Report - ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022

Report Overview

Submitted URL
ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
IP
172.67.69.122
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-03 18:27:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	817 B	1.5 kB	142.250.74.10
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	812 B	786 B	104.18.47.230
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
secufiles.com	119371	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	834 B	123 kB	172.67.69.122
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	500 B	694 B	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	501 B	694 B	142.250.74.164
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	194 kB	216.58.207.195
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	726 B	563 B	216.239.32.36
cloudflareinsights.com	84344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.1 kB	104.18.47.230
ab.secufiles.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	134 kB	104.26.0.12
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.225
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	593 B	711 B	74.125.131.156
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	76 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	55 kB	142.250.74.34
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	512 B	5.2 kB	142.250.74.66
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.57.61
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	11 kB	142.250.74.3
fundingchoicesmessages.google.com	2397	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	1.6 kB	142.250.74.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/granim.min.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/scripts.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/cookiealert.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/datepicker.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.steps.min.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/countdown.min.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/typed.min.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	Malware
2022-10-03	medium	ab.secufiles.com/themes/spirit/assets/frontend/js/flickity.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar	153 B	2023-03-07	2023-05-19
Pretty URL ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar IP 104.26.0.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47:38 Last Seen2023-05-19 09:17:40 Times Seen3 Hash a32af200e27f7516d778212d459c2916 be2234fbc3903805ed15498703cadb18e840e7d1 53e5f86891b07cc0846a3e1852ad5e122c69597dcf008a013986459c71157c05 Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/countdown.min.js	5.3 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/countdown.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-10 22:54:47 Times Seen8676 Hash 5d3ff3c3fbaa67cc639501f44eeb07be bd66e4cd58de09c198e7abc77fa4c883955d189e 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-10 22:54:47 Times Seen268245 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/scripts.js	112 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/scripts.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47:38 Last Seen2024-05-10 22:54:47 Times Seen5521 Hash ccd6c308b2b8e36ae154d7bacea4240d f7d2f7195150771246dd599dbb4ff3bc2f0f2179 fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0 Loading...

	ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar	44 B	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar IP 104.26.0.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-10 22:54:47 Times Seen3045 Hash 21d884540875fb4d2b8f280c541d092c 9f2a58bb4ff1897269b2df54e333ce35d4435b91 8f75c65a00382bae7799a76f3517023df9a72035e9b469e95469b028d4bd0d0a Loading...

	fundingchoicesmessages.google.com/i/ca-pub-9744707857658830?ers=2	108 kB	2023-03-08	2023-03-08
Pretty URL fundingchoicesmessages.google.com/i/ca-pub-9744707857658830?ers=2 IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:12:44 Last Seen2023-03-08 05:12:44 Times Seen1 Hash 90c101d5d9fbd35cdd6945a026636632 9d23b2726383d1a7683f886678bb46ca11532d52 b1369ba67bfd91acdae4418cb0f59d6c43be2fca0fdb2fbd30cda07592f63337 Loading...

	ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar	1.5 kB	2023-03-08	2023-03-08
Pretty URL ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar IP 104.26.0.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:12:44 Last Seen2023-03-08 05:12:44 Times Seen1 Hash 3f7c9487904a12bfcd8e839c57aab0ff a1165fb32231116f1d74a4b8da97f0b1f96255ff 503ede2e66488765502fbf315b136d62ef255a2de6a3768566e3e08bda0cbaee Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/datepicker.js	21 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/datepicker.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-10 22:54:47 Times Seen5854 Hash 8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.steps.min.js	14 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-10 22:54:47 Times Seen5679 Hash 4c5e9f4e84d32b7df69af7420b355e03 14e1e287ec98e8cc0a992ee996783b0c42f9ec0f c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/granim.min.js	11 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/granim.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-10 22:54:47 Times Seen5535 Hash 2c16a9a724563fc0c306abb5bdeb03fe 90c2032537714e66059a3eaa150b93f3c9c80163 997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/typed.min.js	3.9 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/typed.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-10 22:54:47 Times Seen5858 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar	931 B	2023-03-08	2023-03-08
Pretty URL ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar IP 104.26.0.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:12:44 Last Seen2023-03-08 05:12:44 Times Seen1 Hash 292c9bd365ac2a6dc164888215a50eb1 462dd78fbcf27805149de5a969fc7bac3b26c927 3b39ead494ab8f0c4a8990ff9cbe52ceb0b29e8f9beac9b008c5e3175cf069a6 Loading...

	fundingchoicesmessages.google.com/f/AGSKWxUZs-V0kjEleCIMWPIYSlYEUSZD3_cQhplfZ3PJLSRxpLx3576CB3Rtq4k7_ZN2E1EuDHt2GVr0u3BB-Wjv7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0ODIxNjIxLDQ0NjAwMDAwMF0sIkUwMEQ3QzQ0LURFNzktNDVCMy1CMjk4LTI3N0UwOURFMjUwOSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vYWIuc2VjdWZpbGVzLmNvbS83ZTRmZWQyN2Y2MTBhMGUzL3Jpb3QyXyZfZ29lXzIwMjJfcGFzczEyMy5yYXIiLG51bGwsW1s4LCJkaW96OTVnbDhOcyJdLFs5LCJlbi1VUyJdXV0	256 kB	2023-03-08	2023-03-08
Pretty URL fundingchoicesmessages.google.com/f/AGSKWxUZs-V0kjEleCIMWPIYSlYEUSZD3_cQhplfZ3PJLSRxpLx3576CB3Rtq4k7_ZN2E1EuDHt2GVr0u3BB-Wjv7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0ODIxNjIxLDQ0NjAwMDAwMF0sIkUwMEQ3QzQ0LURFNzktNDVCMy1CMjk4LTI3N0UwOURFMjUwOSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vYWIuc2VjdWZpbGVzLmNvbS83ZTRmZWQyN2Y2MTBhMGUzL3Jpb3QyXyZfZ29lXzIwMjJfcGFzczEyMy5yYXIiLG51bGwsW1s4LCJkaW96OTVnbDhOcyJdLFs5LCJlbi1VUyJdXV0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:12:44 Last Seen2023-03-08 05:12:44 Times Seen1 Hash cbc05fd70a82f11fda5404800f25c725 3ef765349f58ba9182474cc2b901c284f5b98e16 9f47d951936d406563998df72e0b4503f864399f19197c2caf99c4da3dce7849 Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/cookiealert.js	1.8 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/cookiealert.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47:38 Last Seen2024-05-10 22:54:47 Times Seen5305 Hash 81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab Loading...

	http:blank	620 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:12:44 Last Seen2023-03-08 05:12:44 Times Seen1 Hash 473d75942d2ff848f46b32e24488441e e2956db6aa57248f0aa82750035defdeab2e6419 abd9a814d7cd2a0bc1190b8418698e3e8ddcb6cdf46a147ff4bbcbe081fb5ac7 Loading...

	googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html	9.8 kB	2023-03-07	2023-03-17
Pretty URL googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:29:04 Last Seen2023-03-17 17:17:05 Times Seen1 Hash c5a01b9bdfc392b3a440c04c25d912a0 9f741a618cc001a197f4fd39dda831059be42db5 e789ddac14d96021d2c048d3428317d12aa8f1a5c326ba957c3792e879982e6f Loading...

	www.googletagmanager.com/gtag/js?id=G-FM4ZS09GQ6	214 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-FM4ZS09GQ6 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:12:44 Last Seen2023-03-08 05:12:44 Times Seen1 Hash 432465fbeb1519d91548ffcb78503fd2 a411d2bb2e0c125a6d47f1eebd9bdf625baee910 31913453776ceb77790e60cbf064d833da3a5eca320b7788b97bc038457f7df9 Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js	6.0 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-10 22:54:47 Times Seen5229 Hash b67e171349c4716dd7bb15c018a2c8c1 60b204148c0eed83b06043897d1cbd54709eab66 8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30 Loading...

	ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar	57 B	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar IP 104.26.0.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-10 21:19:48 Times Seen11045 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9744707857658830&plah=ab.secufiles.com	357 kB	2023-03-08	2023-03-08
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9744707857658830&plah=ab.secufiles.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:38:59 Last Seen2023-03-08 05:12:44 Times Seen1 Hash 63667753df3138c4f4d7af91d71e88c2 2d39ff821e82deec7e8db95c401baa422a36cf24 0489c2078a9cca9928c48cbb40bcc57f23bfb8d58e21e75c570cb80d53026822 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/flickity.min.js	54 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/flickity.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:25 Last Seen2024-05-10 22:54:47 Times Seen5611 Hash 81a84001ccd9bdd589d1b4f187311b15 5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5 5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2 Loading...

	ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar	292 B	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar IP 104.26.0.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-10 22:54:47 Times Seen3146 Hash f6038f840321581380bcf8e68fbec2ed 9c64ca84baabd04b9994597b90882d8ec7158ba2 fc7d223cc022e6a00869dea89642667579b0ca033afb07bb0070c7b7a0fd23c3 Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-05-10
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 104.18.47.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-10 03:15:28 Times Seen1662 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	70 kB	2023-03-07	2024-05-10
Pretty URL ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 172.67.69.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 22:54:47 Times Seen7587 Hash 737f853e9fd6a31d62f5028e88663c9f cf144f2ab49f53a69fbfe10d3588fc23437d2736 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841 Loading...

	ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar	395 B	2023-03-07	2023-05-19
Pretty URL ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar IP 104.26.0.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47:38 Last Seen2023-05-19 09:17:40 Times Seen3 Hash c4a9489fe44a90a092650824c8c86c61 cde0901af07460fb7ae3685926be17b41aeb794b 87440f65d10e2448cd5806da114414e5655a572411863254a582ff8dcc89bc4a Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830	165 kB	2023-03-08	2023-03-08
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:12:44 Last Seen2023-03-08 05:12:44 Times Seen1 Hash 5c156c73925ec626377887ae0ef55f00 16325c638686b3f5c650280cae787d03886898d1 3668a9c73f2435e85769201014cd06fd7b598ff67348dd6854bc3361098bcdab Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

HTTP Transactions (83)

URL IP Response Size

ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar

104.26.0.12

301 Moved Permanently

0 B

URL HTTP/1.1
ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
IP
104.26.0.12:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Oct 2022 18:26:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 03 Oct 2022 19:26:56 GMT
Location: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjoxDmkluMwEPlvM1nJPMsKsBNkchP%2F1pu3xpnee3IA6z9u91L6B1D5xlQt4TYIc4XgXTBv12OV5uMttHXMxDyvfLdpSQPD2I%2FFPkx8VyOdD6gkHTrSEMnS9TdUM4BOm8%2BM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547ba9d8bf91bfa-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 17:29:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RJiol7eUAwh2a6sCZx6oggD1C9Ng1dBA5Y3YEGkM7VLM9r_aOl03QA==
Age: 3437

r3.o.lencr.org/

23.36.76.225

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6282
Expires: Mon, 03 Oct 2022 20:11:38 GMT
Date: Mon, 03 Oct 2022 18:26:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Kvr2e5ndIZ5N1HHP-0leBB6ak1I7papNZNzflQJEPU7KPaXb_i471Q==
age: 46709
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:26:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 17:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 18:14:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 04BwMR1uUyiyRiOw7-zSo8w-M2U6JdOLwX9MXt3Ft3CZjrVEZMObFg==
Age: 3443

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4103
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:57 GMT
Last-Modified: Mon, 03 Oct 2022 17:18:34 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bpe89Si+D2DUzVIQM/LxXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NIcaE17hd1EkG7blhdGJaiBwkgk=

secufiles.com/themes/spirit/assets/images/logo/logo.png

172.67.69.122

200 OK

60 kB

URL HTTP/2
secufiles.com/themes/spirit/assets/images/logo/logo.png
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
60 kB (60438 bytes)
Hash
fb6e69180aafd9e721b4d1f175893ab3
6b7d8c714d828cca3d8b445f5abdd2c6344ae866
0c4a024b24487ff81e3060a68ee990f2d9f01b711fbfe270e2dd7db5bb23cedd

HTTP Headers

GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: image/webp
content-length: 60438
cache-control: max-age=2678400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=146490
content-disposition: inline; filename="logo.webp"
vary: Accept
etag: "60d2b87c-23c3a"
expires: Sat, 29 Oct 2022 03:48:50 GMT
last-modified: Wed, 23 Jun 2021 04:28:44 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 398288
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVdYH2S5GA95wWJ1zifjuAqqy%2FMqGqnJFX0zJsiapoeO6Dex%2BFpf7rfodI5PrfIOQre9gMR1yxSy9j6N5JeZSmBt%2BmThRieb1BEdzhW%2BGoZvile2ozNIxM5XBI%2Fx4ak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7547baabdd030b45-OSL
X-Firefox-Spdy: h2

secufiles.com/themes/spirit/assets/images/logo/logo-whitebg.png

172.67.69.122

200 OK

60 kB

URL HTTP/2
secufiles.com/themes/spirit/assets/images/logo/logo-whitebg.png
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
60 kB (60438 bytes)
Hash
fb6e69180aafd9e721b4d1f175893ab3
6b7d8c714d828cca3d8b445f5abdd2c6344ae866
0c4a024b24487ff81e3060a68ee990f2d9f01b711fbfe270e2dd7db5bb23cedd

HTTP Headers

GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: image/webp
content-length: 60438
cache-control: max-age=2678400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=146490
content-disposition: inline; filename="logo-whitebg.webp"
vary: Accept
etag: "60d2b897-23c3a"
expires: Sat, 29 Oct 2022 03:52:55 GMT
last-modified: Wed, 23 Jun 2021 04:29:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 398043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mppAJy5i3umCIvKvCtuaFapPM95Hlin5nylaTlzvRXOtvpIzkpPPfA5kkFG8192eTzijdK6GhmgL5UmXQKmWcxoFLrwgIyfNiRzPpl4j%2Fy4G%2BDJCVLY%2FQy2QaEkJhr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7547baabdd000b45-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-FM4ZS09GQ6

142.250.74.168

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-FM4ZS09GQ6
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18966)
Size
75 kB (75032 bytes)
Hash
2b224ff1b6e8f1f27a0e1a4e63ccdb8f
3c412111d89f08952fd7c3c01de8bb51d6297d57
092893aa18db9f739140312a754a47892077e1dd3c0c66f371a9c7d4776b3387

HTTP Headers

GET /gtag/js?id=G-FM4ZS09GQ6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 03 Oct 2022 18:26:58 GMT
expires: Mon, 03 Oct 2022 18:26:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.225

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Mon, 03 Oct 2022 20:02:40 GMT
Date: Mon, 03 Oct 2022 18:26:58 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.225

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Mon, 03 Oct 2022 20:02:40 GMT
Date: Mon, 03 Oct 2022 18:26:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.225

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.225:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Mon, 03 Oct 2022 20:02:40 GMT
Date: Mon, 03 Oct 2022 18:26:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 16:41:17 GMT
age: 6341
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8158 bytes)
Hash
721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 74422
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10490 bytes)
Hash
bed17699f6b123b33b8df416b23c4cac
36458cca636c4ffc873df8acd254ff726b1a9544
65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DZ6ZMlje50ktV6_cABRx3fr4Dke7Z2UhNhBDi1aCK00kRPTlnG691A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 03:36:14 GMT
age: 53444
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9083 bytes)
Hash
523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 74422
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 49447
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10839 bytes)
Hash
36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 73720
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/images/flags/us.png

172.67.69.122

200 OK

609 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/images/flags/us.png
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Size
609 B (609 bytes)
Hash
968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

HTTP Headers

GET /themes/spirit/assets/images/flags/us.png HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: image/png
content-length: 609
last-modified: Sun, 18 Oct 2020 02:16:22 GMT
etag: "5f8ba576-261"
expires: Wed, 02 Nov 2022 18:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUjmtG5LV9rRfCSLI8bkfeltNiswvGhxqQIYe2Q7JQgoKK9jctvwnMmgUENXH0eTFL8HcQL5FucVp%2FM7zR%2B8vlMWjfn2XuuaI3xmAX7AxVvm%2BmB%2BJuJrDQ85Y3i5HZmlC9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabdcf70b45-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ab.secufiles.com/themes/spirit/assets/frontend/css/lightbox.min.css

172.67.69.122

200 OK

1.4 kB

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/lightbox.min.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.4 kB (1370 bytes)
Hash
2688fc06a4f4aab7bc51c6fbb479b160
4023a87a742bd413d733bcd8a009d9111d0e4ec7
7b1da9c509c7e253387310afd3622e40f49149caace5684cd4ecf878501f7c70

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:46 GMT
etag: W/"5f71ac56-e54"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6NFObCguwJsGHf9t1c%2BVmnDfrL5C8Pq42i1vd1KTsCAxoDg1hsxqt50OgoscZWU2HLt9Qv2B2gvTAe%2B%2FwRDOg%2Fzg3rfV%2BapEifHTDAIvWDAcfrQM0JjhB%2BLKQHKBxw5hv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce30b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

172.67.69.122

200 OK

20 kB

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (768)
Size
20 kB (20355 bytes)
Hash
67fbf806241e8a4e57730e5926c61280
30e98f409264a88c7ab639cb8ad3fbfb18f8a166
9955972e748cba87b273baeb00251af097a19f9dafc6d0cc62efb728bc071101

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-10fe4"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueQMEzPGDmfXEfsUY47XwmX%2BhCOhDy5FyZO1w4xKM6KpLJ0aoW8aLeucOu0TfDqJ8L3VFQfHWgcbWUd9J8olgbjD7ETu0b%2BhtZRHYkTy3BvXNfETnkJJEK%2FHzNhlQYvrEGc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabdd040b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 227885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

216.58.207.195

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Size
18 kB (17820 bytes)
Hash
3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31

HTTP Headers

GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 19:07:15 GMT
expires: Tue, 26 Sep 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 602385
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ab.secufiles.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

172.67.69.122

200 OK

4.3 kB

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ab.secufiles.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: font/woff2
content-length: 4292
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: "5f71ac54-10c4"
strict-transport-security: max-age=31536000
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LAIRGhrBxDOxuOLx8TpddHJHlMzxc8DFYjn492fXhhiu7EHE5jo5A9RkdYayMn7l23AjPCx5GANo54TyzCnFqU65yroC1ePazbEPDDK9efQucOCibrSSub8cnzZXQwcf%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547bab7eb160b45-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 03 Oct 2022 16:41:09 GMT
expires: Mon, 03 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 6351
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830

142.250.74.34

200 OK

54 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2910)
Size
54 kB (54388 bytes)
Hash
d5585f695d53e8caa5a426cca33c5feb
9a8f136f14f728b35b5e7d51087458e1b9e3328d
2abbdddfd979318cfba11a8c0d71dedc6d96ad8c6e2ea43b2ba14d03eef07c1c

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-9744707857658830 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Mon, 03 Oct 2022 18:27:00 GMT
expires: Mon, 03 Oct 2022 18:27:00 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9370470003298456993
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j97&a=1091623537&t=pageview&_s=1&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&ul=en-us&de=UTF-8&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAAC~&jid=706017520&gjid=1980129913&cid=1451232549.1664821621&tid=UA-48911416-1&_gid=1352786026.1664821621&_r=1&_slc=1&z=554486846

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=1091623537&t=pageview&_s=1&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&ul=en-us&de=UTF-8&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAAC~&jid=706017520&gjid=1980129913&cid=1451232549.1664821621&tid=UA-48911416-1&_gid=1352786026.1664821621&_r=1&_slc=1&z=554486846
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j97&a=1091623537&t=pageview&_s=1&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&ul=en-us&de=UTF-8&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IADAAEABAAAAAC~&jid=706017520&gjid=1980129913&cid=1451232549.1664821621&tid=UA-48911416-1&_gid=1352786026.1664821621&_r=1&_slc=1&z=554486846 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://ab.secufiles.com
date: Mon, 03 Oct 2022 18:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

142.250.74.66

200 OK

4.4 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Size
4.4 kB (4420 bytes)
Hash
682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f

HTTP Headers

GET /pagead/html/r20220928/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sun, 02 Oct 2022 23:24:33 GMT
expires: Sun, 16 Oct 2022 23:24:33 GMT
cache-control: public, max-age=1209600
age: 68548
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

172.67.69.122

200 OK

5.0 kB

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5016 bytes)
Hash
a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66; _ga_FM4ZS09GQ6=GS1.1.1664821620.1.0.1664821620.0.0.0; _ga=GA1.1.1451232549.1664821621
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:01 GMT
content-type: image/png
content-length: 5016
last-modified: Mon, 28 Sep 2020 09:26:42 GMT
etag: "5f71ac52-1398"
expires: Wed, 02 Nov 2022 18:27:01 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUBJgZt6DSw5ln0LT%2Br7eOlFL2x6Jy4Hoy13E1sp%2BGPYP6tGOEsScUpcp22oai8Nln%2FNcXBlh1w3us1dIjsy0nOKcCG6PtEsrykn2Xz2W3wbJvQUgSSc0lqX3G8PQMtGG00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baba7e030b45-OSL
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&gjid=1980129913&_gid=1352786026.1664821621&_u=IADAAEAAAAAAAC~&z=1144306431

74.125.131.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&gjid=1980129913&_gid=1352786026.1664821621&_u=IADAAEAAAAAAAC~&z=1144306431
IP
74.125.131.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&gjid=1980129913&_gid=1352786026.1664821621&_u=IADAAEAAAAAAAC~&z=1144306431 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://ab.secufiles.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-FM4ZS09GQ6&gtm=2oe9s0&_p=1091623537&cid=1451232549.1664821621&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664821620&sct=1&seg=0&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-FM4ZS09GQ6&gtm=2oe9s0&_p=1091623537&cid=1451232549.1664821621&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664821620&sct=1&seg=0&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-FM4ZS09GQ6&gtm=2oe9s0&_p=1091623537&cid=1451232549.1664821621&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664821620&sct=1&seg=0&dl=https%3A%2F%2Fab.secufiles.com%2F7e4fed27f610a0e3%2Friot2_%26_goe_2022_pass123.rar&dt=Riot2_%26_Goe_2022_pass123.rar%20-%20SecuFiles&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://ab.secufiles.com
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48911416-1&cid=1451232549.1664821621&jid=706017520&_u=IADAAEAAAAAAAC~&z=159569023 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 18:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

172.67.69.122

200 OK

447 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
447 B (447 bytes)
Hash
f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66; _ga_FM4ZS09GQ6=GS1.1.1664821620.1.0.1664821620.0.0.0; _ga=GA1.1.1451232549.1664821621
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:01 GMT
content-type: image/png
content-length: 447
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: "5f71ac50-1bf"
expires: Wed, 02 Nov 2022 18:27:01 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugtVjuA9iTbsCyIOhvHCKS19UKMdvMYI9ZQiIrCFR6VK3OYN88Q2Avgq5k0v%2F0tp4Aq5KokyziKMM6d0xr8l2vDvI0p%2BuOWqF49iTWjnxd4wu7%2Bma2X9xqbWtm0eznE1A5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baba7e050b45-OSL
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

172.67.69.122

200 OK

80 kB

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ab.secufiles.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:01 GMT
content-type: font/woff2
content-length: 80148
last-modified: Mon, 28 Sep 2020 09:26:42 GMT
etag: "5f71ac52-13914"
strict-transport-security: max-age=31536000
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lcSswa3vfKfgIbDlfK9CPa54mtwRYqa6w6acBAqILhQhiDhGrAhUjI6gM2JEkPqc4wKe0nt6wfCxlQ0qJD9HWESap7uD4qPUi9cJLfPa6t81k2DgdtbBBnQ4Ug9kzQNhkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547bab81b480b45-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.195

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 20:36:08 GMT
expires: Fri, 29 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 337853
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:26:58 GMT
date: Mon, 03 Oct 2022 18:26:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/granim.min.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/granim.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-298a"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUa6KOsV04F90uCqesl2Rnfa77XcQtmmVQY7mogv0D0Gd%2FoSMxCaHjIV7nK44PprP4fROTjGh3vmvIzSFcI%2B%2Btig%2FK%2F4jvaoDDs9t5IQMzUud9snBqtYlt%2B4ta6ejV9qZMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd260b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/font-awesome.min.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-e6eb"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e9sekIFfGZegLCuQO2SO%2FLy2s9XhmT0%2F%2BOJf2VBlFpFX1BOxyVesfqf6FeXBQ6epg9rWLeAA3SOgRw4FIkKerv3jNNLEAsGkalQxJNF%2FDoQeTsQgO3WhXRPtjLhUtKRLrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccee0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

fundingchoicesmessages.google.com/i/ca-pub-9744707857658830?ers=2

142.250.74.46

200 OK

0 B

URL HTTP/2
fundingchoicesmessages.google.com/i/ca-pub-9744707857658830?ers=2
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i/ca-pub-9744707857658830?ers=2 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Oct 2022 18:27:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-nM7ufc_GtJ90gTeVsDKiJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.18.47.230

200 OK

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.18.47.230:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 16884
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:02 GMT
server: cloudflare
cf-ray: 7547bac1985e1c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/scripts.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/scripts.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: application/javascript
last-modified: Wed, 14 Oct 2020 11:17:02 GMT
etag: W/"5f86de2e-1b521"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmCBDnCkOc7f1Hkl1sLAND3rDjWOFic4y7BhorKeikUH%2FvGATt4Y5gGkOM%2FncEw6oczIWagUuyPzETEHpXq495gy6hRffUkq14h%2FDr77MmMI4aamvaKz3Wxh%2Fe1DeKvdcKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac0d3e0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/iconsmind.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/iconsmind.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-178bf"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm328JgzWA7saFDZ5TriZR8QcSbpY7MEvM85EQO02bu9ayyeos63ti9hJcMyupbm6DrCogErVohIkaMMEJym56TScFDufiJHxwj49b4SNH6vFPaMFIsPlQIURzpAub3MqXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce60b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

104.18.47.230

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
104.18.47.230:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ab.secufiles.com
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac386c1c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:26:58 GMT
date: Mon, 03 Oct 2022 18:26:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/custom.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/custom.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Tue, 05 Oct 2021 07:46:45 GMT
etag: W/"615c02e5-23f9"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNdY2IFphf%2B2LkzRJd2zDbdQ9Wd609xuCvk82nru%2FD18dqH1hn0DcXo8HNMksxRx1JgJ8gGo1jD41NvthBsF6YzQS%2FsjcDxn2DBVzsIvH0Iwk6UpbEWRK7mZJ2YKNYrWt7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccf00b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/flickity.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/flickity.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-958"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dgXOQOUBzeEbwYoL2uhVOK%2BR1PzcuYuHpuf%2Fz3QTaA7kKw%2FdjjpXcv%2FievkTdRmbYe7zhdOJz0%2Bzz9fQzcbYmLjxfI1HaN2lKJHxJet2ac%2FWHdwlmP3qWdUdO2XtqxVKYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce50b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/cookiealert.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/cookiealert.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-72c"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBWPwPKaYXuvuDWAC1gxwXYi1NyuK%2B2GN%2BZUN7IrxA3BmTksTDL%2FWqCi%2FcbWYEjYC79inEL3zG%2Boi7qdMgfZWeTZgbjBXV0LyoWltZxHUAb7UnCi6XEEoufR%2ByxDAq5DJNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac0d410b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-1776"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COUdFfVexFpBNU82IbjG1EM94EKZK4YAmRhNvvI3FamhiK3l%2BIuvHNi6LPQzz5G7p25oTWXEiz0O6knQBIwGtFym8O6o7VDFCkHIJSxbFnKR6rQhZc2qGI%2FurY2eRC2pEqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd2a0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/datepicker.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/datepicker.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-51ef"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPe7MrE3fDxNXeXo8DiH376M63m5ucPLyREVTeCleRkgkuE0fZnWFNV6g6gTkrUclYOL0Dr5gXibEUWVARKClgDo%2FPmYObYuQz%2F4%2FbM88cNmnLDqXS7t19fHcPQynG2x25o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabed0b0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/jquery.steps.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/jquery.steps.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-1606"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ruw3tCANAUhD6hQX7WNtzX%2BO%2Bcg8ZSXECe0ArGo%2FxQhlG%2BDxLet1uX6PerEa7YAoTF72GvcEZ%2BSF4PO9mDQbGcpNzzAGm%2FZfi%2FiGkLIWsVULHrinDI4Kkf8ZCU8MSbi84SQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce80b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.steps.min.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-3621"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FWNMtMaY9VVd8V%2BXcNQWhc09fP9%2F4WnH%2BzbK9r%2FU6D4VzIzK%2FP5%2BTp%2BuaMt09%2BnYnbhZGzH6Xzr75nVgk%2FrOhMwzjaw9rOwBrSYLy%2FWiqdzHjULbiLXIxBxVWNGkvUBsw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd280b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/bootstrap.min.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-12c75"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yp3PXSkkz%2F7rhKbeafswQNQXprNiK92j4fvh7g5HgAr7XU91RlgGRKvTeLi%2BXaNsU3x3%2B7sQw8frTrvjqn12%2FVc9188u3pq0Vy9Pnvs9utR55imYQ1aXWRbRMsGMbiUnms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccdc0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/stack-interface.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/stack-interface.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-c0a"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCXkpAs6fqQCuGmN%2FCfEhbv3jIkqn7hMcsCMYUBZBQ9WcDMMjU9bzGFQbECpbGtFjC2fHp1bu%2BVhO6SXrEYA5P3A5zgv92cfNRE8MQ%2FQlAxa6tH%2B296%2FKPJA%2FsT6NCrh%2BtA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabccdd0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/socicon.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/socicon.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-2443"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYwxwdUS4%2FlewZW7tduuWFFAr4jo0cRfwvZ3xtzya6XOX1lkMKuuLRd%2BlhJu1AqR9ZEljdLJxpJ61WDo%2F%2Behk4QnhVWiZ2NMgS4%2Bruj%2FapNLd7W9KybNlm6fJj7kybow724%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce00b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/countdown.min.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/countdown.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-14db"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcQKBiHbQmfdoycmU%2BHe64b9%2Fhf1sEh%2F9x%2BfYQey9C8dE2DeZFwgzpG8Ayf6iR%2B2ZCuZBkqkg3o7CGRgKjgaAtagXGohZwVhKXH8E8wqRv97gYnzD4YhpR6jtn4p09D3vJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabfd290b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.18.47.230

200 OK

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.18.47.230:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ab.secufiles.com/
Origin: https://ab.secufiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:05 GMT
content-type: text/plain
access-control-allow-origin: https://ab.secufiles.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7547bad60e851c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js

104.18.47.230

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js
IP
104.18.47.230:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baac3f400b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/typed.min.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/typed.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-f6d"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6v94fQsQsCfzX7ZJ6pzxT4wZJfonrsLLhHgAZCeCGZ89AYK%2BW3u4ceZYG8a06%2BqDP7Q5eRr3zInIUZP%2B3QobX7rxisdtu%2FnN%2FEljTWVUNr%2BvnbjUuYJKQuqtcGh%2FpffGM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabed0a0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-152b5"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vVI7pZXDq45yGrgga0E8O%2FKy2mn%2BPdvxfp4nUkO6hjPaDVH9SoZ8pH3pxrU%2FGY7WUJUMR0KYfN%2Fv2%2FbSPp%2F%2B%2FOv6OW%2Bnj3TnI0Syyr8C6%2F5q5DvPL70RvQF7%2FbQuBWXkYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabdcff0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/theme.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/theme.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:00 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-301d8"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lawLQj7aeQK3Cj8YWR%2FvLaM%2B34p%2F%2FL8BD%2BmWJ1B4LKYkH1uI8%2B14da5VvuZYaX0D504F3mh2nqjXWu2Nm9OpPRHV9zB%2BOOgtgTc29Gi2v6KNtR6tr0jhNIxML8n199B0x78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcced0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:58 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
set-cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66; expires=Mon, 10-Oct-2022 18:26:57 GMT; Max-Age=604800; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udE%2FKzo5Zmd%2BkO5a59kMAQGtFRWdCusE2SQvtCXBngmFjBpCf1sPa8z3ih6NeWy4ZTAFGcO2M%2BYxZvSon13wryAtdCK86FjI0WEeZVK3NypFaXagfCMUJ%2Bubwr5Ap8NhS9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547ba9f8ef00b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/css/cookiealert.css

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/css/cookiealert.css
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 09:26:44 GMT
etag: W/"5f71ac54-3051"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQO4zj6U0aCJi3%2FQCSbVhowDvSEWfLstNT7vMdhOUCGLc5oUfplrLw39x2aiiGt7nJrQET0qDi%2BuDrubFIt4Dp4cl36K9dGHv19CtMGo%2F7RwpX3DoLgNZUY%2BYoT4oi9Lmsg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabcce90b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ab.secufiles.com/themes/spirit/assets/frontend/js/flickity.min.js

172.67.69.122

200 OK

0 B

URL HTTP/2
ab.secufiles.com/themes/spirit/assets/frontend/js/flickity.min.js
IP
172.67.69.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: ab.secufiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ab.secufiles.com/7e4fed27f610a0e3/riot2_&_goe_2022_pass123.rar
Cookie: filehosting=fiqq9ouddf8qijqeejjdf8jl66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:26:59 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 09:26:40 GMT
etag: W/"5f71ac50-d265"
expires: Tue, 04 Oct 2022 06:26:59 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkZdxT16Zv%2Bp82GXC4onLBeDCvbpexiDx22G%2FBNZi8CE%2F7LU21trfj0Y2WQ1ij5bvtLIxLsbnI%2BZZhe8NaoFmWq0cgmH7iY7UUdjrGOfWHdKDM8xi0uZv2%2FpOeFn4uLYPyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7547baabed090b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.18.47.230

200 OK

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.18.47.230:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ab.secufiles.com/
Origin: https://ab.secufiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:27:02 GMT
content-type: text/plain
access-control-allow-origin: https://ab.secufiles.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7547bac1783f1c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations