Report - drive.vuinsider.com/33h/rubenzhtml-10.rar

Report Overview

Visited public
2023-09-21 08:00:29
Tags
URL
drive.vuinsider.com/33h/rubenzhtml-10.rar
Finishing URL
drive.vuinsider.com/33h/rubenzhtml-10.rar
IP / ASN
65.108.9.234
#24940 Hetzner Online GmbH
Title
rubenzhtml-10.rar - VUInsider Drive

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
drive.vuinsider.com	unknown	2019-10-14	2023-04-23 19:26:54	2023-09-05 03:59:55	18 kB	336 kB	65.108.9.234
inklinkor.com	unknown	2022-04-01	2022-04-01 13:44:00	2023-09-19 18:46:13	406 B	81 kB	172.67.211.29
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-09-20 08:00:50	2.1 kB	2.0 kB	139.45.197.250
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-09-19 20:11:19	404 B	20 kB	172.67.134.147
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-09-19 21:08:55	901 B	188 kB	104.22.32.172
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-21 07:57:36	428 B	92 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-21 07:35:08	5.0 kB	285 kB	216.58.207.227
glimtors.net	168336	2021-04-03	2021-04-05 09:54:50	2023-09-16 14:55:09	4.4 kB	204 kB	139.45.197.251
dubzenom.com	unknown	2023-09-05	2023-09-05 23:18:26	2023-09-20 10:35:57	2.2 kB	9.0 kB	139.45.197.245
gloaphoo.net	unknown	2022-09-09	2022-09-10 14:44:27	2023-09-16 22:24:59	2.6 kB	94 kB	139.45.197.239
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-21 05:09:09	3.0 kB	6.3 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-21 05:48:25	1.4 kB	21 kB	142.250.74.106
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-09-21 07:52:14	330 B	963 B	104.18.15.101
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-09-21 07:47:14	958 B	1.5 kB	139.45.195.8
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-09-19 19:09:04	537 B	487 B	139.45.195.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-21	medium	dubzenom.com	Sinkholed
2023-09-21	medium	fleraprt.com	Sinkholed
2023-09-20	medium	amunfezanttor.com	Sinkholed
2023-09-20	medium	amunfezanttor.com	Sinkholed
2023-09-20	medium	amunfezanttor.com	Sinkholed
2023-09-20	medium	amunfezanttor.com	Sinkholed
2023-09-21	medium	dubzenom.com	Sinkholed
2023-09-21	medium	dubzenom.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (29)

	URL	From	Size	First Seen	Last Seen
	drive.vuinsider.com/themes/spirit/assets/frontend/js/flickity.min.js	ScriptElement	54 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/flickity.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35 Last Seen2025-05-11 01:09 Times Seen2647 Hash 81a84001ccd9bdd589d1b4f187311b15 5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5 5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2 Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/granim.min.js	ScriptElement	11 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/granim.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35 Last Seen2025-05-11 01:09 Times Seen2625 Hash 2c16a9a724563fc0c306abb5bdeb03fe 90c2032537714e66059a3eaa150b93f3c9c80163 997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/cookiealert.js	ScriptElement	1.8 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/cookiealert.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47 Last Seen2025-05-11 01:09 Times Seen2627 Hash 81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	44 B	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28 Last Seen2025-05-11 14:23 Times Seen3563 Hash 21d884540875fb4d2b8f280c541d092c 9f2a58bb4ff1897269b2df54e333ce35d4435b91 8f75c65a00382bae7799a76f3517023df9a72035e9b469e95469b028d4bd0d0a Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	193 B	2023-07-16	2024-08-21
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-16 11:54 Last Seen2024-08-21 07:39 Times Seen5 Hash bb2de863f43693ccedd6820794c197c7 392c1336668acaf3fd982d6582055fa5912e8ba9 dc525055580b5fad19915571637f4b0a0941f5ebd53eec998be22036cd158d0b Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.steps.min.js	ScriptElement	14 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35 Last Seen2025-05-11 01:09 Times Seen2666 Hash 4c5e9f4e84d32b7df69af7420b355e03 14e1e287ec98e8cc0a992ee996783b0c42f9ec0f c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/scripts.js	ScriptElement	112 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/scripts.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47 Last Seen2025-05-11 01:09 Times Seen2565 Hash ccd6c308b2b8e36ae154d7bacea4240d f7d2f7195150771246dd599dbb4ff3bc2f0f2179 fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0 Loading...

	www.googletagmanager.com/gtag/js?id=G-X2X4VM6GCB	ScriptElement	271 kB	2023-09-21	2023-09-21
Pretty URL www.googletagmanager.com/gtag/js?id=G-X2X4VM6GCB IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 10:00 Last Seen2023-09-21 10:00 Times Seen1 Hash 46539bc22efd096e95746fe1384050a1 721ce183a7d3c287edaebd4f4ba6f332510732bd bafe6059207df588567660904ba1bcbec2d701e367eccf573297dbcdc94f8cb9 Loading...

	drive.vuinsider.com/js/xads.js	ScriptElement	151 B	2023-03-07	2025-03-14
Pretty URL drive.vuinsider.com/js/xads.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-03-14 16:44 Times Seen68 Hash 5c25805fe76fdff482427cd907c43ded 801c9dae9abb98963162a8b530fd87c2cd4e56c4 5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	176 B	2023-07-16	2024-08-21
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-16 11:54 Last Seen2024-08-21 07:39 Times Seen5 Hash 039af18db6168eba138f5edef2def8fe 7019abf5f0af6366c9970ae2d5433b0939cbc4cf 467fd5020282c6beb83ed72eb7d402246600b4d05214c7414ae0506658f0224a Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/typed.min.js	ScriptElement	3.9 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/typed.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-11 14:23 Times Seen3937 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/datepicker.js	ScriptElement	21 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/datepicker.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-11 14:23 Times Seen3323 Hash 8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/countdown.min.js	ScriptElement	5.3 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/countdown.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 01:09 Times Seen4618 Hash 5d3ff3c3fbaa67cc639501f44eeb07be bd66e4cd58de09c198e7abc77fa4c883955d189e 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f Loading...

	inklinkor.com/tag.min.js	ScriptElement	80 kB	2023-09-19	2023-09-25
Pretty URL inklinkor.com/tag.min.js IP 172.67.211.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-19 15:45 Last Seen2023-09-25 15:53 Times Seen96 Hash a3b25ba8316f38d39cbf075d179aad71 9ee5f28a77d2bf3eaa59865c259e8d5c5d6cf272 311c51da9b45e9b6d879e703d48b0324b6921919659a430735032711fb7126cd Loading...

	gloaphoo.net/401/6014208	ScriptElement	91 kB	2023-09-21	2023-09-21
Pretty URL gloaphoo.net/401/6014208 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 10:00 Last Seen2023-09-21 10:00 Times Seen1 Hash 9712711cfdd0db0dac8ae04f43b63007 e2839fabfbdb58dda77b6b90301c9ed49fedb2ae 83d1bc0c577f12f9bfc90a1067bcb013a3421061a6b229f28d3f36225159f0dc Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	59 kB	2023-09-01	2024-08-21
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-01 13:22 Last Seen2024-08-21 07:39 Times Seen5 Hash 180afefb9e8657090b4800f24b324547 be77c1b551e9cbc6b3878ce20942359112bccfea b59bab7c152a110a628a69078d8b66646962e9616fad2dc23c5f81946ec6645f Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	934 B	2024-08-21	2024-08-21
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 06:11 Last Seen2024-08-21 06:11 Times Seen1 Hash 7e96b746f5f3f6220d0999f2856c9ccb e16d1a9f3a80ed3ab44343e583e82b4c6e2e2dae 6d6d6fc812003356f68f0a77d1b6496bf0eb10870e77a3ab331acd1c224d8ab8 Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 13:23 Times Seen112282 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js	ScriptElement	6.0 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35 Last Seen2025-05-11 01:09 Times Seen2655 Hash b67e171349c4716dd7bb15c018a2c8c1 60b204148c0eed83b06043897d1cbd54709eab66 8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30 Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	292 B	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28 Last Seen2025-05-11 14:23 Times Seen3886 Hash f6038f840321581380bcf8e68fbec2ed 9c64ca84baabd04b9994597b90882d8ec7158ba2 fc7d223cc022e6a00869dea89642667579b0ca033afb07bb0070c7b7a0fd23c3 Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	274 B	2023-03-07	2025-03-14
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:57 Last Seen2025-03-14 16:44 Times Seen68 Hash f0e7a7a5aafe90c350c62b86e6995bd6 3f356d379bac9d94087f0b2cb2e0239f947b5fd7 1b04af7e8576003abf78857db18b1f464a2c2289d23b9f181bb6c549bad1262b Loading...

	unknown	EventHandler	9 B	2023-09-01	2024-08-21
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-09-01 13:22 Last Seen2024-08-21 07:39 Times Seen5 Hash 242fe4be7ea768749bbcbf6b973cfb1c 167cc5a2c48a0787dd60a5e4b247dfaa0a1ca663 dc12ee7a87d5cb4ce0fa46e2ca56c52dea4b2f6196b9b61e3bb506389b44181a Loading...

	unknown	ScriptElement	26 kB	2023-03-07	2025-01-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-01-30 15:49 Times Seen1752 Hash a912e7afe74b51fdd03b28bf67e7d409 85004dfe087af5a730261c85262661d89b3d2516 706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650 Loading...

	drive.vuinsider.com/33h/rubenzhtml-10.rar	ScriptElement	153 B	2023-07-16	2024-08-21
Pretty URL drive.vuinsider.com/33h/rubenzhtml-10.rar IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-16 11:54 Last Seen2024-08-21 07:39 Times Seen5 Hash 36cbff21f38743cc7e485361041d08ef b844722165c628e565a27dd52feabbbd142e36f0 8d536a848ad18e25199343845dc84f47c61abeb666ae018e638261c9d1b68c78 Loading...

	glimtors.net/ntfc.php?p=6185599	ScriptElement	13 kB	2023-09-14	2023-09-28
Pretty URL glimtors.net/ntfc.php?p=6185599 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-14 17:41 Last Seen2023-09-28 03:43 Times Seen95 Hash bd7a26053b237918346f829a583e2d3c 51ed2f9bda02059c09fd9fb6717ce2a69fc18e27 8b4f23836e8c2adc000c086eb20695c4eeb6c7c2225054ecb89194fbe2a15d49 Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 172.67.134.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	ScriptElement	70 kB	2023-03-07	2025-05-11
Pretty URL drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 65.108.9.234 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 07:01 Times Seen5347 Hash 737f853e9fd6a31d62f5028e88663c9f cf144f2ab49f53a69fbfe10d3588fc23437d2736 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841 Loading...

	unknown	ScriptElement	88 kB	2023-09-14	2023-09-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-14 17:41 Last Seen2023-09-28 15:36 Times Seen210 Hash 0f22080b3f88f2f09bbabbcb8e9550c4 191596e48cd208528643ab0530ce3b2cb3f68fae 5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0 Loading...

		Size	First Seen	Last Seen
	#1 Write - c6fdf2bdbfbb9932fad3fa5a4c7b8f93	51 kB	2023-09-01 13:22	2024-08-21 07:39
Pretty Observations First Seen2023-09-01 13:22 Last Seen2024-08-21 07:39 Times Seen5 Hash c6fdf2bdbfbb9932fad3fa5a4c7b8f93 ed5c3b8d20354a9b8c00a8131593f23ff7cfd020 031f4a5d60ea834c55eb665331bfe654d321b0bae9280ffb10cc000b4646e5ab Loading...

HTTP Transactions (81)

URL IP Response Size

drive.vuinsider.com/33h/rubenzhtml-10.rar

65.108.9.234

200 OK

23 kB

URL User Request GET HTTP/2
drive.vuinsider.com/33h/rubenzhtml-10.rar
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59129), with CRLF, LF line terminators
Size
23 kB (23054 bytes)
Hash
6264782dffd8404a0d29a13e2579ccda
eca1344a78148a06750ca0fa559d6394feefcc9c
612dccf13755e36ec6a47b45e8087521077c43bac11d95b5631483cd2410a69d

HTTP Headers

GET /33h/rubenzhtml-10.rar HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.1.22
set-cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7; expires=Fri, 22-Sep-2023 08:00:08 GMT; Max-Age=86400; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 23054
content-encoding: br
vary: Accept-Encoding
date: Thu, 21 Sep 2023 08:00:08 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

drive.vuinsider.com/themes/spirit/assets/frontend/css/bootstrap.min.css

65.108.9.234

200 OK

11 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (65324)
Size
11 kB (11048 bytes)
Hash
bc48830f50049b0cbbe3dd417755a347
e5cdb6545f9b4bce4eeda78f64a714e2de4d0e09
7d56baeec9679114562cdc56d3f28cb9a43263cada11b1f64809851e7a8b1419

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11048
date: Thu, 21 Sep 2023 08:00:08 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

drive.vuinsider.com/themes/spirit/assets/frontend/css/flickity.css

65.108.9.234

200 OK

664 B

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/flickity.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text
Size
664 B (664 bytes)
Hash
5439695b076327f53edcda86d192856b
d938327051f0bf044bc65b68721ad3193bd2ef12
1709404c1e9beb94953cc95fcc3477e7cb4213e03bfe9bbe0f8a37877c1c6e42

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 664
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/stack-interface.css

65.108.9.234

200 OK

960 B

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/stack-interface.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
Unicode text, UTF-8 text
Size
960 B (960 bytes)
Hash
6406d626f8bfc1e6815698bfecf9a2f8
a918901be3ab1b9bb4ce9980db521eb4731bb82b
f620d1bf10d3f45a7b19edd4f863090c5dd5031411918508493634c4018e81b7

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 960
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/lightbox.min.css

65.108.9.234

200 OK

819 B

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/lightbox.min.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text
Size
819 B (819 bytes)
Hash
40cab6b747df96a8a66f5c0ac4e034dd
85dd24bc614fb1ecaeb873f4e686213aa53927c3
798da60d899fcd9aa5074834d88b63c398dd72af5711ed48d7f68dde8dc8db5e

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 819
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/iconsmind.css

65.108.9.234

200 OK

14 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/iconsmind.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text
Size
14 kB (14239 bytes)
Hash
39aa385af1cfd640bac73a09de3ac9fe
6d17dff21d04138cd8ab3ef9dfe1eae79994834c
0909de268b3276cb7464acb2f86701f62974a893dd374312908a3f8efc363438

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14239
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/socicon.css

65.108.9.234

200 OK

1.7 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/socicon.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text
Size
1.7 kB (1703 bytes)
Hash
b23fff7d228bbe8796ad8b3d280e3401
1a9861031bda4d3c1cb58564107d8b777982750b
17beb90ae4f385180d6b7d184dcb640ccd2a360e4ee03af0254c83b00ef87202

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1703
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/jquery.steps.css

65.108.9.234

200 OK

1.0 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/jquery.steps.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text
Size
1.0 kB (1027 bytes)
Hash
a0ed38e9ba9498867df1f62407377def
6d2278f924b80328695e8fe5213b252ae499fc77
70110803124af60b1e1dc1ea3c0408353947b4a0d7000f47873c85287de875d5

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1027
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/cookiealert.css

65.108.9.234

200 OK

8.9 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/cookiealert.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (11486), with CRLF line terminators
Size
8.9 kB (8885 bytes)
Hash
3d2946aeae3cc8f43e2acf82ea029bd4
c25a0bd445ff9e6034d34e8f388f5565515a2783
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28

HTTP Headers

GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8885
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/images/logo/logo-whitebg.png

65.108.9.234

200 OK

6.5 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/images/logo/logo-whitebg.png
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
PNG image data, 431 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6487 bytes)
Hash
88b2ad9d81e2bdf1f6e3b17a637f2029
1a0764a7cb830d3fca90e2c78a9e1ce6f0a3ed40
2ec3e0692321a2805e95db5716e5e92d35e20f49dc1a3e9796a5def6e6254e82

HTTP Headers

GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: image/png
last-modified: Mon, 28 Sep 2020 15:29:08 GMT
accept-ranges: bytes
content-length: 6487
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/theme.css

65.108.9.234

200 OK

29 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/theme.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
assembler source text\012- assembler source, ASCII text
Size
29 kB (29434 bytes)
Hash
0070ae7b5bb75d59ef0f36de1f3cb4b4
58b9bcb364df74184f35e8dc0231b3573cb9c332
db7c96fb23e5c19f26d7de6f407cef6c779c2a207c8c2e16615e8e9b3e89efd8

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29434
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/font-awesome.min.css

65.108.9.234

200 OK

12 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (58929)
Size
12 kB (12272 bytes)
Hash
66e407beb68fdbb8bacd87d91ddf7829
5ed55601e30871fb757dc4b78a40a432f9a3600b
eb98a660b34391ce502005c6b8553af83defcf0832489134efb499498051d1d9

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12272
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/css/custom.css

65.108.9.234

200 OK

1.9 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/css/custom.css
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
1.9 kB (1852 bytes)
Hash
65417cde74809cb9b9e66d0ab4adc448
9729ccac013729aed790fdc25d71d858f50a137b
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: text/css
last-modified: Thu, 04 Feb 2021 17:28:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1852
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/images/logo/logo.png

65.108.9.234

200 OK

6.3 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/images/logo/logo.png
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
PNG image data, 431 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
6.3 kB (6311 bytes)
Hash
fbacfafaffafec65fc4114568cb60858
bd497e5f6747dffe54893e7947275c56efccf53d
3393c294229659297948d0e84894dfe1f8814ca0905711bcee4e2ab213c473ea

HTTP Headers

GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: image/png
last-modified: Mon, 28 Sep 2020 15:29:08 GMT
accept-ranges: bytes
content-length: 6311
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/typed.min.js

65.108.9.234

200 OK

1.4 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/typed.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (3949), with no line terminators
Size
1.4 kB (1365 bytes)
Hash
2f6185a8a32a50b2b3e04849f44359d4
0e5501588c5c0d1c9462f34b0d56c21abff5bfef
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1365
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

65.108.9.234

200 OK

30 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (32030)
Size
30 kB (29460 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29460
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

65.108.9.234

200 OK

19 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (768)
Size
19 kB (18580 bytes)
Hash
737f853e9fd6a31d62f5028e88663c9f
cf144f2ab49f53a69fbfe10d3588fc23437d2736
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18580
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/img/adblock/primary.jpg

65.108.9.234

200 OK

13 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/img/adblock/primary.jpg
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 601x155, components 3\012- data
Size
13 kB (12809 bytes)
Hash
0fc3ab39bcdfd3c8d38de7d89b292ada
a89f51203f0b0db4cd1c7f18388f9a84d008efa4
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f

HTTP Headers

GET /themes/spirit/assets/frontend/img/adblock/primary.jpg HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:09 GMT
content-type: image/jpeg
last-modified: Mon, 28 Sep 2020 15:26:42 GMT
accept-ranges: bytes
content-length: 12809
date: Thu, 21 Sep 2023 08:00:09 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/cookiealert.js

65.108.9.234

200 OK

713 B

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/cookiealert.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with CRLF line terminators
Size
713 B (713 bytes)
Hash
81279e22c8ece9e1d0536a402484daa3
911797507fb12d4f451d5900e32db96ad697c401
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

HTTP Headers

GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:09 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 713
date: Thu, 21 Sep 2023 08:00:09 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/flickity.min.js

65.108.9.234

200 OK

13 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/flickity.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (32032)
Size
13 kB (13091 bytes)
Hash
81a84001ccd9bdd589d1b4f187311b15
5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5
5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13091
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/datepicker.js

65.108.9.234

200 OK

7.1 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/datepicker.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (12692), with CRLF line terminators
Size
7.1 kB (7117 bytes)
Hash
8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7117
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/granim.min.js

65.108.9.234

200 OK

2.7 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/granim.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (10573)
Size
2.7 kB (2715 bytes)
Hash
2c16a9a724563fc0c306abb5bdeb03fe
90c2032537714e66059a3eaa150b93f3c9c80163
997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2715
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.steps.min.js

65.108.9.234

200 OK

4.7 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (13686)
Size
4.7 kB (4713 bytes)
Hash
4c5e9f4e84d32b7df69af7420b355e03
14e1e287ec98e8cc0a992ee996783b0c42f9ec0f
c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4713
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/countdown.min.js

65.108.9.234

200 OK

2.2 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/countdown.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (4136)
Size
2.2 kB (2238 bytes)
Hash
5d3ff3c3fbaa67cc639501f44eeb07be
bd66e4cd58de09c198e7abc77fa4c883955d189e
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2238
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js

65.108.9.234

200 OK

2.6 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (4887)
Size
2.6 kB (2579 bytes)
Hash
b67e171349c4716dd7bb15c018a2c8c1
60b204148c0eed83b06043897d1cbd54709eab66
8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2579
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/js/scripts.js

65.108.9.234

200 OK

22 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/js/scripts.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text, with very long lines (914)
Size
22 kB (22112 bytes)
Hash
ccd6c308b2b8e36ae154d7bacea4240d
f7d2f7195150771246dd599dbb4ff3bc2f0f2179
fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:08 GMT
content-type: application/javascript
last-modified: Wed, 14 Oct 2020 17:17:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22112
date: Thu, 21 Sep 2023 08:00:08 GMT

drive.vuinsider.com/js/xads.js

65.108.9.234

200 OK

102 B

URL GET HTTP/3
drive.vuinsider.com/js/xads.js
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
ASCII text
Size
102 B (102 bytes)
Hash
5c25805fe76fdff482427cd907c43ded
801c9dae9abb98963162a8b530fd87c2cd4e56c4
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e

HTTP Headers

GET /js/xads.js HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-powered-by: PHP/8.1.22
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: application/javascript
content-length: 102
content-encoding: br
vary: Accept-Encoding
date: Thu, 21 Sep 2023 08:00:09 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c26db5b7e67796d07f5743c47aac1d8d
15ae6c46df2af330a26d64166a9df72d038b16cb
f0f73451176c560f54ad1174073e4dbaa6697a11c6a5fdf3ccfe67ab4b93011d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aff723341f53f020db1ba26e898bbd48
23f915039b79b9247907a1395fa32f57cf3c1a41
6e996d55d168ee427fb70dc93c074a42c5f6eebd2756fa1ed79341f73b44c455

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aff723341f53f020db1ba26e898bbd48
23f915039b79b9247907a1395fa32f57cf3c1a41
6e996d55d168ee427fb70dc93c074a42c5f6eebd2756fa1ed79341f73b44c455

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-X2X4VM6GCB

142.250.74.168

200 OK

91 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-X2X4VM6GCB
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (4179)
Size
91 kB (91173 bytes)
Hash
46539bc22efd096e95746fe1384050a1
721ce183a7d3c287edaebd4f4ba6f332510732bd
bafe6059207df588567660904ba1bcbec2d701e367eccf573297dbcdc94f8cb9

HTTP Headers

GET /gtag/js?id=G-X2X4VM6GCB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 21 Sep 2023 08:00:09 GMT
expires: Thu, 21 Sep 2023 08:00:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.106

200 OK

1.6 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
gzip compressed data, max compression\012- data
Size
1.6 kB (1554 bytes)
Hash
d4a6d303cd0ab77b2558ba8c45520f2a
c7cdcc0df6292b7dc36140c497c24ca1671fca6e
08b2797fb24e4964ac388cbfc688eddab2f786b12eb2a621e149916fdd321f41

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 21 Sep 2023 08:00:09 GMT
date: Thu, 21 Sep 2023 08:00:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

812 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
gzip compressed data, max compression\012- data
Size
812 B (812 bytes)
Hash
8a9f47902c36c4024e4f3c6c8b69c2a5
2a00fd7c84a6ae0d2b12f7246d07a212628522ad
0bfce6118ac05488405adbe729df6221163bdbb2f9296b49f9e4f4e0abf5ce48

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 21 Sep 2023 08:00:09 GMT
date: Thu, 21 Sep 2023 08:00:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

drive.vuinsider.com/33h/rubenzhtml-10.rar

65.108.9.234

200 OK

0 B

URL User Request GET HTTP/2
drive.vuinsider.com/33h/rubenzhtml-10.rar
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /33h/rubenzhtml-10.rar HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-powered-by: PHP/8.1.22
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 08:00:09 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

65.108.9.234

200 OK

80 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:09 GMT
content-type: font/woff2
last-modified: Mon, 28 Sep 2020 15:26:42 GMT
accept-ranges: bytes
content-length: 80148
date: Thu, 21 Sep 2023 08:00:09 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

65.108.9.234

200 OK

4.3 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:09 GMT
content-type: font/woff2
last-modified: Mon, 28 Sep 2020 15:26:44 GMT
accept-ranges: bytes
content-length: 4292
date: Thu, 21 Sep 2023 08:00:09 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a1a51b0f48712bcb7f16f91c38b9c702
fe57fcb61612ca9fbb74cddf6717a9e00f78ad28
5325ec50d480ce6ebf7307606ea0fc5d764b494728da63119fe2da4c171ba3b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a1a51b0f48712bcb7f16f91c38b9c702
fe57fcb61612ca9fbb74cddf6717a9e00f78ad28
5325ec50d480ce6ebf7307606ea0fc5d764b494728da63119fe2da4c171ba3b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a1a51b0f48712bcb7f16f91c38b9c702
fe57fcb61612ca9fbb74cddf6717a9e00f78ad28
5325ec50d480ce6ebf7307606ea0fc5d764b494728da63119fe2da4c171ba3b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a1a51b0f48712bcb7f16f91c38b9c702
fe57fcb61612ca9fbb74cddf6717a9e00f78ad28
5325ec50d480ce6ebf7307606ea0fc5d764b494728da63119fe2da4c171ba3b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a1a51b0f48712bcb7f16f91c38b9c702
fe57fcb61612ca9fbb74cddf6717a9e00f78ad28
5325ec50d480ce6ebf7307606ea0fc5d764b494728da63119fe2da4c171ba3b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 09:00:39 GMT
expires: Wed, 18 Sep 2024 09:00:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 169170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 09:00:39 GMT
expires: Wed, 18 Sep 2024 09:00:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 169170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glimtors.net/ntfc.php?p=6185599

139.45.197.251

200 OK

54 kB

URL GET HTTP/2
glimtors.net/ntfc.php?p=6185599
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
54 kB (54107 bytes)
Hash
194ff44635a7208233928fa710e30042
e2a47007985f6b199819cd7ef7dfdb4b8421d592
5c26baf610c705cc147094aeddfd065174281e2a403edec90417afc5df860426

HTTP Headers

GET /ntfc.php?p=6185599 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:09 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 12:11:16 GMT
etag: W/"65083e64-32bc"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 09:00:39 GMT
expires: Wed, 18 Sep 2024 09:00:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 169170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 09:00:39 GMT
expires: Wed, 18 Sep 2024 09:00:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 169170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a1a51b0f48712bcb7f16f91c38b9c702
fe57fcb61612ca9fbb74cddf6717a9e00f78ad28
5325ec50d480ce6ebf7307606ea0fc5d764b494728da63119fe2da4c171ba3b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 21 Sep 2023 08:00:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19308, version 1.0\012- data
Size
19 kB (19308 bytes)
Hash
0d17dc102f6109715e0d74d9e267cbd7
204a106f9eb8c74953d411f200196c544ed87300
883bd0f053cde78238a0881291e4b6647acd9b3fa73808db5ac83d286bb4b44e

HTTP Headers

GET /s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 03:50:51 GMT
expires: Wed, 18 Sep 2024 03:50:51 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:04:07 GMT
content-type: font/woff2
age: 187758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16496, version 1.0\012- data
Size
16 kB (16496 bytes)
Hash
10ec04423fabd5abba8e0c43c1cb62dd
031a2355bbb3100025462d681e78d84b962bdc43
fe6c909326c0d229836a972a1b337c193634ab4d734c7169382fc1263081ae1c

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 04:10:11 GMT
expires: Wed, 18 Sep 2024 04:10:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:02:42 GMT
content-type: font/woff2
age: 186599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16496, version 1.0\012- data
Size
16 kB (16496 bytes)
Hash
10ec04423fabd5abba8e0c43c1cb62dd
031a2355bbb3100025462d681e78d84b962bdc43
fe6c909326c0d229836a972a1b337c193634ab4d734c7169382fc1263081ae1c

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 04:10:11 GMT
expires: Wed, 18 Sep 2024 04:10:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:02:42 GMT
content-type: font/woff2
age: 186599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glimtors.net/zone?pub=0&zone_id=6185599&is_mobile=false&domain=drive.vuinsider.com&var=&ymid=&var_3=&tg=0

139.45.197.251

200 OK

911 B

URL GET HTTP/2
glimtors.net/zone?pub=0&zone_id=6185599&is_mobile=false&domain=drive.vuinsider.com&var=&ymid=&var_3=&tg=0
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type
JSON data\012- , ASCII text, with very long lines (910)
Size
911 B (911 bytes)
Hash
da1f5bfbb76d7e798db35ec28c0c7ee7
4c91ccab0f3ea2adda37b32b91efa570eeac79d2
bd910c520d9340d30f58cf76493db815bb94324dd1c6a3c293feaf1e2f7f72f7

HTTP Headers

GET /zone?pub=0&zone_id=6185599&is_mobile=false&domain=drive.vuinsider.com&var=&ymid=&var_3=&tg=0 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:09 GMT
content-type: application/json; charset=utf-8
content-length: 911
x-trace-id: e390187b51b95daa3ff4bb65ba25ff70
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

drive.vuinsider.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

65.108.9.234

200 OK

5.0 kB

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5016 bytes)
Hash
a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7; _ga_X2X4VM6GCB=GS1.1.1695283210.1.0.1695283210.0.0.0; _ga=GA1.1.153489657.1695283210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:10 GMT
content-type: image/png
last-modified: Mon, 28 Sep 2020 15:26:42 GMT
accept-ranges: bytes
content-length: 5016
date: Thu, 21 Sep 2023 08:00:10 GMT

drive.vuinsider.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

65.108.9.234

200 OK

447 B

URL GET HTTP/3
drive.vuinsider.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
65.108.9.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectwww.drive.vuinsider.com
FingerprintFF:59:02:42:09:2D:4F:AA:7D:1F:A6:8D:9D:57:B8:B0:99:E3:71:3F
ValidityWed, 23 Aug 2023 16:22:50 GMT - Tue, 21 Nov 2023 16:22:49 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
447 B (447 bytes)
Hash
f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: drive.vuinsider.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Cookie: filehosting=djdip6cr2ltrc0d3fmt37pqkt7; _ga_X2X4VM6GCB=GS1.1.1695283210.1.0.1695283210.0.0.0; _ga=GA1.1.153489657.1695283210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 28 Sep 2023 08:00:10 GMT
content-type: image/png
last-modified: Mon, 28 Sep 2020 15:26:40 GMT
accept-ranges: bytes
content-length: 447
date: Thu, 21 Sep 2023 08:00:10 GMT

glimtors.net/custom

139.45.197.251

200 OK

0 B

URL POST HTTP/2
glimtors.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

glimtors.net/custom

139.45.197.251

200 OK

0 B

URL POST HTTP/2
glimtors.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

dubzenom.com/5/5818539/?oo=1&js_build=iclick-v1.601.0

139.45.197.245

200 OK

116 B

URL GET HTTP/2
dubzenom.com/5/5818539/?oo=1&js_build=iclick-v1.601.0
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectdubzenom.com
FingerprintB4:A2:7A:7C:28:7D:21:81:28:0D:43:28:55:83:62:AB:A7:E8:B5:4B
ValidityTue, 05 Sep 2023 14:16:13 GMT - Mon, 04 Dec 2023 14:16:12 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
116 B (116 bytes)
Hash
0310b15d9602551ff97204cd53fc01aa
f66a0ce29be663a9a91ab3546e58ced149298fed
c2c87f3aac7d964fc94ba7692d3146a3efd3d2bc3e9114404b3c6370605ac85f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5818539/?oo=1&js_build=iclick-v1.601.0 HTTP/1.1
Host: dubzenom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json
content-length: 116
x-trace-id: 0bc8ec7ccb201bd50574bbc7213436bc
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=269aeb58f94d4c5f9ca2e4f7020484b9; expires=Fri, 20 Sep 2024 08:00:10 GMT; path=/; secure; SameSite=None
oaidts=1695283210; expires=Fri, 20 Sep 2024 08:00:10 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

glimtors.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
glimtors.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Content-Type: application/json
Content-Length: 392
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 08aed28a91b9a3134606d859ed83a551
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

glimtors.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
glimtors.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Content-Type: application/json
Content-Length: 769
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5a688d5a35ee38b8c07e33daa6e11695
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
cbf5b0228e6fb4a0147cec87a9f3d621
c2cfb64303a7ae0e92a90a2e110fe2c995bd234c
29c4f86517e8e64bde152fcf9f689b7a76195ef1614a21548ab1c69ea83353c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 21 Sep 2023 08:00:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 21 Sep 2023 02:44:33 GMT
Expires: Thu, 28 Sep 2023 02:44:32 GMT
Etag: "c2cfb64303a7ae0e92a90a2e110fe2c995bd234c"
Cache-Control: max-age=586317,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80a0c5e0eb9b56c5-OSL

my.rtmark.net/gid.js?pub=0&userId=b289741ee6704d2bbdc2be907eae47fb&zoneId=6185599&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?pub=0&userId=b289741ee6704d2bbdc2be907eae47fb&zoneId=6185599&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
06eda7d78749cb37012196e9ae533d64
9b7ce193adfe4cb4029c0cab77946c8d00d7339d
bcc7bab4f8cfd187cf519901a4f25d0c71256b0329931b9a1e7a8f204e6232b9

HTTP Headers

GET /gid.js?pub=0&userId=b289741ee6704d2bbdc2be907eae47fb&zoneId=6185599&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b289741ee6704d2bbdc2be907eae47fb; expires=Fri, 20 Sep 2024 08:00:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
71aaf392d546bbeff53bc5fd2a8908a0
f8993ab349e9a877435c7a6174e3805bc922092c
aaf93c5c60f163775a3dea112e3e2197a9a2e05d197ff12140bbf9655a405327

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9232e05302d8451c85413267dc8d57cd; expires=Fri, 20 Sep 2024 08:00:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1369
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 21 Sep 2023 08:01:37 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://drive.vuinsider.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
32f166044ed330a4dedb707202b6045f
7ce50d35cf120769fb9fb265a8e4496fb5ae21d6
61d15a2b56726fea848ee04d602d30e4b50b03f5c14679276666015897685302

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Content-Type: application/json
Content-Length: 525
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: a2bd4f37fef1d86eef5e6f48f2a2264c
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
2c6c999004e2d6385fe9738be5840d80
faef038c46e4a808327397e6b0238774cfd32ce4
a27fea8c0be77e0f33156ca054df510945e63447c1f6f0eee16d212e88630877

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Content-Type: application/json
Content-Length: 525
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 6f85920f50e8cded56f4410a3ca1c1b3
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

gloaphoo.net/500/6014208?excludes=&oaid=9232e05302d8451c85413267dc8d57cd&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.2

139.45.197.239

200 OK

0 B

URL GET HTTP/2
gloaphoo.net/500/6014208?excludes=&oaid=9232e05302d8451c85413267dc8d57cd&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.2
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectgloaphoo.net
FingerprintA1:7D:4E:48:69:60:03:3C:41:DA:84:A6:06:1F:C4:6C:02:CC:36:F1
ValidityWed, 26 Jul 2023 05:09:14 GMT - Tue, 24 Oct 2023 05:09:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/6014208?excludes=&oaid=9232e05302d8451c85413267dc8d57cd&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.2 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

glimtors.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
glimtors.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Content-Type: application/json
Content-Length: 393
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7e3194ba9cffa1a33add5504181d7281
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

offerimage.com/www/images/3cc187c3294f050cb0f2632e70e60563.png

104.22.32.172

200 OK

93 kB

URL GET HTTP/2
offerimage.com/www/images/3cc187c3294f050cb0f2632e70e60563.png
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
93 kB (93324 bytes)
Hash
3cc187c3294f050cb0f2632e70e60563
3f827edd982ebb762f5aa277031e479b915ec3ca
b19c84a72b1d44fb0226991b96e3ad276549cb40af572411320212828d77a498

HTTP Headers

GET /www/images/3cc187c3294f050cb0f2632e70e60563.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: image/png
content-length: 93324
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-16c8c"
expires: Thu, 21 Sep 2023 08:30:38 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 84572
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a0c5e36a35168d-ARN
X-Firefox-Spdy: h2

gloaphoo.net/impression/eG5mvO_2bWFxXiIDWIWDiy5U1TX8gI_VV0Z5PXng9s6a3jWWqwCi2vIfHiVwKl6jitxLWwMOvLRoV7OtiIWPxzdj8hiTuySkJavUq61XaWxvbySH8FoDernVKP_7NYDtAaIGC4PxweGEMtNimNg7JdTCYDCV82Az5e7Hw1bR3xsyivDzsXZcgezAqJbTShAiJ2R-dc1kRmrfoDVU_nvWxtu1qRanSLlcjDG2gGB_xdWpZYf93SUPF8LlMeNicynU079jGTsBL5M_519t_gaE5sE_yrRsl_Je5n7q7R6bTJbJ_4rTfvBK-Bc9NmNUjZlUbtWUDdZBlzdfeACJeAEZ7uHUpATb-xncxLWjfsKI5uoQC8SW7CeZF5UrBSCbJkcYE4sAAv9FbFugtblNquy7_0dM8Nvq5-828Ecf6TwzBGd1au8rZMGWtFhATgEI4j3XnQ4U2NCttaVRGKvKvJd2HFjwB7WjggoSe6_TdvIvu3g2D6xYCjFTRt_kSgOe4pfqisw1Gpuk7z2j8Kg_lZm1J73NbTwuFI1mpedtFSJrNVLzbEzINTYa21XKMEzsxrLWG4xFfFYw1hLUAWdc5fdAeyZq1h12SYWOAAPEebQFcBwl_TFS6GQCWXPkR6ZqY6TgfKuWgd5L8Sk=?_z=6014208&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.2

139.45.197.239

200 OK

43 B

URL GET HTTP/2
gloaphoo.net/impression/eG5mvO_2bWFxXiIDWIWDiy5U1TX8gI_VV0Z5PXng9s6a3jWWqwCi2vIfHiVwKl6jitxLWwMOvLRoV7OtiIWPxzdj8hiTuySkJavUq61XaWxvbySH8FoDernVKP_7NYDtAaIGC4PxweGEMtNimNg7JdTCYDCV82Az5e7Hw1bR3xsyivDzsXZcgezAqJbTShAiJ2R-dc1kRmrfoDVU_nvWxtu1qRanSLlcjDG2gGB_xdWpZYf93SUPF8LlMeNicynU079jGTsBL5M_519t_gaE5sE_yrRsl_Je5n7q7R6bTJbJ_4rTfvBK-Bc9NmNUjZlUbtWUDdZBlzdfeACJeAEZ7uHUpATb-xncxLWjfsKI5uoQC8SW7CeZF5UrBSCbJkcYE4sAAv9FbFugtblNquy7_0dM8Nvq5-828Ecf6TwzBGd1au8rZMGWtFhATgEI4j3XnQ4U2NCttaVRGKvKvJd2HFjwB7WjggoSe6_TdvIvu3g2D6xYCjFTRt_kSgOe4pfqisw1Gpuk7z2j8Kg_lZm1J73NbTwuFI1mpedtFSJrNVLzbEzINTYa21XKMEzsxrLWG4xFfFYw1hLUAWdc5fdAeyZq1h12SYWOAAPEebQFcBwl_TFS6GQCWXPkR6ZqY6TgfKuWgd5L8Sk=?_z=6014208&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.2
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectgloaphoo.net
FingerprintA1:7D:4E:48:69:60:03:3C:41:DA:84:A6:06:1F:C4:6C:02:CC:36:F1
ValidityWed, 26 Jul 2023 05:09:14 GMT - Tue, 24 Oct 2023 05:09:13 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/eG5mvO_2bWFxXiIDWIWDiy5U1TX8gI_VV0Z5PXng9s6a3jWWqwCi2vIfHiVwKl6jitxLWwMOvLRoV7OtiIWPxzdj8hiTuySkJavUq61XaWxvbySH8FoDernVKP_7NYDtAaIGC4PxweGEMtNimNg7JdTCYDCV82Az5e7Hw1bR3xsyivDzsXZcgezAqJbTShAiJ2R-dc1kRmrfoDVU_nvWxtu1qRanSLlcjDG2gGB_xdWpZYf93SUPF8LlMeNicynU079jGTsBL5M_519t_gaE5sE_yrRsl_Je5n7q7R6bTJbJ_4rTfvBK-Bc9NmNUjZlUbtWUDdZBlzdfeACJeAEZ7uHUpATb-xncxLWjfsKI5uoQC8SW7CeZF5UrBSCbJkcYE4sAAv9FbFugtblNquy7_0dM8Nvq5-828Ecf6TwzBGd1au8rZMGWtFhATgEI4j3XnQ4U2NCttaVRGKvKvJd2HFjwB7WjggoSe6_TdvIvu3g2D6xYCjFTRt_kSgOe4pfqisw1Gpuk7z2j8Kg_lZm1J73NbTwuFI1mpedtFSJrNVLzbEzINTYa21XKMEzsxrLWG4xFfFYw1hLUAWdc5fdAeyZq1h12SYWOAAPEebQFcBwl_TFS6GQCWXPkR6ZqY6TgfKuWgd5L8Sk=?_z=6014208&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.2 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Cookie: OAID=9232e05302d8451c85413267dc8d57cd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:15 GMT
content-type: image/gif
content-length: 43
x-trace-id: 94deb625b8630ee45f09fdbeb4c32ef0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/3cc187c3294f050cb0f2632e70e60563.png

104.22.32.172

200 OK

93 kB

URL GET HTTP/2
offerimage.com/www/images/3cc187c3294f050cb0f2632e70e60563.png
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
93 kB (93324 bytes)
Hash
3cc187c3294f050cb0f2632e70e60563
3f827edd982ebb762f5aa277031e479b915ec3ca
b19c84a72b1d44fb0226991b96e3ad276549cb40af572411320212828d77a498

HTTP Headers

GET /www/images/3cc187c3294f050cb0f2632e70e60563.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 21 Sep 2023 08:00:15 GMT
content-type: image/png
content-length: 93324
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-16c8c"
expires: Thu, 21 Sep 2023 08:30:38 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 84577
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a0c600ce27168d-ARN
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

17 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
gzip compressed data, max compression\012- data
Size
17 kB (16655 bytes)
Hash
fcc7ee5678541adea03770b8cfafd146
e5d4c9d76cabeef9e8faa14ff0ed07bd097396fc
1474e26a5116379d3fa3f65cec9f195f0d826c24891a55a15f39c92dae12405d

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 21 Sep 2023 08:00:15 GMT
date: Thu, 21 Sep 2023 08:00:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 04:50:55 GMT
expires: Fri, 20 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 11360
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 15 Sep 2023 10:05:24 GMT
expires: Sat, 14 Sep 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 510891
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

gloaphoo.net/401/6014208

139.45.197.239

200 OK

91 kB

URL GET HTTP/2
gloaphoo.net/401/6014208
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectgloaphoo.net
FingerprintA1:7D:4E:48:69:60:03:3C:41:DA:84:A6:06:1F:C4:6C:02:CC:36:F1
ValidityWed, 26 Jul 2023 05:09:14 GMT - Tue, 24 Oct 2023 05:09:13 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (91122 bytes)
Hash
9712711cfdd0db0dac8ae04f43b63007
e2839fabfbdb58dda77b6b90301c9ed49fedb2ae
83d1bc0c577f12f9bfc90a1067bcb013a3421061a6b229f28d3f36225159f0dc

HTTP Headers

GET /401/6014208 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:09 GMT
content-type: application/javascript
x-trace-id: 2f597b15961d5f7fff733dc605fb1d99
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=e9c400bac5c242c081889324f68949c5; expires=Fri, 20 Sep 2024 08:00:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

172.67.211.29

200 OK

80 kB

URL GET HTTP/2
inklinkor.com/tag.min.js
IP
172.67.211.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subjectinklinkor.com
FingerprintF9:E2:87:BB:45:BD:69:84:B8:1A:2C:23:70:4D:BE:9E:4F:00:3C:F6
ValidityFri, 25 Aug 2023 12:55:35 GMT - Thu, 23 Nov 2023 12:55:34 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
80 kB (79882 bytes)
Hash
a3b25ba8316f38d39cbf075d179aad71
9ee5f28a77d2bf3eaa59865c259e8d5c5d6cf272
311c51da9b45e9b6d879e703d48b0324b6921919659a430735032711fb7126cd

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 21 Sep 2023 08:00:09 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: d5e4c7d6c6cbeae1c041198c79cdb74c
cache-control: max-age=86400
last-modified: Tue, 19 Sep 2023 12:02:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 22 Sep 2023 06:43:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4hKkGrKrNsc2Ln4slbOEYngfrZipQSAy8eBtl7lVXxUdZLBv0jDJHGWVmLbh0PQqeC60if68QzM9XLeS5yylfmX9uFBJo49t54T9KSX7zTk%2F9r%2BPoZnfkjOexmqiAZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a0c5db291e56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

glimtors.net/pfe/current/defaultSkin.min.js

139.45.197.251

200 OK

57 kB

URL GET HTTP/2
glimtors.net/pfe/current/defaultSkin.min.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type

Size
57 kB (57187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 12:11:16 GMT
etag: W/"65083e64-df63"
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

dubzenom.com/5/5818539/?abt_opts=1&oo=1&js_build=iclick-v1.601.0&userId=9232e05302d8451c85413267dc8d57cd

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
dubzenom.com/5/5818539/?abt_opts=1&oo=1&js_build=iclick-v1.601.0&userId=9232e05302d8451c85413267dc8d57cd
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectdubzenom.com
FingerprintB4:A2:7A:7C:28:7D:21:81:28:0D:43:28:55:83:62:AB:A7:E8:B5:4B
ValidityTue, 05 Sep 2023 14:16:13 GMT - Mon, 04 Dec 2023 14:16:12 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3014), with no line terminators
Size
2.8 kB (2774 bytes)
Hash
d37789f04bb779dce57e70b634a8108f
24141fbaf1694445974507399588d382e333d814
f95bf1e38ad4746670c05f4ab64b8661a4a47eb3b16dd236cd02a7155fdf36cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5818539/?abt_opts=1&oo=1&js_build=iclick-v1.601.0&userId=9232e05302d8451c85413267dc8d57cd HTTP/1.1
Host: dubzenom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Cookie: OAID=269aeb58f94d4c5f9ca2e4f7020484b9; oaidts=1695283210
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json
x-trace-id: 5b84ffa55973d54e20d3622900f6a18f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=9232e05302d8451c85413267dc8d57cd; expires=Fri, 20 Sep 2024 08:00:10 GMT; path=/; secure; SameSite=None
oaidts=1695283210; expires=Fri, 20 Sep 2024 08:00:10 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 28 Sep 2023 08:00:10 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

dubzenom.com/?rb=8IRrQ27ZGc68dNYxWZu3YFtjzPVA6WlEBxiBmqap9qjZqZkEysGe54PlTA1ya1LdNDhAWdW5MOLWDj8SFgOn7lZTz5gL5r1A5EH3DOw5UtyINlqVPszd2pVqw2pWg3liRiSCgeHBT7_Dln3GBtj_XFdS2RYGAKlJNP_pztOnXBd_cFre8YfxdubtfmmFOAgTclyC1bk0bGUPZ-asaBVUUcljelaA6r8md7HmtQ%3D%3D&request_ab2=150010&zoneid=5818539&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=78f22c18-ef61-4f74-a757-92aa8cff6205&userId=9232e05302d8451c85413267dc8d57cd&m=link

139.45.197.245

200 OK

2.2 kB

URL GET HTTP/2
dubzenom.com/?rb=8IRrQ27ZGc68dNYxWZu3YFtjzPVA6WlEBxiBmqap9qjZqZkEysGe54PlTA1ya1LdNDhAWdW5MOLWDj8SFgOn7lZTz5gL5r1A5EH3DOw5UtyINlqVPszd2pVqw2pWg3liRiSCgeHBT7_Dln3GBtj_XFdS2RYGAKlJNP_pztOnXBd_cFre8YfxdubtfmmFOAgTclyC1bk0bGUPZ-asaBVUUcljelaA6r8md7HmtQ%3D%3D&request_ab2=150010&zoneid=5818539&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=78f22c18-ef61-4f74-a757-92aa8cff6205&userId=9232e05302d8451c85413267dc8d57cd&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectdubzenom.com
FingerprintB4:A2:7A:7C:28:7D:21:81:28:0D:43:28:55:83:62:AB:A7:E8:B5:4B
ValidityTue, 05 Sep 2023 14:16:13 GMT - Mon, 04 Dec 2023 14:16:12 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2270), with no line terminators
Size
2.2 kB (2241 bytes)
Hash
824af3740a51c881d85a9d38d968b3e0
91e42a74ac6a17a45817ed81f8acf0e93f958317
736e52bc56ad2501d4e1bd1f20da08d72b2ca29a8da3fa7ff2bb3eb49332356d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=8IRrQ27ZGc68dNYxWZu3YFtjzPVA6WlEBxiBmqap9qjZqZkEysGe54PlTA1ya1LdNDhAWdW5MOLWDj8SFgOn7lZTz5gL5r1A5EH3DOw5UtyINlqVPszd2pVqw2pWg3liRiSCgeHBT7_Dln3GBtj_XFdS2RYGAKlJNP_pztOnXBd_cFre8YfxdubtfmmFOAgTclyC1bk0bGUPZ-asaBVUUcljelaA6r8md7HmtQ%3D%3D&request_ab2=150010&zoneid=5818539&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fdrive.vuinsider.com%2F33h%2Frubenzhtml-10.rar&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=78f22c18-ef61-4f74-a757-92aa8cff6205&userId=9232e05302d8451c85413267dc8d57cd&m=link HTTP/1.1
Host: dubzenom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Cookie: OAID=9232e05302d8451c85413267dc8d57cd; oaidts=1695283210; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/json
x-trace-id: 23cecaacfe4e3dda4db0102d37b6b920
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9232e05302d8451c85413267dc8d57cd; expires=Fri, 20 Sep 2024 08:00:10 GMT; path=/; secure; SameSite=None
oaidts=1695283210; expires=Fri, 20 Sep 2024 08:00:10 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 28 Sep 2023 08:00:10 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

glimtors.net/pfe/current/universal.min.js?v=3.1.460

139.45.197.251

200 OK

88 kB

URL GET HTTP/2
glimtors.net/pfe/current/universal.min.js?v=3.1.460
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerLet's Encrypt
Subjectglimtors.net
Fingerprint16:2D:47:69:3C:36:FE:B1:A3:A3:A5:57:73:5B:D0:FD:74:26:13:8F
ValiditySat, 02 Sep 2023 05:36:03 GMT - Fri, 01 Dec 2023 05:36:02 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87463 bytes)
Hash
0f22080b3f88f2f09bbabbcb8e9550c4
191596e48cd208528643ab0530ce3b2cb3f68fae
5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.460 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.vuinsider.com/
Origin: https://drive.vuinsider.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 21 Sep 2023 08:00:09 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 12:11:16 GMT
etag: W/"65083e64-155a7"
access-control-allow-origin: https://drive.vuinsider.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.134.147

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.134.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drive.vuinsider.com/33h/rubenzhtml-10.rar
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint42:15:A6:1F:C2:2C:D5:FF:32:2C:B9:6C:84:A6:86:63:B0:45:C5:20
ValidityMon, 07 Aug 2023 17:09:01 GMT - Sun, 05 Nov 2023 17:09:00 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drive.vuinsider.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 21 Sep 2023 08:00:10 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHswI5hfd%2Fl5CqNXztToty4SA%2FW7Ycuo501bDLJ4zwlIKr6%2BGhhSawglQLRk68E%2FO6R62eSBzl6dOj2z0q1PMIlf2ya6AMTr24%2BsSX051KsC8xoosoRZ0et1Djb9UA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a0c5dea8bc0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by