{"report_id":"86a21bff-7353-4584-a148-52a9d38e29cb","version":6,"status":"done","tags":[],"date":"2024-01-07T16:46:21Z","url":{"schema":"https","addr":"afiletoget.click/go.php?a_aid=5f86443831324","fqdn":"afiletoget.click","domain":"afiletoget.click","tld":"click"},"ip":{"addr":"157.245.8.115","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","fqdn":"filetowonder.com","domain":"filetowonder.com","tld":"com"},"title":"SevenZip - Unpack Setup"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T04:42:06Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"track.redis06.sbs","ip":{"addr":"3.70.16.242","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2023-09-30","domain_rank":0,"first_seen":"2023-09-30 23:53:40","last_seen":"2023-12-26 16:28:11","alert_count":0,"request_count":1,"received_data":1552,"sent_data":579,"comment":"","tags":null,"fingerprints":null},{"fqdn":"filetowonder.com","ip":{"addr":"172.67.146.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-12-13","domain_rank":0,"first_seen":"2023-12-15 16:06:17","last_seen":"2024-01-07 04:34:16","alert_count":0,"request_count":4,"received_data":38789,"sent_data":1985,"comment":"","tags":null,"fingerprints":null},{"fqdn":"nostop.go2cloud.org","ip":{"addr":"18.202.12.61","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2010-10-28","domain_rank":369893,"first_seen":"2019-09-05 09:11:11","last_seen":"2024-01-06 18:11:30","alert_count":0,"request_count":1,"received_data":510,"sent_data":684,"comment":"","tags":null,"fingerprints":null},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":724,"first_seen":"2014-06-18 02:37:31","last_seen":"2024-01-07 13:07:22","alert_count":0,"request_count":1,"received_data":145802,"sent_data":495,"comment":"","tags":null,"fingerprints":null},{"fqdn":"trk.vaseglove.host","ip":{"addr":"172.67.153.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2021-07-18","domain_rank":0,"first_seen":"2022-05-01 16:13:54","last_seen":"2023-08-01 17:46:40","alert_count":0,"request_count":1,"received_data":8996,"sent_data":558,"comment":"","tags":null,"fingerprints":null},{"fqdn":"yourjsdelivery.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2020-08-25","domain_rank":0,"first_seen":"2020-08-25 16:06:00","last_seen":"2024-01-05 14:26:15","alert_count":0,"request_count":1,"received_data":545,"sent_data":417,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2024-01-07 13:07:22","alert_count":0,"request_count":1,"received_data":86941,"sent_data":424,"comment":"","tags":null,"fingerprints":null},{"fqdn":"afiletoget.click","ip":{"addr":"157.245.8.115","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"domain_registered":"2023-07-31","domain_rank":0,"first_seen":"2023-08-01 01:16:53","last_seen":"2023-08-12 08:07:10","alert_count":0,"request_count":1,"received_data":495,"sent_data":509,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-01-07T16:46:00Z","timestamp":1704645960,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35127,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO Referer Obfuscation/Hiding Service in DNS Lookup (href .li)","source":"{\"timestamp\":\"2024-01-07T16:46:00.967628+0000\",\"flow_id\":1798289205281740,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.171\",\"src_port\":35127,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2855173,\"rev\":1,\"signature\":\"ETPRO INFO Referer Obfuscation/Hiding Service in DNS Lookup (href .li)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_24\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_24\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_08_24\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":27585,\"rrname\":\"href.li\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2024-01-07T16:46:00.967628+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-07T16:46:00Z","timestamp":1704645960,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34765,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO Referer Obfuscation/Hiding Service in DNS Lookup (href .li)","source":"{\"timestamp\":\"2024-01-07T16:46:00.967820+0000\",\"flow_id\":1013044629521548,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.171\",\"src_port\":34765,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2855173,\"rev\":1,\"signature\":\"ETPRO INFO Referer Obfuscation/Hiding Service in DNS Lookup (href .li)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_24\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_24\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_08_24\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":5363,\"rrname\":\"href.li\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":78,\"bytes_toclient\":0,\"start\":\"2024-01-07T16:46:00.967820+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-07T16:46:01Z","timestamp":1704645961,"ip_dst":{"addr":"192.0.78.26","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":49052,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO Referer Obfuscation/Hiding Service Domain (href .li in TLS SNI)","source":"{\"timestamp\":\"2024-01-07T16:46:01.008554+0000\",\"flow_id\":1751499831514010,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.171\",\"src_port\":49052,\"dest_ip\":\"192.0.78.26\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2855174,\"rev\":1,\"signature\":\"ETPRO INFO Referer Obfuscation/Hiding Service Domain (href .li in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_24\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_24\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_08_24\"]}},\"tls\":{\"sni\":\"href.li\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":753,\"bytes_toclient\":6145,\"start\":\"2024-01-07T16:46:00.988058+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","fqdn":"filetowonder.com","domain":"filetowonder.com","tld":"com"},"ip":{"addr":"172.67.146.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yourjsdelivery.com/dl.min.js","fqdn":"yourjsdelivery.com","domain":"yourjsdelivery.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"08d190d8b4dca39922dc4b613a2283b8","sha1":"3ccaa66c506d0b79159836f7fcd6044fda78049f","sha256":"f878295a13ab9f922ba046207c3cb9da598d0e00cca7d488ef0cd15fc866c574","sha512":"8ee6c01dca035fa8df0fe2ece2099c22f00d3d5b1d63466b9445ce6e355f1de09fa3b1e3a422de9c3856030af5026487669c306c0db7172b705240a83ba3bdac","ssdeep":"384:x+fKMCY42wpgfvlqjUU4Qar3OTLc6rZ0opgTMFIowsP9:xhFpWqjUURCeTo6rZ0/T+IoF","tlshash":"d482b83ec355bf2097fee548d12aa1006f36893dda9050a58ae8a504e4c7df152ef7b2","size":18370,"data":"","first_seen":"2023-03-10T05:26:58Z","last_seen":"2026-03-26T00:28:08.266498Z","times_seen":361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-04T14:32:09.611682Z","times_seen":9670,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"afiletoget.click/go.php?a_aid=5f86443831324","fqdn":"afiletoget.click","domain":"afiletoget.click","tld":"click"},"ip":{"addr":"157.245.8.115","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-01-07T16:46:00.938733102Z","timestamp":1704645960938,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /go.php?a_aid=5f86443831324 HTTP/1.1\r\nHost: afiletoget.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 07 Jan 2024 16:46:00 GMT\r\nServer: Apache/2.4.37 (centos) OpenSSL/1.1.1g\r\nX-Powered-By: PHP/7.2.24\r\nCache-Control: no-cache, must-revalidate\r\nPragma: no-cache\r\nExpires: Sat, 26 Jul 1997 05:00:00 GMT\r\nLocation: https://href.li/?https://track.redis06.sbs/go/19a45436-cb73-4be8-8e51-8ee0e9a6e90d?affiliate=5f86443831324\u0026channel=\u0026keyword=Setup\u0026clickid=\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.redis06.sbs/go/19a45436-cb73-4be8-8e51-8ee0e9a6e90d?affiliate=5f86443831324\u0026channel=\u0026keyword=Setup\u0026clickid=","fqdn":"track.redis06.sbs","domain":"redis06.sbs","tld":"sbs"},"ip":{"addr":"3.70.16.242","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-07T16:46:01.512Z","timestamp":1704645961512,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.redis06.sbs","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Dec 2023 20:00:51 GMT","end":"Thu, 14 Mar 2024 20:00:50 GMT"},"fingerprint":{"sha1":"EC:ED:02:BC:97:F7:79:8E:7F:C1:BE:87:0B:6A:E6:8E:83:F9:59:A2","sha256":"76:4F:AE:88:D5:27:85:F4:DF:77:AE:39:55:70:D6:12:B0:41:FD:31:0C:E2:82:55:17:0A:93:1E:6A:07:28:83"}}},"request":{"raw":"GET /go/19a45436-cb73-4be8-8e51-8ee0e9a6e90d?affiliate=5f86443831324\u0026channel=\u0026keyword=Setup\u0026clickid= HTTP/1.1\r\nHost: track.redis06.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sun, 07 Jan 2024 16:46:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 264\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced\r\naccess-control-allow-origin: *\r\nlocation: https://trk.vaseglove.host/3ez7bx?click_id=8cwX1WsLXie6MS5eRSpH9k\u0026title=Setup\u0026s1=5f86443831324\u0026s2=\r\nset-cookie: bemob-viewer-id=f8e32f58-f14b-4699-a172-a847d0b0d5de; Domain=track.redis06.sbs; Path=/; Expires=Mon, 06 Jan 2025 16:46:01 GMT; HttpOnly; Secure; SameSite=None\nbemob-uniq-visit:19a45436-cb73-4be8-8e51-8ee0e9a6e90d=1; Domain=track.redis06.sbs; Path=/; Expires=Mon, 08 Jan 2024 16:46:01 GMT; HttpOnly; Secure; SameSite=None\nbemob-rotation:19a45436-cb73-4be8-8e51-8ee0e9a6e90d:random:10db7be2639f52916b55d4c0b900feaa=0-0-0; Domain=track.redis06.sbs; Path=/; Expires=Mon, 08 Jan 2024 16:46:01 GMT; HttpOnly; Secure; SameSite=None\nbemob-click-id=8cwX1WsLXie6MS5eRSpH9k; Domain=track.redis06.sbs; Path=/; Expires=Mon, 08 Jan 2024 16:46:01 GMT; HttpOnly; Secure; SameSite=None\r\nvary: Accept\r\nx-response-time: 10.417ms\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":264,"size_decoded":264,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"e7d18bcd3ff7fc414b6cf6af765d93bb","sha1":"e5d4f04619052115c497c1be2b6789db075a1e07","sha256":"0fd358fa52da81e46808f3c9dcbc544b2c17b914c71438699484cce8045d4694","sha512":"b7d2adf705a6a39c0042454190cd166fe159c09851fc44ff718b0e370c707ec23eb74c14d775874928c5866cb40fc8d9d7e208024558afe2fb5985e4979d1c9b","ssdeep":"","tlshash":"78d05eafb3d194209af07019a0867bbd3593480f3fc6294dbc231743ae46e2780b14eb","first_seen":"2024-08-20T12:56:26.323159Z","last_seen":"2024-08-20T12:56:26.323159Z","times_seen":1,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":253,"dns":188,"connect":26,"send":0,"wait":41,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","fqdn":"filetowonder.com","domain":"filetowonder.com","tld":"com"},"ip":{"addr":"172.67.146.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-07T16:46:02.182Z","timestamp":1704645962182,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filetowonder.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 13 Dec 2023 08:35:32 GMT","end":"Tue, 12 Mar 2024 08:35:31 GMT"},"fingerprint":{"sha1":"0E:0F:8F:4E:9F:43:A4:BC:7B:84:70:BA:98:14:CA:94:4D:1E:F7:6F","sha256":"7A:65:4B:29:20:96:BD:32:1A:EC:4C:F5:4F:D2:61:51:BA:1D:E2:02:78:1A:8A:0F:E3:91:25:69:E9:93:63:BD"}}},"request":{"raw":"GET /bcddad2e7782fa2e1b01d2d78059fcd1125af037f8 HTTP/1.1\r\nHost: filetowonder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Jan 2024 16:46:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.1.27\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=eTl1re2a9US%2BKtQhNtKn4z0kUBFfBCkBOEore0743hmysty7VcYTrctRbkkjULNTlQ2GQIFXSQb659Ep9cv35mVxZh%2FP9uF8rC9%2BlKaFJWFp7rprHTApipdRkefdpkVMFK%2Fo\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 841dacaff963b515-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31896,"size_decoded":8335,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (476), with CRLF line terminators","md5":"1a17ddd0eae6b0475ef4e53ab3a05e13","sha1":"459ffa2f601e7b09fb0a747803db3c64bb40c721","sha256":"1a04b436884d5889c95cb311c09607dfe6a79fd432351da25dd843e147bc7d54","sha512":"a0bc81f33712edc9defa9af664255979f846bf174ecad4efd6f66b22fe994bc55b534912509857e0554b0a27a05c8883668cf6f20fd63e8974582f3490ec83e4","ssdeep":"192:/MsCa+/zTHalgOHKuiFOkmbZyF5hIMKoes2e4iC:wTHalgOHKuiFOkmbZyF5hIM5V4iC","tlshash":"8202567010c108c586338ea093fc0b79f97282934f03695a72ee26db5bd6eb606d75e6","first_seen":"2024-08-20T12:56:26.324283Z","last_seen":"2024-08-20T12:56:26.324283Z","times_seen":1,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":43,"dns":4,"connect":3,"send":0,"wait":438,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nostop.go2cloud.org/aff_i?offer_id=235\u0026aff_id=2076\u0026aff_sub=5f86443831324\u0026aff_sub2=\u0026aff_sub3=\u0026aff_sub4=\u0026aff_sub5=\u0026source=2076-5f86443831324\u0026adv_sub=https%3A%2F%2Fwww.7-zip.org%2Fa%2F7z2201-x64.msi\u0026adv_sub5=Firefox\u0026adv_sub4=\u0026adv_sub3=trk.vaseglove.host\u0026adv_sub2=filetowonder.com","fqdn":"nostop.go2cloud.org","domain":"go2cloud.org","tld":"org"},"ip":{"addr":"18.202.12.61","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","date":"2024-01-07T16:46:02.924Z","timestamp":1704645962924,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go2cloud.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 21 Feb 2023 00:00:00 GMT","end":"Thu, 21 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5B:28:59:EA:4F:D9:54:04:B5:4C:7A:0B:6D:93:DF:D5:1B:00:BD:90","sha256":"C3:2D:CF:3C:05:77:6D:A3:41:07:A0:FD:F0:B4:D3:95:4D:0E:F8:5F:93:E2:A5:44:81:5C:61:ED:DF:73:18:AE"}}},"request":{"raw":"GET /aff_i?offer_id=235\u0026aff_id=2076\u0026aff_sub=5f86443831324\u0026aff_sub2=\u0026aff_sub3=\u0026aff_sub4=\u0026aff_sub5=\u0026source=2076-5f86443831324\u0026adv_sub=https%3A%2F%2Fwww.7-zip.org%2Fa%2F7z2201-x64.msi\u0026adv_sub5=Firefox\u0026adv_sub4=\u0026adv_sub3=trk.vaseglove.host\u0026adv_sub2=filetowonder.com HTTP/1.1\r\nHost: nostop.go2cloud.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filetowonder.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Jan 2024 16:46:03 GMT\r\nContent-Type: image/gif\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, must-revalidate\r\nExpires: Sat, 26 Jul 1997 05:00:00 GMT\r\nPragma: no-cache\r\nTracking_id: 102ec947d8cf956727c08d9552f0dc\r\nAccess-Control-Allow-Origin: *\r\nX-Request-Id: d43ee4b7ebd9027cd944e1166e9e9a4d\r\nAccess-Control-Allow-Headers: Tune-SDK-Version\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":57,"size_decoded":43,"mime_type":"","magic":"GIF image data, version 89a, 1 x 1","md5":"77d96eebccea5801290ad68b3ccb4199","sha1":"eaf3924bfd87bbf1f1137c395de8687f20c4f3a6","sha256":"ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c","sha512":"95c3f5e65140ca5aca4aaaeafcda98f7c377aec2af549ac544323f4562638ee1d5527081563333ce4c72e36d5e8262f801655b15e64f82e1c730654f187fbe49","ssdeep":"","tlshash":"96900003c280a08ae3abc03c0a0803082b88e23003280b0e80fc20a8fc3b3a20c03080","first_seen":"2023-04-05T09:51:01Z","last_seen":"2026-03-16T18:05:59.561152Z","times_seen":1322,"resource_available":true,"data":null}},"time_used":700,"timings":{"blocked":327,"dns":50,"connect":36,"send":0,"wait":34,"receive":2,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","date":"2024-01-07T16:46:02.923Z","timestamp":1704645962923,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 30 Nov 2023 00:15:17 GMT","end":"Wed, 28 Feb 2024 00:15:16 GMT"},"fingerprint":{"sha1":"34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04","sha256":"43:DF:F0:50:19:18:94:64:CA:28:1D:82:84:B3:9A:EC:06:DB:BE:07:DE:82:E2:0D:5C:52:19:05:67:1E:BF:A6"}}},"request":{"raw":"GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filetowonder.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filetowonder.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Jan 2024 16:46:02 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\netag: W/\"450fc463b8b1a349df717056fbb3e078\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:04 GMT\r\ncdn-cachedat: 10/31/2023 18:48:44\r\ncdn-proxyver: 1.04\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 752\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requestid: 8d265e63483cd1a28856cfe869e64557\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 1387946\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 841dacb47f84712f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":144877,"size_decoded":144877,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65325)","md5":"450fc463b8b1a349df717056fbb3e078","sha1":"895125a4522a3b10ee7ada06ee6503587cbf95c5","sha256":"2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d","sha512":"93bf1ed5f6d8b34f53413a86efd4a925d578c97abc757ea871f3f46f340745e4126c48219d2e8040713605b64a9ecf7ad986aa8102f5ea5ecf9228801d962f5d","ssdeep":"1536:GcoqwrUPyDHU7c7TcDEBi82NcuSELL4d/+oENM6HN26Q:VoPgPard2oENM6HN26Q","tlshash":"f6e37667f591322da097ca1851c0bbfa466f8156d6221ffbf4273b604b8a6c70a73d0d","first_seen":"2023-04-05T03:09:34Z","last_seen":"2026-04-04T15:02:18.891895Z","times_seen":53150,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":18,"dns":9,"connect":2,"send":0,"wait":15,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filetowonder.com/images/generalbundle.css","fqdn":"filetowonder.com","domain":"filetowonder.com","tld":"com"},"ip":{"addr":"172.67.146.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","date":"2024-01-07T16:46:02.925Z","timestamp":1704645962925,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filetowonder.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 13 Dec 2023 08:35:32 GMT","end":"Tue, 12 Mar 2024 08:35:31 GMT"},"fingerprint":{"sha1":"0E:0F:8F:4E:9F:43:A4:BC:7B:84:70:BA:98:14:CA:94:4D:1E:F7:6F","sha256":"7A:65:4B:29:20:96:BD:32:1A:EC:4C:F5:4F:D2:61:51:BA:1D:E2:02:78:1A:8A:0F:E3:91:25:69:E9:93:63:BD"}}},"request":{"raw":"GET /images/generalbundle.css HTTP/1.1\r\nHost: filetowonder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Jan 2024 16:46:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 10 Jan 2022 19:22:59 GMT\r\netag: W/\"61dc8793-66b\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1568\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2FThqKrTBYDfPFeU2HbOzIuZ4EPKt3t75nzz9ePz7DsotbGkUYQn81T4FeiQy82qkWuHwz6Z5hboQCjH53awvDG4eAH5eB67iwRHqFFxKGjYVqgQQTJFhh7nEFbh5Y7OGckUs\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 841dacb44cf456c7-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1643,"size_decoded":1643,"mime_type":"text/css","magic":"ASCII text, with very long lines (1854), with no line terminators","md5":"9328bf7d83de02d26ae0422fff9dd09a","sha1":"5b7458fc1993fa8afd052ee38fcc0f54de0e625d","sha256":"9c045f08f0a96cf97d9523d2e87b1745053d31616b7a4819b0cebb5d911951ab","sha512":"c25ed04325712afa4c5adf8f2e28b2c907dbb32cd9a25cbc945c9d5cd4c6b1090dc627f968c874c83d663940ec4ecd05d31c8cab67f3ec99fb54abfda2419329","ssdeep":"","tlshash":"ac319a343d397345fc53ba7e29938b825137a553ab55013a28c27850cbcbcaae173512","first_seen":"2023-05-10T01:34:57Z","last_seen":"2025-03-31T12:55:16.076311Z","times_seen":505,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trk.vaseglove.host/3ez7bx?click_id=8cwX1WsLXie6MS5eRSpH9k\u0026title=Setup\u0026s1=5f86443831324\u0026s2=","fqdn":"trk.vaseglove.host","domain":"vaseglove.host","tld":"host"},"ip":{"addr":"172.67.153.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-07T16:46:01.812Z","timestamp":1704645961812,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vaseglove.host","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 26 Nov 2023 00:47:33 GMT","end":"Sat, 24 Feb 2024 00:47:32 GMT"},"fingerprint":{"sha1":"E8:51:3C:03:53:F5:19:DB:4C:14:97:38:17:D5:61:19:28:B1:AF:9F","sha256":"AE:62:82:8B:89:78:3B:DF:78:6D:C1:D3:D1:FA:B7:CA:B9:70:B2:0D:C0:D5:98:0F:EB:EF:CF:A3:3D:F2:FF:2F"}}},"request":{"raw":"GET /3ez7bx?click_id=8cwX1WsLXie6MS5eRSpH9k\u0026title=Setup\u0026s1=5f86443831324\u0026s2= HTTP/1.1\r\nHost: trk.vaseglove.host\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 07 Jan 2024 16:46:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8\r\nx-powered-by: PHP/7.1.27\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=0N0HOPwt2ixkU9gyv0vIf0PEo9mwMYJyuC%2FSWtvkEam9lSJ1p7G7ZiGXCc1Kvp2xad2McBVd%2Bm0PpYfzFeA%2FsLTO%2B%2BFD2slwAxSCziM1SuR1VJSWXMIxXBS2utXzAiITTE4pTYQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 841dacadfff9b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":8335,"size_decoded":8335,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":442,"timings":{"blocked":88,"dns":61,"connect":8,"send":0,"wait":266,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yourjsdelivery.com/dl.min.js","fqdn":"yourjsdelivery.com","domain":"yourjsdelivery.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","date":"2024-01-07T16:46:02.918Z","timestamp":1704645962918,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yourjsdelivery.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 24 Nov 2023 05:17:07 GMT","end":"Thu, 22 Feb 2024 05:17:06 GMT"},"fingerprint":{"sha1":"96:32:5D:BF:FD:14:51:03:E1:BE:5D:8F:23:84:9E:8E:BE:3C:C9:2C","sha256":"47:88:7C:B1:7B:3A:E3:1B:20:F7:85:EF:81:E2:F0:74:35:D5:7A:5A:7B:52:C7:CC:FA:73:EB:11:43:92:70:7C"}}},"request":{"raw":"GET /dl.min.js HTTP/1.1\r\nHost: yourjsdelivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filetowonder.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Jan 2024 16:46:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2BM%2FnAF04RTrUexLHZF2wVZ6QlOuTviKOgzOiflvv9eJ3E%2FaHRnHTbEFyjiGyWDWMHEvSaxq%2FuDSKhbiv7ZUrGR8jUccGcOTBGujunyMUd3i8APplYpur1reUUHUnaTvFxyP1HQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 841dacb46ce30b3d-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":18,"dns":5,"connect":2,"send":0,"wait":218,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","date":"2024-01-07T16:46:02.921Z","timestamp":1704645962921,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-3.1.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filetowonder.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1514f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 07 Jan 2024 16:46:02 GMT\r\nage: 9845361\r\nx-served-by: cache-lga21948-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 99, 7459\r\nx-timer: S1704645963.975400,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30019\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86351,"size_decoded":86351,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (32014)","md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-04T14:32:09.611682Z","times_seen":9670,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":35,"dns":2,"connect":15,"send":0,"wait":19,"receive":6,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filetowonder.com/images/firefox/bundlehelp.css","fqdn":"filetowonder.com","domain":"filetowonder.com","tld":"com"},"ip":{"addr":"172.67.146.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","date":"2024-01-07T16:46:02.926Z","timestamp":1704645962926,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filetowonder.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 13 Dec 2023 08:35:32 GMT","end":"Tue, 12 Mar 2024 08:35:31 GMT"},"fingerprint":{"sha1":"0E:0F:8F:4E:9F:43:A4:BC:7B:84:70:BA:98:14:CA:94:4D:1E:F7:6F","sha256":"7A:65:4B:29:20:96:BD:32:1A:EC:4C:F5:4F:D2:61:51:BA:1D:E2:02:78:1A:8A:0F:E3:91:25:69:E9:93:63:BD"}}},"request":{"raw":"GET /images/firefox/bundlehelp.css HTTP/1.1\r\nHost: filetowonder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Jan 2024 16:46:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 07 Oct 2020 11:38:48 GMT\r\netag: W/\"5f7da8c8-876\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1568\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=E%2FeboiKqyc5RYoICCnz1V3%2FyNIfSCq967PNoH%2FZxZVf2I9N%2F%2B4%2F2eHJPFtLE5nm8yJs2NTP8k9N%2FUNcyxPXO%2BmcqzJtV%2BAPqWGmBhTV17JtAvzHfHbaDeJlOeSktVuMjryww\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 841dacb44cf656c7-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2166,"size_decoded":2166,"mime_type":"text/css","magic":"ASCII text, with very long lines (2441), with no line terminators","md5":"690357a0f4b74a5926a4c5b91b3ff6de","sha1":"f45a9d36fd8b6f0245a63e1b914f3847f6fe7530","sha256":"8e1c7ef0886f58128d887af3b5e5adc5fa9022f476e372e5e47c500e89db0c95","sha512":"ce44d960f92c82db5fc1fa61c79b459fd1b23c3feedcf7b88d5f4c2e67223b37080cd204f19e523ff000b8817f245aade0eac223453fd3e3c037edd55cd50225","ssdeep":"","tlshash":"1d517a756c3f7379be07e77e28928588102f785fa152163d7ac27201c3d7ca98223e5a","first_seen":"2023-05-10T01:34:57Z","last_seen":"2025-03-31T12:55:16.088177Z","times_seen":536,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filetowonder.com/favicon.ico","fqdn":"filetowonder.com","domain":"filetowonder.com","tld":"com"},"ip":{"addr":"172.67.146.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8","date":"2024-01-07T16:46:03.383Z","timestamp":1704645963383,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filetowonder.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 13 Dec 2023 08:35:32 GMT","end":"Tue, 12 Mar 2024 08:35:31 GMT"},"fingerprint":{"sha1":"0E:0F:8F:4E:9F:43:A4:BC:7B:84:70:BA:98:14:CA:94:4D:1E:F7:6F","sha256":"7A:65:4B:29:20:96:BD:32:1A:EC:4C:F5:4F:D2:61:51:BA:1D:E2:02:78:1A:8A:0F:E3:91:25:69:E9:93:63:BD"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: filetowonder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filetowonder.com/bcddad2e7782fa2e1b01d2d78059fcd1125af037f8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sun, 07 Jan 2024 16:46:03 GMT\r\ncontent-type: text/html\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 122\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=vJH0QJmNbBSihdQrdHdzKxFKwPrTpN8piVGFJPPWwOKVYDUnc3X6707fSL5rLeWmG%2Fw7DZyNac6%2FFr1Hj9PboW23sAe2hoRPtn53Bhp0rPviFcG%2B3PNizK4YbXwOwDpYKILC\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 841dacb73a0456c7-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":571,"size_decoded":571,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (599), with no line terminators","md5":"0bcb4f95cf44cbccd1f7a11b25ce307c","sha1":"80cd799922eba4f999766fa3e9a42daeca83f503","sha256":"97f63942106b0901af54884d4b7eba36edd0e27247cd94fa41525baa3f5c349c","sha512":"bdda15446e9d8b4e52816d1bc13beb611e72d88cba50e4c5bd7dca43940ea57b968b6cda38c6d0ad2c8c6c1b8374481375c0a0cd4becc3b8b96fed470bd60742","ssdeep":"","tlshash":"2bf0af9baf11347b2e238570f4c35059cf640916ebf914928749010ffac90414cb9fed","first_seen":"2023-04-09T15:29:19Z","last_seen":"2025-04-04T09:26:17.166164Z","times_seen":111,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}