IP104.18.14.101:0
Hash634821758833625857c13bb16934fc2e 67b4a01580e62f774e7bc237bcad7bcdf6ab86b5 f61c79e94b9a45eb9b36e184894fedea51861b7a57cfbeaea7c809e1c7dbd3a8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 02:59:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 00:32:26 GMT
Expires: Sun, 04 Jun 2023 00:32:25 GMT
Etag: "67b4a01580e62f774e7bc237bcad7bcdf6ab86b5"
Cache-Control: max-age=595559,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ce33da61ff9b518-OSL
|
IP104.18.15.101:0
Hash634821758833625857c13bb16934fc2e 67b4a01580e62f774e7bc237bcad7bcdf6ab86b5 f61c79e94b9a45eb9b36e184894fedea51861b7a57cfbeaea7c809e1c7dbd3a8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 28 May 2023 02:59:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 00:32:26 GMT
Expires: Sun, 04 Jun 2023 00:32:25 GMT
Etag: "67b4a01580e62f774e7bc237bcad7bcdf6ab86b5"
Cache-Control: max-age=596233,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ce33da8be91b505-OSL
|
| cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com/ugd/cff66d_dbeb9a17fa7043b8baf3001e555e14b0.txt | 34.102.176.152 | 200 OK | 4.7 MB |
URL User Request GET HTTP/2cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com/ugd/cff66d_dbeb9a17fa7043b8baf3001e555e14b0.txt IP34.102.176.152:443
CertificateIssuerSectigo Limited Subject*.usrfiles.com FingerprintA4:13:5D:EA:AC:2A:0C:0F:5B:A1:EA:A5:61:47:45:B1:E4:B3:D3:78 ValiditySat, 25 Feb 2023 00:00:00 GMT - Thu, 24 Aug 2023 23:59:59 GMT
File typeASCII text, with very long lines (65413), with CRLF line terminators Size4.7 MB (4696730 bytes) Hash29aacbf74c055bc85799313d61efce84 e4a56ca7bf0d73f44d50903588929207172a1ebe 76889175d3645caed745a0b1147977b5e994d4e5e8ef64812ddcb1498c13a5cc
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /ugd/cff66d_dbeb9a17fa7043b8baf3001e555e14b0.txt HTTP/1.1
Host: cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 28 May 2023 02:59:18 GMT
content-type: text/plain
content-length: 4696730
expires: Sun, 28 May 2023 03:59:18 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Tue, 23 May 2023 02:12:46 GMT
etag: "29aacbf74c055bc85799313d61efce84"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-84588bb8-j8pf8
x-robots-tag: noindex, nofollow
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com/favicon.ico | 34.102.176.152 | 403 Forbidden | 9 B |
URL GET HTTP/3cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com/favicon.ico IP34.102.176.152:443
Requested byhttps://cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com/ugd/cff66d_dbeb9a17fa7043b8baf3001e555e14b0.txt CertificateIssuerSectigo Limited Subject*.usrfiles.com FingerprintA4:13:5D:EA:AC:2A:0C:0F:5B:A1:EA:A5:61:47:45:B1:E4:B3:D3:78 ValiditySat, 25 Feb 2023 00:00:00 GMT - Thu, 24 Aug 2023 23:59:59 GMT
File typeASCII text, with no line terminators Hash722969577a96ca3953e84e3d949dee81 3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /favicon.ico HTTP/1.1
Host: cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cff66d08-d3f8-42db-911c-ce670399a441.usrfiles.com/ugd/cff66d_dbeb9a17fa7043b8baf3001e555e14b0.txt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
server: openresty/1.21.4.1
date: Sun, 28 May 2023 02:59:19 GMT
content-type: text/plain
content-length: 9
access-control-allow-origin: *
cache-control: no-cache, private, must-revalidate, proxy-revalidate, no-store
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-84588bb8-bn2wp
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|