Report - www.macfiles.org/category/adobe/adobe-after-effects/

Report Overview

Submitted URL
www.macfiles.org/category/adobe/adobe-after-effects/
IP
172.67.189.25
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 21:52:06
Access
public
Website Title
Adobe After Effects - Mac Torrents
Final URL
www.macfiles.org/category/adobe/adobe-after-effects/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-03-26	1.4 kB	280 kB	45.133.44.9
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-03-25	2.7 kB	178 kB	172.64.161.4
sp-ao.shortpixel.ai	17221	2018-07-14	2021-08-12	2024-03-26	3.8 kB	8.0 kB	194.242.11.186
www.macfiles.org	unknown	unknown	No data	No data	7.7 kB	423 kB	172.67.189.25
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-28	903 B	14 kB	142.250.74.74
accidentallyrussian.com	unknown	2023-02-24	2023-02-24	2023-11-10	882 B	25 kB	172.240.253.132
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-03-28	338 B	942 B	143.204.53.97
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-03-28	458 B	30 kB	104.18.11.207
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-28	3.2 kB	123 kB	216.58.207.227
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-03-28	880 B	846 B	3.72.189.164
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-03-27	411 B	84 kB	188.114.97.1
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-03-25	490 B	2.0 kB	45.133.44.3
ablecolony.com	unknown	2024-03-24	2024-03-24	2024-03-27	22 kB	41 kB	172.240.108.84
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-03-27	736 B	423 B	192.243.59.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	accidentallyrussian.com	Sinkholed
2024-03-28	medium	accidentallyrussian.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	downstairsnegotiatebarren.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	unseenreport.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed
2024-03-28	medium	ablecolony.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	unknown	145 B	2024-01-22	2024-03-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-22 16:04:14 Last Seen2024-03-29 03:10:07 Times Seen9 Hash 010675a74fa808cd719c26cc64da0f1c e74adbc296518a78a345a26b204455415c75ca6c b105249e4d5042eb4d39b33176e4d3e69390a8f521ba8d08726ffc7a6b52e097 Loading...

	unknown	3.3 kB	2024-03-28	2024-03-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:13 Times Seen1 Hash 13ed0a83dce6bbd439b848c539a07bcd fb9db70b4b8cd1dbd62f308577fedecbe9f23a06 588c5f3794f467cd23ec3692aeec17844c0bb0bdbe218ae039a139632a519ddf Loading...

	www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js	25 kB	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen14 Hash 172db96c9c2185db11d51bb2dbcc6706 8ea3ff074fe57551669e3c8d22aa052f16339d6b bf0f6f2e3f5f938e66a3415ddc527848551055d4273d098dafdcbd3ffea2db91 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 18:32:34 Times Seen342146 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-04-27
Pretty URL www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-04-27 18:24:19 Times Seen42407 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/	3.3 kB	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/ IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen7 Hash 9d9193046d1da9aae6d62fdbdfe9726c 6963e54f996762adc97bb427d7bb135458ab97dc 9602837d8d670241f59edb78b91612a225b74faef466c9b82f4f50b5207e4785 Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/	338 B	2024-01-29	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/ IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-29 03:10:07 Times Seen8 Hash 98af53a418e2964682d58e239d4f1666 27cc77db23d563a373c8ca270bf04821f2653b1d fe2c6594bdd33bc4f67f009e0fa75a04f0ec201ab624797178620b976fb60f8a Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2023-11-23	2024-03-29
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35:39 Last Seen2024-03-29 19:41:27 Times Seen10518 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	unknown	3.4 kB	2024-03-28	2024-03-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:13 Times Seen1 Hash d290c7e5746d540221069184d9fbd0f6 4fc6edcbde8fb012806f5a1735308dfafebff8ba 494402c98d7f9f9cb7ce27b00cdf95b85de0b294951a90842870db78cf6f9a62 Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/	283 B	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/ IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen7 Hash 4b65360be731977b74fc1b6f915a7c65 35a1d5487f9829a5e0c6be06fdac6981cb485964 df5433765973051e1f884dea7903ca406d22fc72ba4294b2100d84c156ab6d9b Loading...

	www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11	9.8 kB	2023-03-07	2024-04-26
Pretty URL www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11 IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 13:38:12 Times Seen3435 Hash d1edbffbde50cd32ab770746b4140906 6e120f03a5ac9fddc25e7830d204b202721d8879 c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1 Loading...

	unknown	1.5 kB	2024-01-29	2024-03-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-28 22:52:23 Times Seen4 Hash 0869ab00bbd090460ce9ad05ca0e691a 68fcd3a366086f5a035027bc5fb96c92d0d91f7c f519ab692646914c50293aea3d20254f8fbb13d7739adde82ed39f4a3e232d82 Loading...

	accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js	31 kB	2024-03-28	2024-03-28
Pretty URL accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:23 Times Seen6 Hash 32dc964f69ada574b44404c2895c5615 ce95ae0072faac8b8b092e8970237cd7ad1386d5 ac6b7c3d7de6a7df176391a27c6eb48c93de89517fc79b572e6f45973155b1fc Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/sandbox%20eval%20code	147 B	2023-04-11	2024-04-27
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 18:32:34 Times Seen342648 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js	44 kB	2024-03-28	2024-03-28
Pretty URL ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:23 Times Seen6 Hash 7cd2e2fab339aae1809f9111df9f350c d6935bcbef52be6545be5b6e960f0e8073284ba8 a3c7faf12628a85b427670948377401da8cf087f320490ebaaa4e8d12b397577 Loading...

	unknown	145 B	2023-03-13	2024-03-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:47:26 Last Seen2024-03-29 03:10:07 Times Seen30 Hash e912fbf01816e2b263d6e5e940287459 5d433292ea58167b9c8d42d3b53cf1ab01871968 76d987fd4fe35ac9d287dcd13e8d199078d0189f78baba3eaefbdd1eb5a51c46 Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/	180 B	2024-03-02	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/ IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 23:34:58 Last Seen2024-03-29 03:10:07 Times Seen7 Hash 1c90923a83050cbeaaa8e323964ca7e7 a108ac18641ec878e2a8177897b42c0ee17736ed a58ba1cba3c681b8c125e7d17c1ba304573e064458758f1491aa1ca69a769038 Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/	84 B	2023-03-07	2024-04-26
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/ IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 13:38:12 Times Seen2452 Hash 31370ae3f78a60279d29cd25e1eb8657 34f454d9855d2dc1d71ab7101bd7a04d1b0199bf 6682cf99413df38b7572d2f2eb9c549f33d2a52ceaa9c6a8ff723c02339380dc Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/	60 B	2024-01-29	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/ IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-29 03:10:07 Times Seen8 Hash 5f7ec1238346d5082d10d60fe7a3cdfc 03e8c1d4082815c32dc7d25515a3ff273146fc84 9e3f63f5b84279ec3bf7be4318c299832facbba079409a1412049c0004eecd07 Loading...

	cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js IP 172.64.161.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2024-04-27 14:53:25 Times Seen3752 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js	31 kB	2024-03-28	2024-03-28
Pretty URL accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:23 Times Seen6 Hash 277b0bd61cc70f4548e8e93248713833 d3154593a057abb280cb13af848e057f5ef7ce27 4cc6b5ed12e507d6f0d21b1bc42a0c7c4a01c47553910eed543d267a060c209c Loading...

	www.macfiles.org/category/adobe/adobe-after-effects/	392 B	2024-01-29	2024-03-29
Pretty URL www.macfiles.org/category/adobe/adobe-after-effects/ IP 172.67.189.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-29 15:10:26 Last Seen2024-03-29 03:10:07 Times Seen8 Hash a628b49c17842a2fc21745e163de3a7c d2d5af53359f0eac0ededa0f321b0e126a6c8d65 8327c1d3e145b1c74991ddcdfae9e45c93ae197aed0b4d75f9f53ec98d06fe41 Loading...

	unknown	196 B	2024-01-22	2024-03-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-22 16:04:15 Last Seen2024-03-29 03:10:07 Times Seen9 Hash a41b8b3183ca559d75130f0259679333 d879ce9c3d2999dafc39c776348c05ad1275401d 429ece8a490139a5fed1d9e6e1e80cfba5bebae4c1efc06e186c2ea81646c4dd Loading...

		Size	First Seen	Last Seen
	#1 Eval - 853a346ae36c38366414dd88e8cd934d	2.1 kB	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:13 Times Seen1 Hash 853a346ae36c38366414dd88e8cd934d c8a9cf02128d3b6824f7e37a02a4e14c1416dadf 5fc567cf6e467bd97c104519548853f684202f46c13558b0980df43550ffbe66 Loading...

	#2 Eval - 101394f5d0163653c22228b297d837d2	2.1 kB	2024-03-28	2024-03-28
Pretty Observations First Seen2024-03-28 22:52:13 Last Seen2024-03-28 22:52:13 Times Seen1 Hash 101394f5d0163653c22228b297d837d2 8c9f8f384f5c17f39594b1e1f9a7e2d01072df31 9f5b451dfd5dbeb76786d703efc92c3d1055f4405a37227f5e2fa0fce0a82ed8 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5bc9b2f8993a54a10f8052310550dbcf	121 B	2023-04-13	2024-03-29
Pretty Observations First Seen2023-04-13 08:40:16 Last Seen2024-03-29 03:10:07 Times Seen10 Hash 5bc9b2f8993a54a10f8052310550dbcf 740cdc2996d3981ac7d69172e343a3897b56b425 dfbf1d17bc32b14ba8b9378f3b61dcffdde7972d5e31b9c9aab2946c41829a87 Loading...

	#2 Write - 0e408b0b7fcbd1943ee8b70cb355f000	115 B	2024-01-22	2024-03-29
Pretty Observations First Seen2024-01-22 16:04:15 Last Seen2024-03-29 03:10:07 Times Seen9 Hash 0e408b0b7fcbd1943ee8b70cb355f000 120a1a1539bd6cc790343c89fa652d8297aaacca 7c660e55006098b1ed20e28d18cc3b1dafc7e02fd8d47754227a66452493730a Loading...

HTTP Transactions (61)

URL IP Response Size

www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js

172.67.189.25

200 OK

9.3 kB

URL GET HTTP/3
www.macfiles.org/wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
9.3 kB (9322 bytes)
Hash
172db96c9c2185db11d51bb2dbcc6706
8ea3ff074fe57551669e3c8d22aa052f16339d6b
bf0f6f2e3f5f938e66a3415ddc527848551055d4273d098dafdcbd3ffea2db91

HTTP Headers

GET /wp-content/cache/autoptimize/js/autoptimize_f5cf7bf0504fb02936b2e8f264a1676c.js HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-after-effects/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:39 GMT
content-type: application/javascript
cache-control: public, max-age=30672000, immutable
expires: Thu, 13 Mar 2025 12:40:42 GMT
last-modified: Fri, 22 Mar 2024 22:18:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 465057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udesM4gOUce34Nodv%2Fr7WVBvLMEIHU%2BkhKJguq827TaxJOdAfIkKWOFOIQbhnButuutQ3CIWKxw6RfpHGfVDQmJ8OvxFPtrPVz7WgrdxhYnzZyHaHjwoL8OZjUq9zmywTnp3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7c0fb71569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=6.4.3

142.250.74.74

200 OK

920 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=6.4.3
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
gzip compressed data, max compression
Size
920 B (920 bytes)
Hash
ca291713e090d2d7d0ed7ec22e28de8a
6d3743d5a3d6cd5c37abbe50d8ea6045ce036e72
96d13d35e6e906991fff5c76d97019a23887a3923bae097cbab966080136faf6

HTTP Headers

GET /css?family=Lato%3A400%2C400italic%2C700%2C700italic&ver=6.4.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 21:51:39 GMT
date: Thu, 28 Mar 2024 21:51:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

172.67.189.25

200 OK

103 kB

URL GET HTTP/3
www.macfiles.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
103 kB (103290 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-after-effects/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:39 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 02 Apr 2024 14:05:45 GMT
last-modified: Wed, 03 Jan 2024 18:24:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 200754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nOsVs5qzZLJg5oW4p6dqvuTk%2FhcL%2BD7erAhvTz9rcGzaGdTL2Cm2YhDGqFBg5gLedbjyLaJdgP2XFC695IOiDCbHJzzPzp1zciNvBg4KkfQ5FJ8QogKghWywySFpodegChC7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7c0eb5c569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css

172.67.189.25

200 OK

54 kB

URL GET HTTP/3
www.macfiles.org/wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
ASCII text, with very long lines (57196)
Size
54 kB (53779 bytes)
Hash
f48aa7ecd172a185ec63a62350830ea2
3cc17e2e290740e9c14998bc7bdce967dd7e070f
3a3f81944543ee5b3108ce8bf4892e318b9c8190455bab909cb9ef7026ec3297

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-after-effects/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:39 GMT
content-type: text/css
cache-control: public, max-age=30672000, immutable
expires: Fri, 21 Feb 2025 09:28:59 GMT
last-modified: Sun, 03 Mar 2024 08:36:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2204560
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3ok%2BSGweR5wrkfqyK35fFdjjGTsFF6hm%2FkJsgeAQIpZchdLwiLajNRbKX4p3lg%2FdWW8WWEzbRSdDI2tfZj3qUxMLmGZUOCEUjGA8AVpbioAqF190YrwQ1mIMnOempwUs0D%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7c0eb57569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:35:51 GMT
expires: Fri, 28 Mar 2025 17:35:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 15348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24408, version 1.0
Size
24 kB (24408 bytes)
Hash
efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

HTTP Headers

GET /s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:24:25 GMT
expires: Fri, 28 Mar 2025 17:24:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:14:26 GMT
content-type: font/woff2
age: 16034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11

172.67.189.25

200 OK

4.7 kB

URL GET HTTP/3
www.macfiles.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
JavaScript source, ASCII text, with very long lines (7862)
Size
4.7 kB (4705 bytes)
Hash
d1edbffbde50cd32ab770746b4140906
6e120f03a5ac9fddc25e7830d204b202721d8879
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

HTTP Headers

GET /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.11 HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-after-effects/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:39 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 03 Apr 2024 13:01:12 GMT
last-modified: Wed, 13 Mar 2024 09:02:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 118227
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPP2CDQ7%2BbqGK%2B%2FXs7opGzJWSmx15RrB54NodQYL6FrrkrKilhnuBrfhup2dQXgujbvkHb28JVBTpdGyNlHGWn1%2FqdUH644QmvCmKAJMW%2Fd50xMjeJYbwaP9sa4qiZrPyE%2FA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7c0fb6d569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js

172.240.253.132

200 OK

12 kB

URL GET HTTP/1.1
accidentallyrussian.com/cc43d9e6e02d1d5141beb272805e2db1/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectaccidentallyrussian.com
Fingerprint3E:C7:58:F1:C6:88:A7:93:4D:44:9B:CF:A9:90:F1:C7:E1:A3:1C:12
ValidityTue, 20 Feb 2024 06:04:20 GMT - Mon, 20 May 2024 06:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (31275), with no line terminators
Size
12 kB (11827 bytes)
Hash
32dc964f69ada574b44404c2895c5615
ce95ae0072faac8b8b092e8970237cd7ad1386d5
ac6b7c3d7de6a7df176391a27c6eb48c93de89517fc79b572e6f45973155b1fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cc43d9e6e02d1d5141beb272805e2db1/invoke.js HTTP/1.1
Host: accidentallyrussian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d5a4a850e154b3c5a2cfae0378de059
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js

172.240.253.132

200 OK

12 kB

URL GET HTTP/1.1
accidentallyrussian.com/ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectaccidentallyrussian.com
Fingerprint3E:C7:58:F1:C6:88:A7:93:4D:44:9B:CF:A9:90:F1:C7:E1:A3:1C:12
ValidityTue, 20 Feb 2024 06:04:20 GMT - Mon, 20 May 2024 06:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (31283), with no line terminators
Size
12 kB (11839 bytes)
Hash
277b0bd61cc70f4548e8e93248713833
d3154593a057abb280cb13af848e057f5ef7ce27
4cc6b5ed12e507d6f0d21b1bc42a0c7c4a01c47553910eed543d267a060c209c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ab41dcc89a8f02e3ef0be2e1b079565a/invoke.js HTTP/1.1
Host: accidentallyrussian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b16e4006ca6f4566a9bbbb3638bf643
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e0720567b89e85a074c0401003b4b7fb
4c9bd983308c50da9266d2d5a4a5e010b6736408
520b6f66e6827aed3facc07d0cdeb0f06ac5785dbf68439e82a20face8555e5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 28 Mar 2024 21:51:40 GMT
Last-Modified: Thu, 28 Mar 2024 20:52:00 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 76EXADVaRTpTfZc8WofsBkXxXatHRJ3Wyh__fjlkaBLTbOp1roHKCA==
Age: 3580

proftrafficcounter.com/stats

3.72.189.164

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.72.189.164:443
ASN
#16509 AMAZON-02

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
8075a8f7197a341d270316413f8af8ce
4a61dece7e46c05ef2ae6efbc5d6dba069f9bdf2
74bf53c8deb17a0755f2332bf85041b063d71ce48bac6aa68a3d2746ea0a2027

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.macfiles.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73:3:1; expires=Sun, 26 Mar 2034 21:51:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.72.189.164

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.72.189.164:443
ASN
#16509 AMAZON-02

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
807ce8e4c29f2db9699febf3b14909b5
1416d80e467ed25c406d0be8f1dea0393b6fa7cb
1bf53cea4eb3caffe60f5aadce299080328a52647ec7ba189d7af1a1df2cd1bc

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.macfiles.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; expires=Sun, 26 Mar 2034 21:51:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_175/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_175/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_175/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:57
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns62
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 7591a81a5d029d82b3bc2748c78f60cc
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:56
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 891f21ae82b5937af08f7a11df38719b
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:56
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 7c2296d4585963a91bf7df884265c33a
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_196/https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_196/https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_196/https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 07:59:12
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2024/01/maclogo.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns62
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 279253c1d92c31ccc0975c3d57091941
cdn-cache: UPDATING
X-Firefox-Spdy: h2

www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020.png

172.67.189.25

200 OK

5.1 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020.png
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 175 x 175, 8-bit colormap, non-interlaced
Size
5.1 kB (5067 bytes)
Hash
80c8490644974b633a92e92abc8b2ee1
13090fe9437eff0550aa75e5bed5590833bdd629
6d47efcf5edaa7beb3b528a3ab4475252994c41b7f5378432f6a56db3214795c

HTTP Headers

GET /wp-content/uploads/2020/08/Adobe-After-Effects-2020.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: image/png
content-length: 5067
cache-control: public, max-age=604800
expires: Tue, 02 Apr 2024 18:36:27 GMT
last-modified: Mon, 17 Aug 2020 04:36:17 GMT
cf-cache-status: HIT
age: 184513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKhil2atczqbdQTib5IML7WUQDXmFH9uPSCvzr1kyRybO4JLjW8aXhlZYa1RdDzNolVo6AHepL2vuqU7dVkYvdlecMOJuj8%2BfDn4G424nFT%2F6RTnu7X9yuP4es7EHoKlJ%2BlM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7c8bbd5569b-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png

172.67.189.25

200 OK

10 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
10 kB (10441 bytes)
Hash
c7089b18b5c108f5c464197d6f4de04a
2cb7d068ec11c1661d43db9a80a01bc7e19c4efe
3861a6cc73d11b2e2a56413e63ab357574bf1622883d21c6eb6ce23cef2040a2

HTTP Headers

GET /wp-content/uploads/2020/08/Adobe-Photoshop-2020-150x150.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: image/png
content-length: 10441
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:40 GMT
last-modified: Mon, 17 Aug 2020 04:41:21 GMT
cf-cache-status: HIT
age: 284940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DD%2FqGWd8kcM5i%2FHYh6%2BnAGLuvR8Q%2Ftqcusg7FzStHo2GFiE2u53x%2BvgnWqE2GXvTqhv03zkfjDQmPqLaZRrut8EaFfGKOMINboXR5pgZADSt0lTQDpdOgzGasqj9pD2HRec"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7c8cbeb569b-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png

172.67.189.25

200 OK

12 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 147, 8-bit/color RGBA, non-interlaced
Size
12 kB (12290 bytes)
Hash
ee44b2d0e4a82c63a0ef6f175cf29782
feeb464999087121b8bafa151060d930e5bd1cd6
e1b580cf7dc571624a359e00a777e9dc298b756dc54fed2881a8ccb111a4bdae

HTTP Headers

GET /wp-content/uploads/2020/09/Adobe-Illustrator-2020-150x147.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: image/png
content-length: 12290
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:47 GMT
last-modified: Sat, 26 Sep 2020 08:45:42 GMT
cf-cache-status: HIT
age: 284933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3vEjR64VHkmao3CQ7BE9JEP9xiDyCY%2Bol1KmJQSVFz%2FM7acqWpi8RmO8WXGJcJL7gb8XSKRy%2FJfSdDaZc%2BRL8fVW0ND7n%2FFuq7dU1Ceta%2FPmQlZQ3x6QW87fiGqFo8NzFW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7c8cbf0569b-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2024/01/maclogo.png

172.67.189.25

200 OK

7.0 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2024/01/maclogo.png
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 196 x 74, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (6997 bytes)
Hash
e781a5f87918fdc8ab2b9f0b1922c0bb
eab7d93ca044af7bbe20c64cbf8eb03bb5fa1f33
3f1e1b9a30c49fdeca79f5b77ef2d9defc6538b835a25f5d2483121e654020c1

HTTP Headers

GET /wp-content/uploads/2024/01/maclogo.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:40 GMT
content-type: image/png
content-length: 6997
cache-control: public, max-age=604800
expires: Sat, 30 Mar 2024 12:40:42 GMT
last-modified: Fri, 19 Jan 2024 13:31:10 GMT
cf-cache-status: HIT
age: 465058
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqWBPcdoKxo1gs5JrtyCQ%2F%2FkYJdCqjlYSYqrHoJWYtqaFKVNbtDvOYmQrR%2FARJLqeLOO54rNjErkAAZx40lxSVJgGBBwPFdc6R6uB66svBIqUikgCdjPe2TsEmz8P%2FnDxDEu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7c8dc0c569b-OSL
alt-svc: h3=":443"; ma=86400

ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js

172.240.108.84

200 OK

16 kB

URL GET HTTP/1.1
ablecolony.com/a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JavaScript source, ASCII text, with very long lines (43994), with no line terminators
Size
16 kB (15784 bytes)
Hash
7cd2e2fab339aae1809f9111df9f350c
d6935bcbef52be6545be5b6e960f0e8073284ba8
a3c7faf12628a85b427670948377401da8cf087f320490ebaaa4e8d12b397577

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a9/04/d2/a904d25cbc0e65d37e5cf79e2d057c1d.js HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2ddc213b64a43412f66a9bbb9115ca82
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ablecolony.com/watch.540211825832.js?key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&tz=0&dev=e&res=14.2071&uuid=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73%3A3%3A1

172.240.108.84

307 Temporary Redirect

0 B

URL GET HTTP/1.1
ablecolony.com/watch.540211825832.js?key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&tz=0&dev=e&res=14.2071&uuid=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.540211825832.js?key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&tz=0&dev=e&res=14.2071&uuid=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73%3A3%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Location: https://ablecolony.com/watch.540211825832.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=ace53f966c0f1cfcede4e9894d35a0fbc90c9f3a6491565c9b176170102ba7d1dcba8157abb682f34af1cc4f01a64e00f06dfa2c63f0f7cc93ae46d227c0d289e1ff066ba6c787824e3dc04a2f4a62d05087483e2f5c31255e59403049ff&tz=0&uuid=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73%3A3%3A1
Set-Cookie: u_pl=17871235; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg3MTIzNSwiayI6ImNjNDNkOWU2ZTAyZDFkNTE0MWJlYjI3MjgwNWUyZGIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjUzODYsInBpZCI6MTA0NDc2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJpdmRjdnJ5a2EiLCJjcGtzIjp7IjI5IjoiYTkwNGQyNWNiYzBlNjVkMzdlNWNmNzllMmQwNTdjMWQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.L3EPYgyfH8t3RKnYJ9F5E9UdHP3qcNTUZDbHDSmwX28; expires=Thu, 28 Mar 2024 21:52:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6bff2eb3c9211c01c8a946f432b832d3
Strict-Transport-Security: max-age=0; includeSubdomains

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 21:51:41
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 1ba36d4a68820f0b6c3d5cf00d19f491
cdn-cache: HIT
X-Firefox-Spdy: h2

www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png

172.67.189.25

200 OK

7.5 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
7.5 kB (7454 bytes)
Hash
09a660d8c127a9fce4f31b0228fbc554
84a626c6fa093fbe3f711f770c6350fc3493041f
81f82c2b5a1a780d1af9dc2e3727761064485bcabc630e69fdb10c639f1af141

HTTP Headers

GET /wp-content/uploads/2020/08/Adobe-Premiere-Pro-2020-150x150.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:41 GMT
content-type: image/png
content-length: 7454
cache-control: public, max-age=604800
expires: Sat, 30 Mar 2024 12:40:42 GMT
last-modified: Mon, 17 Aug 2020 04:34:17 GMT
cf-cache-status: HIT
age: 465059
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZ8khCTMxWdZMt7iWTxgiXCuIY7TkCMYYHjIh1N2oXmwb75tB5HudkNadW5eMOnsE4Cn8CCx3ypnavQh%2BGgeukRdatMb5BWL%2BOjwsxMrqRvk0FAWc%2FPVAYvwcSzG5RAjTpvW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7caae02569b-OSL
alt-svc: h3=":443"; ma=86400

ablecolony.com/watch.540211825832.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=ace53f966c0f1cfcede4e9894d35a0fbc90c9f3a6491565c9b176170102ba7d1dcba8157abb682f34af1cc4f01a64e00f06dfa2c63f0f7cc93ae46d227c0d289e1ff066ba6c787824e3dc04a2f4a62d05087483e2f5c31255e59403049ff&tz=0&uuid=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73%3A3%3A1

172.240.108.84

200 OK

2.0 kB

URL GET HTTP/1.1
ablecolony.com/watch.540211825832.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=ace53f966c0f1cfcede4e9894d35a0fbc90c9f3a6491565c9b176170102ba7d1dcba8157abb682f34af1cc4f01a64e00f06dfa2c63f0f7cc93ae46d227c0d289e1ff066ba6c787824e3dc04a2f4a62d05087483e2f5c31255e59403049ff&tz=0&uuid=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JavaScript source, ASCII text, with very long lines (2520)
Size
2.0 kB (2030 bytes)
Hash
e9d569643f7f3d4b6ab4bc77ecc5154c
5e61341f31d422faa6b9e80551f15e787d1b4d98
e29831627a7566eff31930928c159231ac67408830e259f4f106df7926baeebe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.540211825832.js?dev=e&key=cc43d9e6e02d1d5141beb272805e2db1&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=ace53f966c0f1cfcede4e9894d35a0fbc90c9f3a6491565c9b176170102ba7d1dcba8157abb682f34af1cc4f01a64e00f06dfa2c63f0f7cc93ae46d227c0d289e1ff066ba6c787824e3dc04a2f4a62d05087483e2f5c31255e59403049ff&tz=0&uuid=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73%3A3%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17871235; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg3MTIzNSwiayI6ImNjNDNkOWU2ZTAyZDFkNTE0MWJlYjI3MjgwNWUyZGIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjUzODYsInBpZCI6MTA0NDc2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE4LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJpdmRjdnJ5a2EiLCJjcGtzIjp7IjI5IjoiYTkwNGQyNWNiYzBlNjVkMzdlNWNmNzllMmQwNTdjMWQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.L3EPYgyfH8t3RKnYJ9F5E9UdHP3qcNTUZDbHDSmwX28
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73:3:1; expires=Thu, 04 Apr 2024 21:51:41 GMT; secure; SameSite=None
iprc7989d7905e35f745e067e93e09b61610=4471850; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
uncs=1; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e6248bfa101cb585957e45fb96a999a4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ablecolony.com/watch.1016702164782.js?key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&tz=0&dev=e&res=14.2071&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1

192.243.61.225

307 Temporary Redirect

0 B

URL GET HTTP/1.1
ablecolony.com/watch.1016702164782.js?key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&tz=0&dev=e&res=14.2071&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1016702164782.js?key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&tz=0&dev=e&res=14.2071&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Location: https://ablecolony.com/watch.1016702164782.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=a249f0403c1bf73fe137e985441d0af8e7f102a24654f73b0c304287f65e2a65bbd87a3f426b8e43f9944bf515b468bfad71307831a98eabf3d8fb47eab6e12b039c3dfb1f476f6330e69d93f133f632db8bb90979267ee72fdf66e59c4607&tz=0&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1
Set-Cookie: u_pl=22061292; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; expires=Thu, 28 Mar 2024 21:52:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 12cb22c30ae112da757c8046efa55a00
Strict-Transport-Security: max-age=0; includeSubdomains

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

84 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
84 kB (83512 bytes)
Hash
924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 1fec11ff5c2e9898ba014ee3d8c6679f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 28 Mar 2024 21:51:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRLXxxbLYwkmF7gCst8o%2Fof%2B5H8SpqD0EbI00TdmMpgCUQtaDqXAWhzJ7xKZNosoDy1aG8MgnKv1Gm%2Blu9beeh6juS5cdRIZ7kzZRZ4Wck1SmQwi4XWleNnSAZZeGQK2T2cgy1V%2F76M26MfzPpUT6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7ca0db10b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ablecolony.com/watch.1016702164782.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=a249f0403c1bf73fe137e985441d0af8e7f102a24654f73b0c304287f65e2a65bbd87a3f426b8e43f9944bf515b468bfad71307831a98eabf3d8fb47eab6e12b039c3dfb1f476f6330e69d93f133f632db8bb90979267ee72fdf66e59c4607&tz=0&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1

172.240.108.84

200 OK

2.1 kB

URL GET HTTP/1.1
ablecolony.com/watch.1016702164782.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=a249f0403c1bf73fe137e985441d0af8e7f102a24654f73b0c304287f65e2a65bbd87a3f426b8e43f9944bf515b468bfad71307831a98eabf3d8fb47eab6e12b039c3dfb1f476f6330e69d93f133f632db8bb90979267ee72fdf66e59c4607&tz=0&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JavaScript source, ASCII text, with very long lines (2688)
Size
2.1 kB (2137 bytes)
Hash
3c68da840b87db1dad039b1febe05753
34ad779450cd6e061c855f142feb7ab141c74d47
b066adeb3976dec376bce6b03aa87855e0e6f0b5f1a046f9c4d5d2cad159caa7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1016702164782.js?dev=e&key=ab41dcc89a8f02e3ef0be2e1b079565a&kw=%5B%22adobe%22%2C%22after%22%2C%22effects%22%2C%22-%22%2C%22mac%22%2C%22torrents%22%5D&pst=1711662761&refer=https%3A%2F%2Fwww.macfiles.org%2Fcategory%2Fadobe%2Fadobe-after-effects%2F&res=14.2071&rmtc=t&shu=a249f0403c1bf73fe137e985441d0af8e7f102a24654f73b0c304287f65e2a65bbd87a3f426b8e43f9944bf515b468bfad71307831a98eabf3d8fb47eab6e12b039c3dfb1f476f6330e69d93f133f632db8bb90979267ee72fdf66e59c4607&tz=0&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22061292; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=a7ae3fda-75e2-4b1a-9732-e8ac2f1f9a73:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; expires=Thu, 04 Apr 2024 21:51:41 GMT; secure; SameSite=None
iprc802a8f09f721f4f03dac6865c91cc72e=3569806; expires=Fri, 29 Mar 2024 01:51:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
uncs=1; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 29 Mar 2024 21:51:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6b8d3534cd20ef716802667ec3f2a56
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.9

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:41 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sat, 30 Mar 2024 21:51:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a904d25cbc0e65d37e5cf79e2d057c1d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a904d25cbc0e65d37e5cf79e2d057c1d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a904d25cbc0e65d37e5cf79e2d057c1d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 28 Mar 2024 21:51:41 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c2f77a5e53d3d575cfa81b6db8de17bf
Strict-Transport-Security: max-age=0; includeSubdomains

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:42 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 12:01:57
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns61
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 2618d74f0e723e1a5daefc7a6a4ae665
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectsp-ao.shortpixel.ai
Fingerprint99:6C:0E:A5:42:E4:93:89:C4:87:7E:BA:54:2D:DE:9B:40:15:E8:C9
ValidityThu, 22 Feb 2024 14:09:44 GMT - Wed, 22 May 2024 14:09:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_150/https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 28 Mar 2024 21:51:42 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 03/28/2024 21:51:41
x-robots-tag: noindex
link: <https://www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png>; rel="canonical"
cdn-tag: 0; Domain: macfiles.org; 302
xtag-sp-ver: 2-ns62
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 328005c9a9cea92511f6ee65100a639a
cdn-cache: HIT
X-Firefox-Spdy: h2

www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png

172.67.189.25

200 OK

15 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 147, 8-bit/color RGBA, non-interlaced
Size
15 kB (15376 bytes)
Hash
f1f1693fe3c205d0bf08693c33808ea8
29231d53f9910fde114730d5abd65f2705652327
403adb552312e311d29baf18c8bd064b333d441ef9765b8e69f2d8c4ec7e7838

HTTP Headers

GET /wp-content/uploads/2020/09/Adobe-InDesign-2020-150x147.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:42 GMT
content-type: image/png
content-length: 15376
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:40 GMT
last-modified: Mon, 28 Sep 2020 10:37:41 GMT
cf-cache-status: HIT
age: 284942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35aVzvXthb7prLlOIhHnpAQZRLWBkxSal4zz%2B2f1UlckeKnmPALOSCPQ7c8MGxzXCieDHKcZS1oj5a%2BW%2Bng53wTxtxzaZ%2FC8wAagUCbkepNlre%2F1SxGaER0UyBP5JCK9oIKT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7d15c91569b-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png

172.67.189.25

200 OK

10 kB

URL GET HTTP/3
www.macfiles.org/wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
10 kB (10492 bytes)
Hash
616e1562ee835c642d84ef4677d394ea
acafe43972e52bfc753d7414206dfa1fad20f012
b51dd98cd7227cee93a673c4c026e27ecb2f3b56ad4633491ea0b6b0f23336ec

HTTP Headers

GET /wp-content/uploads/2020/08/Adobe-After-Effects-2020-150x150.png HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.macfiles.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:42 GMT
content-type: image/png
content-length: 10492
cache-control: public, max-age=604800
expires: Mon, 01 Apr 2024 14:42:40 GMT
last-modified: Mon, 17 Aug 2020 04:36:17 GMT
cf-cache-status: HIT
age: 284942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFksgb31AwZlYGvu4Q0qmKMSONIEpqxoKGdtlaSwUoHj4Wlwj0gPCnqgShBOIlc6E2%2F81IXJW7b%2FxHorkaYFI68biFyIvkJzm%2FvgDH41DgQiEYJJiHsDefSzII83X6lqRz1%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7d15c95569b-OSL
alt-svc: h3=":443"; ma=86400

www.macfiles.org/favicon.ico

172.67.189.25

404 Not Found

8.6 kB

URL GET HTTP/3
www.macfiles.org/favicon.ico
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
8.6 kB (8613 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-after-effects/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 28 Mar 2024 21:51:41 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kINP1192330AeXkiwsJfAEe%2FoTe6LoDDh%2FW8QnLfM1cBkqcvXi6vfb1yYOrxSRBvpS2opGi1TSLr6xRQghH0WqQZTZ0C%2BnJfXE39f7%2BUrWVO3ctonm2xxI5g0meoGvDrFm8W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7cbbee5569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ablecolony.com/sbar.json?key=a904d25cbc0e65d37e5cf79e2d057c1d&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1

192.243.61.225

200 OK

7.9 kB

URL GET HTTP/1.1
ablecolony.com/sbar.json?key=a904d25cbc0e65d37e5cf79e2d057c1d&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
JSON text data
Size
7.9 kB (7906 bytes)
Hash
787ea36edbdd9d08298925e0eaf43d91
0bf6278284e12f23074694fc776432eacb4ee400
7a4f442f6456f213050d6510c1e31baf33183289a8d0020bab3bfd76779b4826

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=a904d25cbc0e65d37e5cf79e2d057c1d&uuid=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.macfiles.org
Access-Control-Allow-Origin: https://www.macfiles.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22061292,18323798; expires=Fri, 29 Mar 2024 21:51:56 GMT; secure; SameSite=None
uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; expires=Thu, 04 Apr 2024 21:51:56 GMT; secure; SameSite=None
uncs=2; expires=Fri, 29 Mar 2024 21:51:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 29 Mar 2024 21:51:56 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 29 Mar 2024 21:51:56 GMT; secure; SameSite=None
sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]; expires=Thu, 28 Mar 2024 21:52:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d67e37fa961eea7904c95fba03b00b37
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ablecolony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RTS28cRRDuccyJAyKKxFvaA4cQYXtmdnfGS5AijDGKMElIeN1QT3ev3bh3eujHzsbiEBEpygmZnOA2%2B%2FnFI4rgBxChdSQkIiF5OfmAxQnEFaSc0WwsDHXoqvq%2Baumr6uobQ39IYnh6sPimXpdK0bn2bNg4%2FX4UnW0sy9wPGoP55IOkdbZh%2Bi91ktnwhcbrgq3puTiMwjAKo8aSNKKrB3M1CVnc7kSznXC2Fc9G7RYG5v%2B59VOwNADvH5KTkHw8fS84BclGyHvfLgq75nTx4ms9r6jTBn2%2B%2B06%2BlusyR%2B847JoA3Xz3qBra7i%2Fdhc63J3Kh%2B%2F8WZnJMgh%2FvIst3j0Qi629NdGYKIkfGH0XZH0GoESQdgenrkHyfAIzjwkXkvZ0L2pT06kOW1uyYTD%2F4G7Ick%2BlfTyHv3VlQctC4opV3UucWg24FORhBroxQ%2BD249QCy3ANzn0Dyn8ncg2Xkva2LVmlIfvB82kp5SnlrZl4wPtOirDXTaXZaM22RhIyKJm1m7cmApBxBdkdQ4taYLL58ZkySwaeg9gS8DeBlAN8N4IsAPX7QYFEUpSFnNJzvMNbkqcgSHkY07UY0CpN5eFZ3swFXbICpDTBzY6fgq26tv%2BWMF1s%2BZ3YYffkQipsTcKcG4%2BYw2n0Ityfodo22hxEKcw1r8rP99kkY%2FwPsagXLp2DdmARvfYQ%2Br1AKgtISlJSglASlIyj71TZXNrbVDlfWZ9GRj498s9rUbmVIt7VbETkBNRswvBoWh%2BTx%2BkGCJ754F2vioEE7YYvHbZaxUCRt3kxFm3XTjoh52E5ZxGFlBWmnQG2A9Xo5%2FvwJRe0%2FfxYZ3YNVe2DyJKh%2FDrSsQFcrrOd3nDZG5K5H2WwuHLiuULhpuKvBUB2SZyZLsfzXaQh2%2F9xvZGJgpkJhKnwo7xGsqJubl3VJti7r0pLvLhZO9uQ6rRfmiqNOnPj6DXG11IafX7QbX73CaqIOb78trFumOZf5iiXfLEjOhVnShgny%2FXn7nsguebu64E3ui%2BVLry6d7xVGWCt1PgKV%2Bwt1M2Py2NNPTX7CmT%2BehDQjGF%2Bh5%2B%2BTI4PUe2DFNdjiWL3VBEYd12RFgNJXmybOjkElCZQ4zmlWwf4nz47jTUPr21RWQ3sTK2YK1F1H3qvQNxX6qgJVG7D%2BxKYrzP1zvzQnhkxNbWbKTG1lyqhbkyHXxxlYedBIm82QJp12lKZUpFkrnu8mEac0biVxktAmnB13H%2Fn9438AAAD%2F%2FwEAAP%2F%2FX3PO3uMEAAA%3D

192.243.61.225

200 OK

7 B

URL GET HTTP/1.1
ablecolony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RTS28cRRDuccyJAyKKxFvaA4cQYXtmdnfGS5AijDGKMElIeN1QT3ev3bh3eujHzsbiEBEpygmZnOA2%2B%2FnFI4rgBxChdSQkIiF5OfmAxQnEFaSc0WwsDHXoqvq%2Baumr6uobQ39IYnh6sPimXpdK0bn2bNg4%2FX4UnW0sy9wPGoP55IOkdbZh%2Bi91ktnwhcbrgq3puTiMwjAKo8aSNKKrB3M1CVnc7kSznXC2Fc9G7RYG5v%2B59VOwNADvH5KTkHw8fS84BclGyHvfLgq75nTx4ms9r6jTBn2%2B%2B06%2BlusyR%2B847JoA3Xz3qBra7i%2Fdhc63J3Kh%2B%2F8WZnJMgh%2FvIst3j0Qi629NdGYKIkfGH0XZH0GoESQdgenrkHyfAIzjwkXkvZ0L2pT06kOW1uyYTD%2F4G7Ick%2BlfTyHv3VlQctC4opV3UucWg24FORhBroxQ%2BD249QCy3ANzn0Dyn8ncg2Xkva2LVmlIfvB82kp5SnlrZl4wPtOirDXTaXZaM22RhIyKJm1m7cmApBxBdkdQ4taYLL58ZkySwaeg9gS8DeBlAN8N4IsAPX7QYFEUpSFnNJzvMNbkqcgSHkY07UY0CpN5eFZ3swFXbICpDTBzY6fgq26tv%2BWMF1s%2BZ3YYffkQipsTcKcG4%2BYw2n0Ityfodo22hxEKcw1r8rP99kkY%2FwPsagXLp2DdmARvfYQ%2Br1AKgtISlJSglASlIyj71TZXNrbVDlfWZ9GRj498s9rUbmVIt7VbETkBNRswvBoWh%2BTx%2BkGCJ754F2vioEE7YYvHbZaxUCRt3kxFm3XTjoh52E5ZxGFlBWmnQG2A9Xo5%2FvwJRe0%2FfxYZ3YNVe2DyJKh%2FDrSsQFcrrOd3nDZG5K5H2WwuHLiuULhpuKvBUB2SZyZLsfzXaQh2%2F9xvZGJgpkJhKnwo7xGsqJubl3VJti7r0pLvLhZO9uQ6rRfmiqNOnPj6DXG11IafX7QbX73CaqIOb78trFumOZf5iiXfLEjOhVnShgny%2FXn7nsguebu64E3ui%2BVLry6d7xVGWCt1PgKV%2Bwt1M2Py2NNPTX7CmT%2BehDQjGF%2Bh5%2B%2BTI4PUe2DFNdjiWL3VBEYd12RFgNJXmybOjkElCZQ4zmlWwf4nz47jTUPr21RWQ3sTK2YK1F1H3qvQNxX6qgJVG7D%2BxKYrzP1zvzQnhkxNbWbKTG1lyqhbkyHXxxlYedBIm82QJp12lKZUpFkrnu8mEac0biVxktAmnB13H%2Fn9438AAAD%2F%2FwEAAP%2F%2FX3PO3uMEAAA%3D
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RTS28cRRDuccyJAyKKxFvaA4cQYXtmdnfGS5AijDGKMElIeN1QT3ev3bh3eujHzsbiEBEpygmZnOA2%2B%2FnFI4rgBxChdSQkIiF5OfmAxQnEFaSc0WwsDHXoqvq%2Baumr6uobQ39IYnh6sPimXpdK0bn2bNg4%2FX4UnW0sy9wPGoP55IOkdbZh%2Bi91ktnwhcbrgq3puTiMwjAKo8aSNKKrB3M1CVnc7kSznXC2Fc9G7RYG5v%2B59VOwNADvH5KTkHw8fS84BclGyHvfLgq75nTx4ms9r6jTBn2%2B%2B06%2BlusyR%2B847JoA3Xz3qBra7i%2Fdhc63J3Kh%2B%2F8WZnJMgh%2FvIst3j0Qi629NdGYKIkfGH0XZH0GoESQdgenrkHyfAIzjwkXkvZ0L2pT06kOW1uyYTD%2F4G7Ick%2BlfTyHv3VlQctC4opV3UucWg24FORhBroxQ%2BD249QCy3ANzn0Dyn8ncg2Xkva2LVmlIfvB82kp5SnlrZl4wPtOirDXTaXZaM22RhIyKJm1m7cmApBxBdkdQ4taYLL58ZkySwaeg9gS8DeBlAN8N4IsAPX7QYFEUpSFnNJzvMNbkqcgSHkY07UY0CpN5eFZ3swFXbICpDTBzY6fgq26tv%2BWMF1s%2BZ3YYffkQipsTcKcG4%2BYw2n0Ityfodo22hxEKcw1r8rP99kkY%2FwPsagXLp2DdmARvfYQ%2Br1AKgtISlJSglASlIyj71TZXNrbVDlfWZ9GRj498s9rUbmVIt7VbETkBNRswvBoWh%2BTx%2BkGCJ754F2vioEE7YYvHbZaxUCRt3kxFm3XTjoh52E5ZxGFlBWmnQG2A9Xo5%2FvwJRe0%2FfxYZ3YNVe2DyJKh%2FDrSsQFcrrOd3nDZG5K5H2WwuHLiuULhpuKvBUB2SZyZLsfzXaQh2%2F9xvZGJgpkJhKnwo7xGsqJubl3VJti7r0pLvLhZO9uQ6rRfmiqNOnPj6DXG11IafX7QbX73CaqIOb78trFumOZf5iiXfLEjOhVnShgny%2FXn7nsguebu64E3ui%2BVLry6d7xVGWCt1PgKV%2Bwt1M2Py2NNPTX7CmT%2BehDQjGF%2Bh5%2B%2BTI4PUe2DFNdjiWL3VBEYd12RFgNJXmybOjkElCZQ4zmlWwf4nz47jTUPr21RWQ3sTK2YK1F1H3qvQNxX6qgJVG7D%2BxKYrzP1zvzQnhkxNbWbKTG1lyqhbkyHXxxlYedBIm82QJp12lKZUpFkrnu8mEac0biVxktAmnB13H%2Fn9438AAAD%2F%2FwEAAP%2F%2FX3PO3uMEAAA%3D HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8dd6336a137f2d161d3f5a447a1e9357
Strict-Transport-Security: max-age=0; includeSubdomains

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F8e%2Fff%2F66%2F8eff6635b7ed4954a8b4e92629e58a35%2F1698745384.html&l=1495&fd=114

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F8e%2Fff%2F66%2F8eff6635b7ed4954a8b4e92629e58a35%2F1698745384.html&l=1495&fd=114
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F8e%2Fff%2F66%2F8eff6635b7ed4954a8b4e92629e58a35%2F1698745384.html&l=1495&fd=114 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.cloudimagesb.com/si/15/2b/31/152b314a0e0982e269df482b579f22b2/1706691989.png

45.133.44.9

200 OK

79 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/15/2b/31/152b314a0e0982e269df482b579f22b2/1706691989.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
79 kB (78559 bytes)
Hash
d16669d9977651eef47a07019fbbe491
9a34dbdd7bb3f70b908c8408923ba450cd17b0c9
f840af30a7130c50af7d42fcd84cd94d04e871d8f7bdf26118affb8f2019f67c

HTTP Headers

GET /si/15/2b/31/152b314a0e0982e269df482b579f22b2/1706691989.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:57 GMT
content-type: image/png
content-length: 78559
server: nginx/1.21.6
last-modified: Wed, 31 Jan 2024 09:06:38 GMT
etag: "65ba0d9e-132df"
expires: Sat, 30 Mar 2024 21:51:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fanimate.css&l=78689&fd=316

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fanimate.css&l=78689&fd=316
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fanimate.css&l=78689&fd=316 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:37:50 GMT
expires: Fri, 28 Mar 2025 17:37:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 15247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:32:46 GMT
expires: Fri, 28 Mar 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 69551
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:46:08 GMT
expires: Fri, 28 Mar 2025 17:46:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 14749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fstyle.css&l=5327&fd=330

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fstyle.css&l=5327&fd=330
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fcss%2Fstyle.css&l=5327&fd=330 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.barscreative1.com/sb/au/8e/ff/66/8eff6635b7ed4954a8b4e92629e58a35/1698745384.html

45.133.44.3

200 OK

1.6 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/8e/ff/66/8eff6635b7ed4954a8b4e92629e58a35/1698745384.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3
ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT

File type
gzip compressed data, from Unix
Size
1.6 kB (1642 bytes)
Hash
89ab8db100f128dbf88371e8b46f1d7c
40fb1e0a32a9a72e216f1270c21aeb4356ffd688
40ddc8655e70a5ff39e8261fc1cdd1a17eb2c7c8693328c6f8fcfd378aa52555

HTTP Headers

GET /sb/au/8e/ff/66/8eff6635b7ed4954a8b4e92629e58a35/1698745384.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:56 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 31 Oct 2023 09:43:09 GMT
etag: W/"6540cc2d-5d7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 28 Mar 2024 22:51:56 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/style.css

172.64.161.4

200 OK

1.4 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/style.css
IP
172.64.161.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
ASCII text
Size
1.4 kB (1396 bytes)
Hash
c1ba26c5d5aeee6feba13f9253a66396
2ef869fb563e89f964da9532d1811ad2048ecc00
ceef88fed1e8d5e933b022877eee627f6bcd3be66a6bbab443ca253b8de49940

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:57 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-14cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvXRjj5ASwzo3PL4mYzzMSOxKCaOUVC4AUhTZSXA%2FPmCjiEA%2B5nMhQVUg2SmPy3IrdX8eotQz0WqKhIlm6N9X9VbVFVRvsOZrcfxppB8GkwSCm9Q8%2Bc7UIAxigGKEiPtqda8lY0wat7B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad82d1e3cbc9d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fjs%2Fscript.js&l=1144&fd=251

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fjs%2Fscript.js&l=1144&fd=251
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fmessage_redcircle%2F1%2Fjs%2Fscript.js&l=1144&fd=251 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ablecolony.com/pixel/sbs?c=1

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/pixel/sbs?c=1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.macfiles.org/wp-content/themes/lightly/fonts/fontawesome-webfont.woff2?v=4.6.3

172.67.189.25

200 OK

72 kB

URL GET HTTP/3
www.macfiles.org/wp-content/themes/lightly/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

HTTP Headers

GET /wp-content/themes/lightly/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/wp-content/cache/autoptimize/css/autoptimize_ea41aa15be79aeb4f11d6294c6075823.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:39 GMT
content-type: font/woff2
content-length: 71896
cache-control: public, max-age=604800
expires: Wed, 03 Apr 2024 11:15:40 GMT
last-modified: Thu, 23 May 2019 00:25:50 GMT
cf-cache-status: HIT
age: 124559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HWzN2MimKhLM8VlbWBXKUdKi9NVAOTJlgC%2FSmVtQ9CBMHPC2Myu5x4ljqidFEAO%2FbA8ABLw%2BxN0Pwbh%2FxHDRtQ2Hiclu5Mrq8OD9FWo4%2FWUbQj0gdvzFfixI4TKXZL%2Btdfr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad7c21c71569b-OSL
alt-svc: h3=":443"; ma=86400

cdn.cloudimagesb.com/cti/94/aa/09/94aa09b91a894fc0cedf40ac5d66e99b/1711621599.jpg

45.133.44.9

200 OK

56 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/94/aa/09/94aa09b91a894fc0cedf40ac5d66e99b/1711621599.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 728x90, components 3
Size
56 kB (56390 bytes)
Hash
7ff2f74f6785665152addbfcb0701dfe
1a341a2611fca540579f151e5b35c6719c4679cb
44009fdc87583404b2a7a687bfe7c0efbc99e094238f0ef4f540f0d9377ed3fb

HTTP Headers

GET /cti/94/aa/09/94aa09b91a894fc0cedf40ac5d66e99b/1711621599.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:41 GMT
content-type: image/jpeg
content-length: 56390
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:26:47 GMT
etag: "660545e7-dc46"
expires: Sat, 30 Mar 2024 21:51:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

142.250.74.74

200 OK

12 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
ASCII text
Size
12 kB (11685 bytes)
Hash
699943ff7d76537f564620e8254074fa
6d31accf3b47879026de42fd5ea9b7a2f46908b6
59031fbe9c55f4bb1626065b56161ab7bdd3ae68912586f6f0e9735cc4badb64

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 21:51:57 GMT
date: Thu, 28 Mar 2024 21:51:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.macfiles.org/category/adobe/adobe-after-effects/

172.67.189.25

200 OK

93 kB

URL User Request GET HTTP/2
www.macfiles.org/category/adobe/adobe-after-effects/
IP
172.67.189.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type
HTML document, ASCII text, with very long lines (10735)
Size
93 kB (93135 bytes)
Hash
a2b6aeaa39c4213d9d971cbf180e07bd
0c3822d5cc913e0f75537846f7fb951dd53a1b2c
d9e3917e47237dd217b60dd330597afb53829031ba3e4ce7c3118fdd3ad45b6d

HTTP Headers

GET /category/adobe/adobe-after-effects/ HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
last-modified: Thu, 28 Mar 2024 21:51:19 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pw4rvaGOQrs2RmOwMV39QQK4lAda5nm%2B7%2BOEgg0K6MfUcS3TSwj7bWchpv6vxVI2Bo5l%2B0gYFw%2B6HL7kw0%2BBo7H4e%2BBQIkz5%2FtgYL4WDg28chlHIptWUnxCMnOGyvinlaY05"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bad7bf6843712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.macfiles.org/category/adobe/adobe-after-effects/page/2/

0.0.0.0

0 B

URL GET
www.macfiles.org/category/adobe/adobe-after-effects/page/2/
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectmacfiles.org
Fingerprint05:B6:91:19:E8:3B:D4:01:2C:69:02:50:FC:D3:89:ED:19:1B:D3:49
ValidityThu, 14 Mar 2024 13:45:41 GMT - Wed, 12 Jun 2024 13:45:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /category/adobe/adobe-after-effects/page/2/ HTTP/1.1
Host: www.macfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/category/adobe/adobe-after-effects/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5%3A3%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js

172.64.161.4

200 OK

90 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js
IP
172.64.161.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89492 bytes)
Hash
561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:57 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3747133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkKs3Zmcj0D53%2Fo%2B59cHjMncbGqLSEYhs6tUpROpwXIcjnS1qj%2Ff8VgszQ1%2FgTLynb%2BMWuXomR265c7uju1RzbC%2BBWnx6sesotrMK56zWhqoCfKnw6SLCjqeE7CNMGo1LIHx0D4drthB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad82d7eabbc9d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/animate.css

172.64.161.4

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/css/animate.css
IP
172.64.161.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
ASCII text
Size
79 kB (78689 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:57 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N44d6bcg4ibWqEo%2BTgfD3sEfKckDz8%2BSPLmi1v8lloq0J4MJft7LQEwKyJWdiAAt9nOsGYunMc65LnvcRcB2ApAzmuh%2BQl8KnOh8bwP%2F0OS3%2BOrekX%2Bog4KXyebddeOr3n%2BweXYDU1hJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad82d1e39bc9d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/close.svg

172.64.161.4

200 OK

1.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/close.svg
IP
172.64.161.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
5ff33e884803785a8002a2aa5fa03b0e
a04406f2592e23e648bee499477f823da0c48362
6ba65121162b5b03e75501501ddaa928f73be8d1fe81c032a4879561de63ff58

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:57 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 520119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=st7Kzp8ZMCHQbGswscO79ENPf3XU1W2Dn5TWfKQGno4u00oe1TkcOHr0k%2Bnrl1AHV1XrS%2FwNigkr3xaf3QwHpWB5F%2FdXtk%2BVbFFbFADTNslh7nEFijxdO4OoQ9MXnbLqqnh88Q%2BC58QQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad82d6e99bc9d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/script.js

172.64.161.4

200 OK

1.1 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/js/script.js
IP
172.64.161.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
ASCII text, with very long lines (1206), with no line terminators
Size
1.1 kB (1144 bytes)
Hash
2c0038bc0b2d7ceb4556b4afb29397f4
134baba1705d1a938adc3eec488931e623d85358
2721da98a99444e20ee6eefc2d9ce4edbbe5d1492495de726350d9f12f2e520a

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:57 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: W/"65aa8501-478"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DSox6Yd186anytBuOflkle84bcjQ2snrbBhnkEppoyNRMrrkyTp3dDUry9KIUzGZHXxJUk1TlFjf6ZkPFgGVp2VPVSmwjcGdV86n8jVflg%2BHse1cGlQ07gvmt2YYL5nJJwbizK8P1T70"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad82e4f9abc9d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macfiles.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:21:46 GMT
expires: Fri, 28 Mar 2025 17:21:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 16193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/number.png

172.64.161.4

200 OK

1.1 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/ssp/interstitial/message_redcircle/1/img/number.png
IP
172.64.161.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22
ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1138 bytes)
Hash
9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

HTTP Headers

GET /sb/ssp/interstitial/message_redcircle/1/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Mar 2024 21:51:57 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: "65aa8501-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 531801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4cGceag8kdQmdAX61Vj2bOgNgeEJA8IhcWTRkQhZqO0vOl7K%2F2jzrQw5O%2F6A5kZnyfuc%2FBsXzO%2FDl7z%2BDKgRwKlB5sQgSswJCHZ1VdASK%2FH5zEHwVaAPyvIY1YKpcpNR680qBlqM%2Bwr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bad8300b4493e9-LHR
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

104.18.11.207

200 OK

29 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (28900)
Size
29 kB (29063 bytes)
Hash
4083f5d376eb849a458cc790b53ba080
fb5b49426dee7f1508500e698d1b3c6b04c8fcce
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

HTTP Headers

GET /font-awesome/4.6.3/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 21:51:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4083f5d376eb849a458cc790b53ba080"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/11/2022 02:14:14
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 601a9a422917d5011204b75b2a4627c5
cdn-cache: HIT
cf-cache-status: HIT
age: 11029226
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86bad7c12b6e5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ablecolony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RTS28cRRDuccyJAyKKxFvaA4cQYXtmd2fXS5AijDGKMElIeN1QT3eP3bhneujHzsbiEBEpygmZnOA2%2B%2FnFI4rgBxChdSQkIiF5OfmAxQnEFaSc0WwsDHXoqvq%2Baumr6uobQ39ImvD0YPFNvS6VonPxbNg4%2FX4UnW0sy9wPGoP5zged9tmG6b%2FU68yGLzReF2xNzzXDKAyjMGosSSNSPZirScjidi%2Ba7YWz7eZsFLcxMP%2FPrZ%2BCpQF4%2F5CchOTj6XvBKUg2Qp59uyjsmtPFi69lXlGnDfp89518Lddljuw4TE2ANN89qoa2%2B0t3ofPtiVzo%2Fr%2BFiRyT4Me7SPLdI5FI%2BlsTnYmCyJHwR1H2RxBqBElHYPo6JN8nAOO4cBF5tnNBm5JefcjSmh2T6Qd%2FQ5ZjMv3rKeTZnQUlB40rWnkndW4xSCvIwQhyZYTC78GtB5DlHpj7BJL%2FTOYeLCPPti5apSH5wfPddpd3KW%2FPzAvGZ9qUtWd6rV57JhadkFHRoq0kngxIyhFkOoISt8Zk8eUzY9IZfApqT8DbAF4G8GkAXwTI%2BEGDRVHUDTmj4XyPsRbviqTDw4h204hGYWcentXdbMAVG2BqA8zc2Cn4qlvrbznjxZbPmR1GXz6Emq0JuFODzdYw2n0IxxN0u0bjYYTCXMOa%2FGw%2FPgnjf4BdrWD5FKwbk%2BCtj9DnFUpBUFqCkhKUkqB0BGW%2F2ubKNm21w5X1SXTkm0e%2BVW1qtzKk29qtiJyAmg0YXg2LQ%2FJ4%2FSDBE1%2B8izVx0KC9sM2bMUtYKDoxb3VFzNJuTzR5GHdZxGFlBWmnQG2A9Xo5%2FvwJRe0%2FfxYJ3YNVe2DyJKh%2FDrSsQFcrrOd3nDZG5C6jbDYXDlxXKNw03NVgqA7JM5OlWP7rNAS7f%2B43MjEwU6EwFT6U9whW1M3Ny7okW5d1acl3FwsnM7lO64W54qgTJ75%2BQ1wtteHnF%2B3GV6%2BwmqjD228L65ZpzmW%2BYsk3C5JzYZa0YYJ8f96%2BJ5JL3q4ueJP7YvnSq0vns8IIa6XOR6Byf6FuZkwee%2FqpyU8488eTkGYE4ytk%2Fj45Mki9B1Zcgy2O1VtNYNRxTVIEKH21aZrJMagkgRLHOU0q2P%2FkyXG8aWh9m8pqaG9ixUyBuuvIswp9U6GvKlC1AetPbLrC3D%2F3S2tiSNTUZqLM1FaijLo1GXJ9nIGVB41WyLuJSEU3Ee24nQrGkzhOQpaypMXn5xmcHaeP%2FP7xPwAAAP%2F%2FAQAA%2F%2F%2Ffpxs24wQAAA%3D%3D

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
ablecolony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RTS28cRRDuccyJAyKKxFvaA4cQYXtmd2fXS5AijDGKMElIeN1QT3eP3bhneujHzsbiEBEpygmZnOA2%2B%2FnFI4rgBxChdSQkIiF5OfmAxQnEFaSc0WwsDHXoqvq%2Baumr6uobQ39ImvD0YPFNvS6VonPxbNg4%2FX4UnW0sy9wPGoP5zged9tmG6b%2FU68yGLzReF2xNzzXDKAyjMGosSSNSPZirScjidi%2Ba7YWz7eZsFLcxMP%2FPrZ%2BCpQF4%2F5CchOTj6XvBKUg2Qp59uyjsmtPFi69lXlGnDfp89518Lddljuw4TE2ANN89qoa2%2B0t3ofPtiVzo%2Fr%2BFiRyT4Me7SPLdI5FI%2BlsTnYmCyJHwR1H2RxBqBElHYPo6JN8nAOO4cBF5tnNBm5JefcjSmh2T6Qd%2FQ5ZjMv3rKeTZnQUlB40rWnkndW4xSCvIwQhyZYTC78GtB5DlHpj7BJL%2FTOYeLCPPti5apSH5wfPddpd3KW%2FPzAvGZ9qUtWd6rV57JhadkFHRoq0kngxIyhFkOoISt8Zk8eUzY9IZfApqT8DbAF4G8GkAXwTI%2BEGDRVHUDTmj4XyPsRbviqTDw4h204hGYWcentXdbMAVG2BqA8zc2Cn4qlvrbznjxZbPmR1GXz6Emq0JuFODzdYw2n0IxxN0u0bjYYTCXMOa%2FGw%2FPgnjf4BdrWD5FKwbk%2BCtj9DnFUpBUFqCkhKUkqB0BGW%2F2ubKNm21w5X1SXTkm0e%2BVW1qtzKk29qtiJyAmg0YXg2LQ%2FJ4%2FSDBE1%2B8izVx0KC9sM2bMUtYKDoxb3VFzNJuTzR5GHdZxGFlBWmnQG2A9Xo5%2FvwJRe0%2FfxYJ3YNVe2DyJKh%2FDrSsQFcrrOd3nDZG5C6jbDYXDlxXKNw03NVgqA7JM5OlWP7rNAS7f%2B43MjEwU6EwFT6U9whW1M3Ny7okW5d1acl3FwsnM7lO64W54qgTJ75%2BQ1wtteHnF%2B3GV6%2BwmqjD228L65ZpzmW%2BYsk3C5JzYZa0YYJ8f96%2BJ5JL3q4ueJP7YvnSq0vns8IIa6XOR6Byf6FuZkwee%2FqpyU8488eTkGYE4ytk%2Fj45Mki9B1Zcgy2O1VtNYNRxTVIEKH21aZrJMagkgRLHOU0q2P%2FkyXG8aWh9m8pqaG9ixUyBuuvIswp9U6GvKlC1AetPbLrC3D%2F3S2tiSNTUZqLM1FaijLo1GXJ9nIGVB41WyLuJSEU3Ee24nQrGkzhOQpaypMXn5xmcHaeP%2FP7xPwAAAP%2F%2FAQAA%2F%2F%2Ffpxs24wQAAA%3D%3D
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.macfiles.org/category/adobe/adobe-after-effects/
Certificate
IssuerLet's Encrypt
Subjectablecolony.com
Fingerprint72:52:48:30:ED:69:2D:E0:F6:1F:B2:28:46:E6:BF:09:21:CB:DD:D1
ValiditySun, 24 Mar 2024 10:22:04 GMT - Sat, 22 Jun 2024 10:22:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RTS28cRRDuccyJAyKKxFvaA4cQYXtmd2fXS5AijDGKMElIeN1QT3eP3bhneujHzsbiEBEpygmZnOA2%2B%2FnFI4rgBxChdSQkIiF5OfmAxQnEFaSc0WwsDHXoqvq%2Baumr6uobQ39ImvD0YPFNvS6VonPxbNg4%2FX4UnW0sy9wPGoP5zged9tmG6b%2FU68yGLzReF2xNzzXDKAyjMGosSSNSPZirScjidi%2Ba7YWz7eZsFLcxMP%2FPrZ%2BCpQF4%2F5CchOTj6XvBKUg2Qp59uyjsmtPFi69lXlGnDfp89518Lddljuw4TE2ANN89qoa2%2B0t3ofPtiVzo%2Fr%2BFiRyT4Me7SPLdI5FI%2BlsTnYmCyJHwR1H2RxBqBElHYPo6JN8nAOO4cBF5tnNBm5JefcjSmh2T6Qd%2FQ5ZjMv3rKeTZnQUlB40rWnkndW4xSCvIwQhyZYTC78GtB5DlHpj7BJL%2FTOYeLCPPti5apSH5wfPddpd3KW%2FPzAvGZ9qUtWd6rV57JhadkFHRoq0kngxIyhFkOoISt8Zk8eUzY9IZfApqT8DbAF4G8GkAXwTI%2BEGDRVHUDTmj4XyPsRbviqTDw4h204hGYWcentXdbMAVG2BqA8zc2Cn4qlvrbznjxZbPmR1GXz6Emq0JuFODzdYw2n0IxxN0u0bjYYTCXMOa%2FGw%2FPgnjf4BdrWD5FKwbk%2BCtj9DnFUpBUFqCkhKUkqB0BGW%2F2ubKNm21w5X1SXTkm0e%2BVW1qtzKk29qtiJyAmg0YXg2LQ%2FJ4%2FSDBE1%2B8izVx0KC9sM2bMUtYKDoxb3VFzNJuTzR5GHdZxGFlBWmnQG2A9Xo5%2FvwJRe0%2FfxYJ3YNVe2DyJKh%2FDrSsQFcrrOd3nDZG5C6jbDYXDlxXKNw03NVgqA7JM5OlWP7rNAS7f%2B43MjEwU6EwFT6U9whW1M3Ny7okW5d1acl3FwsnM7lO64W54qgTJ75%2BQ1wtteHnF%2B3GV6%2BwmqjD228L65ZpzmW%2BYsk3C5JzYZa0YYJ8f96%2BJ5JL3q4ueJP7YvnSq0vns8IIa6XOR6Byf6FuZkwee%2FqpyU8488eTkGYE4ytk%2Fj45Mki9B1Zcgy2O1VtNYNRxTVIEKH21aZrJMagkgRLHOU0q2P%2FkyXG8aWh9m8pqaG9ixUyBuuvIswp9U6GvKlC1AetPbLrC3D%2F3S2tiSNTUZqLM1FaijLo1GXJ9nIGVB41WyLuJSEU3Ee24nQrGkzhOQpaypMXn5xmcHaeP%2FP7xPwAAAP%2F%2FAQAA%2F%2F%2Ffpxs24wQAAA%3D%3D HTTP/1.1
Host: ablecolony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macfiles.org/
Cookie: u_pl=22061292,18323798; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjA2MTI5MiwiayI6ImFiNDFkY2M4OWE4ZjAyZTNlZjBiZTJlMWIwNzk1NjVhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNDU0NDc3LCJwaWQiOjEwNDQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJua2h0dzZyMHJ5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm1hY2ZpbGVzLm9yZy9jYXRlZ29yeS9hZG9iZS9hZG9iZS1hZnRlci1lZmZlY3RzLyIsImFyIjpbXX19.F5L9BTJYkvU1f7U2_bxmzVYGS5ge1n2LLjk-mBYOe6E; uid_id2=747d7ad4-8ecd-4ac4-9394-5e60cae3a3b5:3:1; iprc7989d7905e35f745e067e93e09b61610=4471850; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; iprc802a8f09f721f4f03dac6865c91cc72e=3569806; pdhtkv5=true; uncs5=1; pdhtkv29=true; uncs29=1; sleca904d25cbc0e65d37e5cf79e2d057c1d=[5042728,5042730]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 28 Mar 2024 21:51:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de0e94e89bc1c8bfa3fb040e38ed0503
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash