgcbWUd9J8olgbjD7ETu0b%2BhtZRHYkTy3BvXNfETnkJJEK%2FHzNhlQYvrEGc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabdd040b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 227885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 19:07:15 GMT
expires: Tue, 26 Sep 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 602385
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ab.secufiles.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
172.67.69.122200 OK 4.3 kB URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP 172.67.69.122:0
File type Web Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data
Hash ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ab.secufiles.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: font/woff2
content-length: 4292
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: "5f71ac54-10c4"
strict-transport-security: max-age=31536000
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LAIRGhrBxDOxuOLx8TpddHJHlMzxc8DFYjn492fXhhiu7EHE5jo5A9RkdYayMn7l23AjPCx5GANo54TyzCnFqU65yroC1ePazbEPDDK9efQucOCibrSSub8cnzZXQwcf%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547bab7eb160b45-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 03 Oct 2022 16:41:09 GMT
expires: Mon, 03 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 6351
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830
142.250.74.34200 OK 54 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830
IP 142.250.74.34:0
File type ASCII text, with very long lines (2910)
Hash d5585f695d53e8caa5a426cca33c5feb
9a8f136f14f728b35b5e7d51087458e1b9e3328d
2abbdddfd979318cfba11a8c0d71dedc6d96ad8c6e2ea43b2ba14d03eef07c1c
GET /pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Mon, 03 Oct 2022 18:27:00 GMT
expires: Mon, 03 Oct 2022 18:27:00 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9370470003298456993
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=1091623537&t=pageview&_s=1&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&ul=en-us&de=UTF-8&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAAC~&jid=706017520&gjid=1980129913&cid=1451232549.1664821621&tid=UA-48911416-1&_gid=1352786026.1664821621&_r=1&_slc=1&z=554486846
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=1091623537&t=pageview&_s=1&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&ul=en-us&de=UTF-8&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAAC~&jid=706017520&gjid=1980129913&cid=1451232549.1664821621&tid=UA-48911416-1&_gid=1352786026.1664821621&_r=1&_slc=1&z=554486846
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j97&a=1091623537&t=pageview&_s=1&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&ul=en-us&de=UTF-8&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAAC~&jid=706017520&gjid=1980129913&cid=1451232549.1664821621&tid=UA-48911416-1&_gid=1352786026.1664821621&_r=1&_slc=1&z=554486846 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://ab.secufiles.com
date: Mon, 03 Oct 2022 18:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220928/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sun, 02 Oct 2022 23:24:33 GMT
expires: Sun, 16 Oct 2022 23:24:33 GMT
cache-control: public, max-age=1209600
age: 68548
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
172.67.69.122200 OK 5.0 kB URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP 172.67.69.122:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66; _ga_FM4ZS09GQ6=GS1.1.1664821620.1.0.1664821620.0.0.0; _ga=GA1.1.1451232549.1664821621
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:01 GMT
content-type: image/png
content-length: 5016
last-modified: Mon, 28 Sep 2020 09:26:42 GMT
etag: "5f71ac52-1398"
expires: Wed, 02 Nov 2022 18:27:01 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUBJgZt6DSw5ln0LT%2Br7eOlFL2x6Jy4Hoy13E1sp%2BGPYP6tGOEsScUpcp22oai8Nln%2FNcXBlh1w3us1dIjsy0nOKcCG6PtEsrykn2Xz2W3wbJvQUgSSc0lqX3G8PQMtGG00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baba7e030b45-OSL
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&gjid=1980129913&_gid=1352786026.1664821621&_u=IADAAEAAAAAAAC~&z=1144306431
74.125.131.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&gjid=1980129913&_gid=1352786026.1664821621&_u=IADAAEAAAAAAAC~&z=1144306431
IP 74.125.131.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&gjid=1980129913&_gid=1352786026.1664821621&_u=IADAAEAAAAAAAC~&z=1144306431 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ab.secufiles.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-FM4ZS09GQ6>m=2oe9s0&_p=1091623537&cid=1451232549.1664821621&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664821620&sct=1&seg=0&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FM4ZS09GQ6>m=2oe9s0&_p=1091623537&cid=1451232549.1664821621&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664821620&sct=1&seg=0&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FM4ZS09GQ6>m=2oe9s0&_p=1091623537&cid=1451232549.1664821621&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664821620&sct=1&seg=0&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://ab.secufiles.com
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
172.67.69.122200 OK 447 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP 172.67.69.122:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66; _ga_FM4ZS09GQ6=GS1.1.1664821620.1.0.1664821620.0.0.0; _ga=GA1.1.1451232549.1664821621
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:01 GMT
content-type: image/png
content-length: 447
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: "5f71ac50-1bf"
expires: Wed, 02 Nov 2022 18:27:01 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugtVjuA9iTbsCyIOhvHCKS19UKMdvMYI9ZQiIrCFR6VK3OYN88Q2Avgq5k0v%2F0tp4Aq5KokyziKMM6d0xr8l2vDvI0p%2BuOWqF49iTWjnxd4wu7%2Bma2X9xqbWtm0eznE1A5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baba7e050b45-OSL
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
172.67.69.122200 OK 80 kB URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP 172.67.69.122:0
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Hash c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ab.secufiles.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:01 GMT
content-type: font/woff2
content-length: 80148
last-modified: Mon, 28 Sep 2020 09:26:42 GMT
etag: "5f71ac52-13914"
strict-transport-security: max-age=31536000
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lcSswa3vfKfgIbDlfK9CPa54mtwRYqa6w6acBAqILhQhiDhGrAhUjI6gM2JEkPqc4wKe0nt6wfCxlQ0qJD9HWESap7uD4qPUi9cJLfPa6t81k2DgdtbBBnQ4Ug9kzQNhkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547bab81b480b45-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.195200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 20:36:08 GMT
expires: Fri, 29 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 337853
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP 142.250.74.10:0
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:26:58 GMT
date: Mon, 03 Oct 2022 18:26:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/granim.min.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/granim.min.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-298a"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUa6KOsV04F90uCqesl2Rnfa77XcQtmmVQY7mogv0D0Gd%2FoSMxCaHjIV7nK44PprP4fROTjGh3vmvIzSFcI%2B%2Btig%2FK%2F4jvaoDDs9t5IQMzUud9snBqtYlt%2B4ta6ejV9qZMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd260b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/font-awesome.min.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/font-awesome.min.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-e6eb"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e9sekIFfGZegLCuQO2SO%2FLy2s9XhmT0%2F%2BOJf2VBlFpFX1BOxyVesfqf6FeXBQ6epg9rWLeAA3SOgRw4FIkKerv3jNNLEAsGkalQxJNF%2FDoQeTsQgO3WhXRPtjLhUtKRLrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccee0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
fundingchoicesmessages.google.com/i/ca-pub-9744707857658830?ers=2
142.250.74.46200 OK 0 B URL HTTP/2 fundingchoicesmessages.google.com/i/ca-pub-9744707857658830?ers=2
IP 142.250.74.46:0
GET /i/ca-pub-9744707857658830?ers=2 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Oct 2022 18:27:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-nM7ufc_GtJ90gTeVsDKiJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cloudflareinsights.com/cdn-cgi/rum
104.18.47.230200 OK 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.18.47.230:0
POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 16884
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:02 GMT
server: cloudflare
cf-ray: 7547bac1985e1c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/scripts.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/scripts.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: application/javascript
last-modified: Wed, 14 Oct 2020 11:17:02 GMT
etag: W/"5f86de2e-1b521"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmCBDnCkOc7f1Hkl1sLAND3rDjWOFic4y7BhorKeikUH%2FvGATt4Y5gGkOM%2FncEw6oczIWagUuyPzETEHpXq495gy6hRffUkq14h%2FDr77MmMI4aamvaKz3Wxh%2Fe1DeKvdcKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac0d3e0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/iconsmind.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/iconsmind.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-178bf"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm328JgzWA7saFDZ5TriZR8QcSbpY7MEvM85EQO02bu9ayyeos63ti9hJcMyupbm6DrCogErVohIkaMMEJym56TScFDufiJHxwj49b4SNH6vFPaMFIsPlQIURzpAub3MqXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce60b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac386c1c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.10:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:26:58 GMT
date: Mon, 03 Oct 2022 18:26:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/custom.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/custom.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Tue, 05 Oct 2021 07:46:45 GMT
etag: W/"615c02e5-23f9"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNdY2IFphf%2B2LkzRJd2zDbdQ9Wd609xuCvk82nru%2FD18dqH1hn0DcXo8HNMksxRx1JgJ8gGo1jD41NvthBsF6YzQS%2FsjcDxn2DBVzsIvH0Iwk6UpbEWRK7mZJ2YKNYrWt7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccf00b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/flickity.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/flickity.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-958"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dgXOQOUBzeEbwYoL2uhVOK%2BR1PzcuYuHpuf%2Fz3QTaA7kKw%2FdjjpXcv%2FievkTdRmbYe7zhdOJz0%2Bzz9fQzcbYmLjxfI1HaN2lKJHxJet2ac%2FWHdwlmP3qWdUdO2XtqxVKYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce50b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/cookiealert.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/cookiealert.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-72c"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBWPwPKaYXuvuDWAC1gxwXYi1NyuK%2B2GN%2BZUN7IrxA3BmTksTDL%2FWqCi%2FcbWYEjYC79inEL3zG%2Boi7qdMgfZWeTZgbjBXV0LyoWltZxHUAb7UnCi6XEEoufR%2ByxDAq5DJNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac0d410b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-1776"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COUdFfVexFpBNU82IbjG1EM94EKZK4YAmRhNvvI3FamhiK3l%2BIuvHNi6LPQzz5G7p25oTWXEiz0O6knQBIwGtFym8O6o7VDFCkHIJSxbFnKR6rQhZc2qGI%2FurY2eRC2pEqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd2a0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/datepicker.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/datepicker.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-51ef"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPe7MrE3fDxNXeXo8DiH376M63m5ucPLyREVTeCleRkgkuE0fZnWFNV6g6gTkrUclYOL0Dr5gXibEUWVARKClgDo%2FPmYObYuQz%2F4%2FbM88cNmnLDqXS7t19fHcPQynG2x25o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabed0b0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/jquery.steps.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/jquery.steps.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-1606"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ruw3tCANAUhD6hQX7WNtzX%2BO%2Bcg8ZSXECe0ArGo%2FxQhlG%2BDxLet1uX6PerEa7YAoTF72GvcEZ%2BSF4PO9mDQbGcpNzzAGm%2FZfi%2FiGkLIWsVULHrinDI4Kkf8ZCU8MSbi84SQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce80b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-3621"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FWNMtMaY9VVd8V%2BXcNQWhc09fP9%2F4WnH%2BzbK9r%2FU6D4VzIzK%2FP5%2BTp%2BuaMt09%2BnYnbhZGzH6Xzr75nVgk%2FrOhMwzjaw9rOwBrSYLy%2FWiqdzHjULbiLXIxBxVWNGkvUBsw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd280b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/bootstrap.min.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/bootstrap.min.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-12c75"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yp3PXSkkz%2F7rhKbeafswQNQXprNiK92j4fvh7g5HgAr7XU91RlgGRKvTeLi%2BXaNsU3x3%2B7sQw8frTrvjqn12%2FVc9188u3pq0Vy9Pnvs9utR55imYQ1aXWRbRMsGMbiUnms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccdc0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/stack-interface.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/stack-interface.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-c0a"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCXkpAs6fqQCuGmN%2FCfEhbv3jIkqn7hMcsCMYUBZBQ9WcDMMjU9bzGFQbECpbGtFjC2fHp1bu%2BVhO6SXrEYA5P3A5zgv92cfNRE8MQ%2FQlAxa6tH%2B296%2FKPJA%2FsT6NCrh%2BtA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccdd0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/socicon.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/socicon.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-2443"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYwxwdUS4%2FlewZW7tduuWFFAr4jo0cRfwvZ3xtzya6XOX1lkMKuuLRd%2BlhJu1AqR9ZEljdLJxpJ61WDo%2F%2Behk4QnhVWiZ2NMgS4%2Bruj%2FapNLd7W9KybNlm6fJj7kybow724%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce00b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/countdown.min.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/countdown.min.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-14db"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcQKBiHbQmfdoycmU%2BHe64b9%2Fhf1sEh%2F9x%2BfYQey9C8dE2DeZFwgzpG8Ayf6iR%2B2ZCuZBkqkg3o7CGRgKjgaAtagXGohZwVhKXH8E8wqRv97gYnzD4YhpR6jtn4p09D3vJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd290b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
cloudflareinsights.com/cdn-cgi/rum
104.18.47.230200 OK 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.18.47.230:0
OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ab.secufiles.com/
Origin: https://ab.secufiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:05 GMT
content-type: text/plain
access-control-allow-origin: https://ab.secufiles.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7547bad60e851c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js
104.18.47.230200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js
IP 104.18.47.230:0
GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac3f400b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/typed.min.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/typed.min.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-f6d"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6v94fQsQsCfzX7ZJ6pzxT4wZJfonrsLLhHgAZCeCGZ89AYK%2BW3u4ceZYG8a06%2BqDP7Q5eRr3zInIUZP%2B3QobX7rxisdtu%2FnN%2FEljTWVUNr%2BvnbjUuYJKQuqtcGh%2FpffGM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabed0a0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-152b5"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vVI7pZXDq45yGrgga0E8O%2FKy2mn%2BPdvxfp4nUkO6hjPaDVH9SoZ8pH3pxrU%2FGY7WUJUMR0KYfN%2Fv2%2FbSPp%2F%2B%2FOv6OW%2Bnj3TnI0Syyr8C6%2F5q5DvPL70RvQF7%2FbQuBWXkYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabdcff0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/theme.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/theme.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-301d8"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lawLQj7aeQK3Cj8YWR%2FvLaM%2B34p%2F%2FL8BD%2BmWJ1B4LKYkH1uI8%2B14da5VvuZYaX0D504F3mh2nqjXWu2Nm9OpPRHV9zB%2BOOgtgTc29Gi2v6KNtR6tr0jhNIxML8n199B0x78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcced0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
IP 172.67.69.122:0
GET /7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
set-cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66; expires=Mon, 10-Oct-2022 18:26:57 GMT; Max-Age=604800; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udE%2FKzo5Zmd%2BkO5a59kMAQGtFRWdCusE2SQvtCXBngmFjBpCf1sPa8z3ih6NeWy4ZTAFGcO2M%2BYxZvSon13wryAtdCK86FjI0WEeZVK3NypFaXagfCMUJ%2Bubwr5Ap8NhS9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547ba9f8ef00b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/css/cookiealert.css
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/css/cookiealert.css
IP 172.67.69.122:0
GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-3051"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQO4zj6U0aCJi3%2FQCSbVhowDvSEWfLstNT7vMdhOUCGLc5oUfplrLw39x2aiiGt7nJrQET0qDi%2BuDrubFIt4Dp4cl36K9dGHv19CtMGo%2F7RwpX3DoLgNZUY%2BYoT4oi9Lmsg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce90b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ab.secufiles.com/themes/spirit/assets/frontend/js/flickity.min.js
172.67.69.122200 OK 0 B URL HTTP/2 ab.secufiles.com/themes/spirit/assets/frontend/js/flickity.min.js
IP 172.67.69.122:0
Analyzer Verdict Alert fortinet Malware
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-d265"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkZdxT16Zv%2Bp82GXC4onLBeDCvbpexiDx22G%2FBNZi8CE%2F7LU21trfj0Y2WQ1ij5bvtLIxLsbnI%2BZZhe8NaoFmWq0cgmH7iY7UUdjrGOfWHdKDM8xi0uZv2%2FpOeFn4uLYPyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabed090b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
cloudflareinsights.com/cdn-cgi/rum
104.18.47.230200 OK 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.18.47.230:0
OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ab.secufiles.com/
Origin: https://ab.secufiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:02 GMT
content-type: text/plain
access-control-allow-origin: https://ab.secufiles.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7547bac1783f1c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2